Apple Abandoned Encrypted iCloud Backups After FBI Intervened

Apple Abandoned Encrypted iCloud Backups After FBI Intervened

Apple famously tussled with the FBI in 2016 when the agency demanded access to a locked iPhone belonging to the San Bernardino gunman. The FBI dropped its case after finding a company that could crack the device, so Apple was never forced to break its own device encryption. According to a new report, Apple dropped plans that would have made user data even more secure by encrypting backups. It made this course change after the FBI quietly expressed concern that it could harm investigations.

Apple talks about user privacy and security quite often — it was the first major smartphone vendor to implement full device encryption by default. Google followed suit about a year later, requiring all Android OEMs to encrypt phone storage. The FBI publicly chastised the companies for this move, and the disagreement came to a head during the 2016 court battle.

After the dust settled from Apple’s public spat with the Bureau, engineers began working on a project codenamed Plesio or KeyDrop. Apple’s phones periodically conduct full device backups, storing the data in iCloud. Unlike the physical device, Apple holds encryption keys to this data. If ordered by courts, it can decrypt and provide copies of those backups to law enforcement. In the first half of last year, Apple provided law enforcement with iCloud backups from some 6,000 accounts.

The FBI reportedly got wind of Apple’s plans in 2018, and the Bureau’s Cyber Crime division became involved. Agents told Apple that implementing end-to-end encryption on device backups would deny the FBI an important investigative tool. While it’s sometimes possible to unlock iPhones recovered during an investigation, agents can get court orders to search iCloud backups without the target knowing.

Apple Abandoned Encrypted iCloud Backups After FBI Intervened

Reuters spoke with six different sources inside Apple and the FBI to confirm this story. They all agree that Apple dropped the plan to encrypt iCloud backups shortly after the FBI objected. No one could say for sure what rationale Apple leadership used to justify the change, but several sources say Apple was convinced by the FBI’s arguments that backups provided pivotal evidence in thousands of investigations. A few also suggest Apple didn’t want to “poke the bear” so soon after the 2016 court battle.

Apple has refused to comment on the Reuter’s report. Interestingly, Google followed through with a similar plan to encrypt backups with the user’s lock screen password. Google can’t access it, and neither can law enforcement. There’s no word whether the FBI attempted to stop Google from doing so.

Continue reading

SpaceX Encrypts Falcon 9 Telemetry After Amateur Radio Operators Download Data
SpaceX Encrypts Falcon 9 Telemetry After Amateur Radio Operators Download Data

It all started a few weeks ago when several Redditors managed to lock onto the 2232.5 MHz telemetry downlink from a Falcon 9 upper stage.

SpaceX Unveils Starshield, an Encrypted Starlink Service for Governments
SpaceX Unveils Starshield, an Encrypted Starlink Service for Governments

SpaceX says Starshield will offer communication, hosted payloads, and Earth observations to government customers.

Google to Introduce End-to-End Gmail Web Encryption
Google to Introduce End-to-End Gmail Web Encryption

Now through Jan. 20th, Workspace Enterprise Plus, Education Plus, and Education Standard customers are able to apply for Google’s client-side encryption.

Windows May Be Storing All Your Email and Docs as Unencrypted Plaintext
Windows May Be Storing All Your Email and Docs as Unencrypted Plaintext

If you enable handwriting recognition in Windows 8.1 or Windows 10, all of your text files — including typed documents and email — are dumped into a single invisible location and stored thereafter.