"Enter your passcode to trust this computer and start a backup." Every time iPhone is on charge.

By Apple providing a means for users to do one of three things: Require a passcode for each backup, Require a passcode for the devices to trust each other permanently or never require a passcode.

In other words, we should be able to opt-out of these draconian decisions made in the name of our safety.

StMiBa wrote:

By Apple providing a means for users to do one of three things: Require a passcode for each backup, Require a passcode for the devices to trust each other permanently or never require a passcode.

In other words, we should be able to opt-out of these draconian decisions made in the name of our safety.

Until your phone was hacked; then you would probably sue Apple. So protecting you is also protecting Apple.

Maybe you should move on if that is what you feel would make you happy.

I will stay in a secure ecosystem.

The same argument applies to 2 factor authentication. It is mandated by Apple but you can move on out of the ecosystem if you object.

Used values of iphones and Macs are pretty high due to popular demand. Sell it all. Free your spirit.

Lawrence, you pointing to that hack doesn’t justify this change, since as was mentioned multiple times, that hack doesn’t apply to people with encrypted backups. So I suggest not posting that as a blank check justification in response to every (justified) complaint about this issue. It doesn’t make sense.

LD150, if you want a “secure system”, I hope you’re not using Apple’s iCloud Backup instead, which Apple continues to offer despite it not being end-to-end encrypted (on purpose to allow governments to access your private data on demand). Local backups are much more secure than iCloud because they are encrypted. Again, this has been pointed out multiple times, so no need to reply to every new comment with old arguments that don’t apply. All it does is increase your post count.

StMiBa, honestly, this feels like a flick of the wrist, clumsy, ad hoc hole-filling by Apple. I haven’t yet given up the hope that they will come up with a better solution (like an exception to this for encrypted local backups, or forced encryption on all local backups). I hope I’m not proved wrong.

DollaDollaBillsYall wrote:

Lawrence, you pointing to that hack doesn’t justify this change, since as was mentioned multiple times, that hack doesn’t apply to people with encrypted backups.

As has been pointed out it DOES apply to encrypted backups, because if a hacker can download the encrypted backup to their computer, since there is no limit to the number of “guesses” for the passcode they can create a script to try every possible passcode, the same way passcodes are hacked in data downloaded from hacked websites.

Are you saying that in order for my personal data to be secure, I should delete the backup that is currently stored on my Macbook? Is that seriously what you are saying?

If that's the case, why should I bother to backup my data?

What I hear you saying is, "I have no idea what the problem is or how to fix it and neither does Apple but Apple assures me that if I enter my passcode in order to initiate a new backup, I'm secure."

StMiBa wrote:

Are you saying that in order for my personal data to be secure, I should delete the backup that is currently stored on my Macbook? Is that seriously what you are saying?

If that's the case, why should I bother to backup my data?

What I hear you saying is, "I have no idea what the problem is or how to fix it and neither does Apple but Apple assures me that if I enter my passcode in order to initiate a new backup, I'm secure."

It’s clear that you haven’t read the thread. Your iOS backup is saved in protected storage on your Mac or PC that only you can access. The security vulnerability allows a hacker to create a new backup of your device in storage that is not protected, then download the backup to their computer to analyze. They could do this for any device that just once “trusted” the computer. Apple has blocked this vulnerability by requiring a passcode on the phone each time it is backed up. I suspect this is a temporary fix for this vulnerability until they can find a better one. If it was just hypothetical I doubt Apple would have rushed out this fix, but the code to perform this hack has been published for anyone to see. There’s even a link to it in this thread if you want to try it.

As to economic arguments, what does storage cost on your computer? A computer backup uses a lot of storage; one backup of my phone is 25 GB, and that’s when I’m syncing photos to iCloud. For fast SSD internal storage in your computer (similar to what a modern Mac has) is about $1 per GB. So each of my computer backups is using $25 worth of my storage. If I didn’t sync photos to iCloud that would make the backup about 20 GB larger, so my cost would be $45 per backup. That same backup to iCloud would cost 99¢ per month or $12 per year.

dfwdiver wrote:

Then why did this start immediately after upgrading to ios16?

Because that was the version that fixed the vulnerability that had been discovered by Google’s cybersecurity team. In my first post I wasn’t aware of that; if you read the rest of the thread it should become clear.

They didn't fix the vulnerability, they stopped automatic unattended backups. The vulnerability still exists.

The vulnerability ,simply put, is that someone could direct the backup (time machine) to store its data in an unprotected area of the hard drive. They should have changed to OS to prevent someone from changing the location of the backup.

StMiBa wrote:

They didn't fix the vulnerability, they stopped automatic unattended backups. The vulnerability still exists.

The vulnerability ,simply put, is that someone could direct the backup (time machine) to store its data in an unprotected area of the hard drive. They should have changed to OS to prevent someone from changing the location of the backup.

The vulnerability no longer exists because you must physically enter a passcode on the phone to back it up each time. So there is no way for someone who hacks into the computer to change the storage location of the backup, which is hard-programmed into iTunes (or Finder).

That’s false. The backup location is easily changeable using a symlink. Having a passcode prompt does nothing to prevent this. The fact that you can change the backup location is a good thing because it lets you store your phone backups on an external drive instead of taking up half of the miserly amount of storage Apple provides in their laptops and charges an arm and a leg for.

No, that won’t work. Only the administrator account can add a symbolic link to replace the correct backup location, as the enclosing directory is both hidden and is “owned” by iTunes, the same reason a hacker cannot download a backup you create with iTunes from the default backup location. Do you honestly believe that Apple’s cybersecurity team doesn’t know what it is doing, and you do?