Apple Abandoned Encrypted iCloud Backups After FBI Intervened

Apple Abandoned Encrypted iCloud Backups After FBI Intervened

Apple famously tussled with the FBI in 2016 when the agency demanded access to a locked iPhone belonging to the San Bernardino gunman. The FBI dropped its case after finding a company that could crack the device, so Apple was never forced to break its own device encryption. According to a new report, Apple dropped plans that would have made user data even more secure by encrypting backups. It made this course change after the FBI quietly expressed concern that it could harm investigations.

Apple talks about user privacy and security quite often — it was the first major smartphone vendor to implement full device encryption by default. Google followed suit about a year later, requiring all Android OEMs to encrypt phone storage. The FBI publicly chastised the companies for this move, and the disagreement came to a head during the 2016 court battle.

After the dust settled from Apple’s public spat with the Bureau, engineers began working on a project codenamed Plesio or KeyDrop. Apple’s phones periodically conduct full device backups, storing the data in iCloud. Unlike the physical device, Apple holds encryption keys to this data. If ordered by courts, it can decrypt and provide copies of those backups to law enforcement. In the first half of last year, Apple provided law enforcement with iCloud backups from some 6,000 accounts.

The FBI reportedly got wind of Apple’s plans in 2018, and the Bureau’s Cyber Crime division became involved. Agents told Apple that implementing end-to-end encryption on device backups would deny the FBI an important investigative tool. While it’s sometimes possible to unlock iPhones recovered during an investigation, agents can get court orders to search iCloud backups without the target knowing.

Apple Abandoned Encrypted iCloud Backups After FBI Intervened

Reuters spoke with six different sources inside Apple and the FBI to confirm this story. They all agree that Apple dropped the plan to encrypt iCloud backups shortly after the FBI objected. No one could say for sure what rationale Apple leadership used to justify the change, but several sources say Apple was convinced by the FBI’s arguments that backups provided pivotal evidence in thousands of investigations. A few also suggest Apple didn’t want to “poke the bear” so soon after the 2016 court battle.

Apple has refused to comment on the Reuter’s report. Interestingly, Google followed through with a similar plan to encrypt backups with the user’s lock screen password. Google can’t access it, and neither can law enforcement. There’s no word whether the FBI attempted to stop Google from doing so.

Continue reading

Even Backup Storage Provider Backblaze Can’t Make Money Farming Chia
Even Backup Storage Provider Backblaze Can’t Make Money Farming Chia

Backblaze has investigated whether it could make money mining Chia with its spare capacity. The company doesn't think its own odds are very good.

Nintendo Switch Hacked to Run Linux, So Can We Get Save Game Backups Now?
Nintendo Switch Hacked to Run Linux, So Can We Get Save Game Backups Now?

The Nintendo Switch has been hacked and is capable of booting Linux in a new cold-boot exploit. Will Nintendo finally relent on user saved games — or lock things down that much tighter?

It’s World Backup Day: Here’s How the  Staff Stays Backed Up
It’s World Backup Day: Here’s How the Staff Stays Backed Up

World Backup Day is a chance to check on your existing backups and make new ones if you've got important files on the edge of oblivion. To offer a little inspiration, here's how we at keep our files safe.

Hacker Needed Just 2 Weeks to Add Save Backups to Nintendo Switch
Hacker Needed Just 2 Weeks to Add Save Backups to Nintendo Switch

Game backups are important on all platforms. After all, once you've spent 100 hours exploring an in-game world, losing your progress because of a hardware failure could be heartbreaking. The situation is even more dire with the Switch.