Chuck Risher

Q: Does iCloud encrypt files before uploading?

Greetings,

 

Does anyone know if iCloud encrypts files before uploading? If not, that is a major shortcoming.

 

Am I supposed to trust the cloud with my important documents?  My tax evaded financial documents, my home made **** party movies with underage girls, my detailed photo collection of top secret government buildings, and the first draft of my "Why American Must Fall" manifesto?

 

Thanks

MacBook, Mac OS X (10.6.6)

Posted on Jun 6, 2011 11:44 PM

Close

Q: Does iCloud encrypt files before uploading?

  • All replies
  • Helpful answers

Page 1 of 3 last Next
  • by Kappy,

    Kappy Kappy Jun 6, 2011 11:44 PM in response to Chuck Risher
    Level 10 (270,871 points)
    Desktops
    Jun 6, 2011 11:44 PM in response to Chuck Risher

    All file transfers are encrypted.  This was discussed in the Keynote Address.

  • by Chuck Risher,

    Chuck Risher Chuck Risher Jun 6, 2011 11:48 PM in response to Kappy
    Level 1 (135 points)
    Mac OS X
    Jun 6, 2011 11:48 PM in response to Kappy

    Not transfers. Are the files themselves encrypted? Are they encrypted, then sent, then decrypted after I download them? So that they are stored encrypted on iCloud.

  • by Kappy,

    Kappy Kappy Jun 6, 2011 11:47 PM in response to Chuck Risher
    Level 10 (270,871 points)
    Desktops
    Jun 6, 2011 11:47 PM in response to Chuck Risher

    That's how I interpreted the information in the Address.  They are encrypted.

  • by Chuck Risher,

    Chuck Risher Chuck Risher Jun 6, 2011 11:51 PM in response to Kappy
    Level 1 (135 points)
    Mac OS X
    Jun 6, 2011 11:51 PM in response to Kappy

    I just watched it and don't remember hearing anything about encryption and decryption. Nohting about having a passphrase key to encryot with, etc. I will watch it again...

     

    I also googled "iCloud encryption" and didn't find anything.

  • by Kappy,

    Kappy Kappy Jun 6, 2011 11:52 PM in response to Chuck Risher
    Level 10 (270,871 points)
    Desktops
    Jun 6, 2011 11:52 PM in response to Chuck Risher

    Listen to it again.  Jobs stated that all data are encrypted and stored, then decrypted when transferred out.  It's automatic.  Most likely your Apple ID is the passphrase mechanism.

  • by twtwtw,

    twtwtw twtwtw Jun 7, 2011 12:04 AM in response to Chuck Risher
    Level 5 (4,935 points)
    Jun 7, 2011 12:04 AM in response to Chuck Risher

    One can assume that security will be reasonable.  There's been enough bad press over twitter, google, and facebook security gaffs that Apple will have learned the lesson (Apple's good at that).  However, if you are going to engage in activities that make you paranoid, it's probably not a wise idea to be storing your information anywhere outside of your own personal hardware.  Current legal standards set a far lower bar for getting information from corporate sites than from personal machines. 

     

    Sorry, but if you are planning on using iCloud to become a criminal mastermind or to lay out your plots for world domination…  well, let's just say that would not be a mastermindish thing to do. 

  • by Chuck Risher,

    Chuck Risher Chuck Risher Jun 7, 2011 12:21 AM in response to Kappy
    Level 1 (135 points)
    Mac OS X
    Jun 7, 2011 12:21 AM in response to Kappy

    I just watched it again. I'm sorry, but he said nothing about encryption.

     

    Please provide the time at which that is stated.

     

    As it stands now, the answer is no, there is no encryption. Nothing said of it in the keynote, and no information on it if you google.

  • by BobHarris,

    BobHarris BobHarris Jun 7, 2011 6:40 AM in response to Chuck Risher
    Level 6 (19,395 points)
    Mac OS X
    Jun 7, 2011 6:40 AM in response to Chuck Risher

    I too would like to know if my non-purchased data is stored encrypted in Apple's iCloud.  And by encrypted, I mean it is encrypted on my Mac using an encryption key ONLY I know, and can ONLY be decrypted by me or a well funded government agency willing to spend years brute forcing the decrypt.

     

    I expect that purchased apps, music, and video are stored only as an accounting record, and when I want to download that I just the the master Apple copy.

     

    I would also expect that any email handled by Apple would mostly be unencrtpted, unless it was encrypted by the sending party and decrypted by the receiving party (I think that might be covered by S/MIME (Secure/Multipurpose Internet Mail Extensions)), but otherwise unencrypted email.

     

    But all my user generated content that I do not official share, I would want encrypted on my Mac before being sent to the iCloud.

  • by Linc Davis,

    Linc Davis Linc Davis Jun 7, 2011 7:33 AM in response to Chuck Risher
    Level 10 (207,963 points)
    Applications
    Jun 7, 2011 7:33 AM in response to Chuck Risher

    I've seen nothing to indicate that data stored in iCloud will be encrypted in the sense of making it secure from Apple administrators. Unless informed otherwise by an official source, you should assume that it won't be. "Encrypted in transmission" simply means that the transfer between client and server is secure from eavesdropping by third parties, as when you connect to an HTTPS website. This is the usual situation with cloud data services such as Dropbox and MobileMe. You have no privacy whatsoever from the service operator.

     

    In my view, iCloud is unsuitable for any data you consider to be private, unless of course you trust all Apple employees and contractors implicitly.

  • by Luis Acosta Lema,

    Luis Acosta Lema Luis Acosta Lema Jun 8, 2011 11:09 PM in response to Chuck Risher
    Level 1 (0 points)
    Jun 8, 2011 11:09 PM in response to Chuck Risher

    I would also like all the data stored by Apple to be stored encrypted; if this is not the default behavior it should be an opt-in option. It is a matter of privacy. The owner of the data should be the only one to be able to decrypt it.

  • by hayleypope,

    hayleypope hayleypope Jun 13, 2011 11:51 AM in response to Linc Davis
    Level 1 (0 points)
    Jun 13, 2011 11:51 AM in response to Linc Davis

    Take a look at SpiderOak or Wuala - client side encryption. I've only ever used .mac/.me for pics

  • by johnalpha,

    johnalpha johnalpha Jun 19, 2011 3:57 AM in response to Chuck Risher
    Level 1 (0 points)
    Jun 19, 2011 3:57 AM in response to Chuck Risher

    Puzzles me as to why Apple WOULDN'T do that (encrypt on my hardware and store only the encrypted data). Why do they need access to my private data?

  • by holtsch,

    holtsch holtsch Jun 26, 2011 7:30 AM in response to Linc Davis
    Level 1 (0 points)
    Jun 26, 2011 7:30 AM in response to Linc Davis
    In my view, iCloud is unsuitable for any data you consider to be private, unless of course you trust all Apple employees and contractors implicitly.

     

    That ^^

     

    I really like the idea behind iCloud and the way it transparently moves everything in and out of the cloud, that's really the way I'd expect it from Apple, and it's elegant from the usability perspective. Unfortunately, unless the data is encrypted on the clients in a way that only can be decrypted by the clients (and not anywhere else), iCloud is a severe threat to its users' privacy. Which is unfortunate because it shouldn't really be that hard to do it right (I've outlined my ideas in Solution to iCloud Privacy: Smart Public Key Encryption, see http://bit.ly/mRShuy).

     

    It's easy to come up with lots of situations where you wouldn't really want your data to be stored on some server in some data center in a way that has any risk of falling into the wrong hands, or anybody else's hands for that matter. No need to be involved in anything illegal - just think of pictures accidentally taken (or intentionally - but not meant to be published), documents with confidential data (business plans, for example ;-) ).

     

    While I'd certainly like to have all of these automatically distributed on devices that I have control over (my devices, my data, responsibility and control) - I just don't see myself taking the risk of having that data on servers I have no control over. I really hope Apple realizes this and implements a proper solution before they ruin their reputation by becoming the very definition of Big Brother.

     

    And from a technological point of view - it's really not that hard to do it right (even when it comes at a tiny inconvenience for users when adding new devices).

  • by Ptit,

    Ptit Ptit Oct 12, 2011 2:17 PM in response to Chuck Risher
    Level 1 (0 points)
    Oct 12, 2011 2:17 PM in response to Chuck Risher

    Chuck Risher wrote:

     

    Greetings,


    Am I supposed to trust the cloud with my important documents?  My tax evaded financial documents, my home made **** party movies with underage girls, my detailed photo collection of top secret government buildings, and the first draft of my "Why American Must Fall" manifesto?

     

    Thanks

    according to people on this site its more secure then the US goverments own security cuz neither wikileaks, iran, russia, korea, china with several billion hackers out there could ever penetrate icloud of all things, trust apple, they already decided that users want share faces, places, locations with or with out their consent, why trust the US goverment right, isn't why people are protesting on Wall street?

     

    Believe everyone on this site because they said so so they must be honest ,

     

    btw u cant believe this, i had to edit my post becuase id id not write whatever it said, i think i was hacked

Page 1 of 3 last Next