There would be two major downsides if Apple made iCloud literally impossible to hack
Getty Images/Kevork Djansezian
From the Financial Times:
Apple is working on new ways to strengthen the encryption of customers' iCloud backups in a way that would make it impossible for the company to comply with valid requests for data from law enforcement, according to people familiar with its plans.
What Apple is expected to do is to move to a "zero-knowledge" cloud system. Its iMessage is one example of such a system. Apple never sees the content of your blue bubbles - the data Apple transfers is always encrypted in transit, and only decrypted on the user's device.
Ostensibly, the move to make iCloud's encryption stronger is a response to the recent battle between Apple and the FBI. A zero-knowledge system means that Apple knows nothing about the data stored on its servers, and therefore, wouldn't be able to help out law enforcement, even for valid requests.
(Apple has received and filled hundreds of valid iCloud requests from law enforcement.)
There are two major downsides to a fully encrypted iCloud from a user's perspective.
First, true zero-knowledge iCloud would likely mean that Apple could not reset users' passwords. So if somebody loses his or her password, it's possible that important data such as documents, photos, and messages would be lost forever.
For example, earlier this year, a Canadian woman called it "ridiculous nonsense" that Apple wouldn't give her late husband's Apple ID password to her without a court order.
If Apple said that it couldn't fill that request at all, that could seriously ding the company's reputation for being user-friendly.
Google, for example, scours photos uploaded to the its servers for data to feed its machine-learning technology. This allows users to search for concepts like "cat" or "beach" and Google Photos can return images that depict those things.
Because a zero-knowledge infrastructure would prevent Apple from analyzing uploaded photos, a feature like that wouldn't be possible - or would be significantly harder - with a fully encrypted iCloud.
Apple's machine-learning abilities are behind Google and Microsoft for now, but software that learns will only become more important going forward.
That, of course, assumes Apple even wants to do that. CEO Tim Cook has signaled that Apple considers its stance on privacy to be a feature, not a bug.
Pablo Blazquez Dominguez/Getty Images
Pablo Blazquez Dominguez/Getty Images
A zero-knowledge iCloud could still be great for iPhone users even if they're not worried about federal criminal investigations.
For Apple, it's a move that could make iCloud a more attractive service to privacy-minded consumers, and will help Apple take on Google, Microsoft, Amazon, and the other technology giants who currently dominate online services.
If iCloud were fully encrypted, the service would have a clear identity that it previously lacked. Cloud services like Google Drive, Dropbox, and Microsoft's OneDrive are not encrypted and probably will never be, given the way those firms monetize their cloud storage.
While online services may not be Apple's strong suit, in recent years, designing systems with maximum security has become a strength. iMessage, for example, reliably delivers as many as 200,000 messages per second, and it's seriously secure, too.
Ultimately, one outcome might be that Apple could decide not to port its services to competing platforms, as has been suggested. The company's approach to digital security involves cryptographic keys built into the physical devices that Apple designs, so, say, moving iMessage to Android or the web while keeping cryptographic standards may be a significant challenge.
- A Google employee of 11 years says he and his wife stared at each other in 'disbelief' when they realized they'd both been laid off by the company
- A Google engineer of 8 years says his 'spidey-senses' detected incoming layoffs — and felt 'isolated' when his 'faceless' severance email arrived
- 6 signs that you're in a one-sided relationship and how to find balance
- Rajinikanth issues public notice on infringement of rights, warns legal action
- Govt likely to float global tender for HPV vaccine in April; Merck, Serum Institute may participate
- Finance Ministry to stick to privatisation of already announced CPSEs next fiscal
- 70-plus Indian startups show exit door to 21K techies, more pink slips coming
- Steps taken in subsidence-hit Joshimath inadequate, declare Himalayas eco-sensitive zone, say experts