"Enter your passcode to trust this computer and start a backup." Every time iPhone is on charge.

JayGreenstein wrote:

• Then how can the phone owner use the unreadable data? They can’t use it

to restore a phone, because the key to unlock the backup was wiped when

the phone was reset. And you can’t use the backup to set up a new phone

for the same reason.

Seriously? If the data is encrypted by-the-phone, and done AS it's sent to backup, there's no need to do anything but store it—be that on a local computer or any kind of cloud server. And of course, the phone can upload and use the data, because it, and it alone, has the encryption key. Sending unencrypted data that can be intercepted on the way to storage, and THEN encrypting it, is dumb.

But when you restore an iPhone from a backup the first step erases the phone, so it no longer has the encryption key. And what about the other, more common, use of backups? Moving the contents of a backup to a new phone, which certainly doesn’t have the encryption key.

he number of screw-ups on the part of Apple—screw ups that their quality control testing should have caught, keeps growing.

• But when you restore an iPhone from a backup the first step erases the phone, so it no longer has the encryption key.

Hmm... so you figure that if the Apple people changed the system so that it was encrypted at that end they wouldn't be smart enough to retain the decryption key as part of the restore operation?

Normally, I'd laugh at you not seeing that, but given the total number of screwups by them lately...

• Moving the contents of a backup to a new phone, which certainly doesn’t have the encryption key.

That's easy. Lots of ways around that. For example: When the phone is told to encrypt data being backed up by the user, at the next backup initialization, and at the phone's initialization, the key is sent to the computer, or iCloud for permanent backup storage. Thereafter, until the phone user changes it, it's never used again. And because it's encrypted by the computer, it's all safe. There are other ways, but that's the easiest.

I'm surprised you didn't see that.

JayGreenstein wrote:

• But when you restore an iPhone from a backup the first step erases the phone, so it no longer has the encryption key.

Hmm... so you figure that if the Apple people changed the system so that it was encrypted at that end they wouldn't be smart enough to retain the decryption key as part of the restore operation?

Smart enough? They would be smart enough NOT to save the encryption key. Where are they going to save it? All storage on an iPhone is encrypted. When you reset the phone the storage encryption key is erased to clear storage. Are you suggesting that somehow some storage NOT be encrypted just to save this key? That’s a back door.

ormally, I'd laugh at you not seeing that, but given the total number of screwups by them lately...

• Moving the contents of a backup to a new phone, which certainly doesn’t have the encryption key.

That's easy. Lots of ways around that. For example: When the phone is told to encrypt data being backed up by the user, at the next backup initialization, and at the phone's initialization, the key is sent to the computer, or iCloud for permanent backup storage. Thereafter, until the phone user changes it, it's never used again. And because it's encrypted by the computer, it's all safe. There are other ways, but that's the easiest.

I'm surprised you didn't see that.

I did see it, and rejected it as a major security vulnerability if the key is on the computer, it is a back door. I’m surprised you don’t realize that.

• Smart enough? They would be smart enough NOT to save the encryption key. Where are they going to save it?

Oh I don't know. Perhaps where they save it now for doing the encryption on the computer or cloud?

• All storage on an iPhone is encrypted.

THINK! Were that true, there would be no need to encrypt the data before storing it on the computer, and no need for a password before backup. The supposed bad operator that you claim is stealing data would get only encrypted data from the phone, so there would be no reason to care if a virus was calling for a backup, and therefore no reason to call for the user to type their password. So either Apple screwed up even worse than we thought or you're wrong about the phone encrypting the data.

And further, if there is no encryption on the phone, assume that the bad operator you postulate sent a request for backup, and the password request came up. If that happens, the vast majority of users would supply it. And once the bad guy has the data they wouldn't have reason to ask again, so the user would never know it happened.

That's why that constant password business was nonsense from the start.

Do you even think about what you say? Seems to me that instead of looking at the problem and seeking a solution, you're focused on finding fault with anyything that everyone else says.

• I did see it, and rejected it as a major security vulnerability if the key is on the computer, it is a back door.

Hmm... if an encryption key is sent to the computer only at the phone's direction—once—then encripted and stored, that's a backdoor? Seriously?

You have absolutely no understanding of how iPhones and backups work, yet you are proposing solutions that cannot possible work. Or perhaps you are just trolling.

JayGreenstein wrote:

• All storage on an iPhone is encrypted.

THINK! Were that true, there would be no need to encrypt the data before storing it on the computer, and no need for a password before backup. The supposed bad operator that you claim is stealing data would get only encrypted data from the phone, so there would be no reason to care if a virus was calling for a backup, and therefore no reason to call for the user to type their password. So either Apple screwed up even worse than we thought or you're wrong about the phone encrypting the data.

THINK! That IS true, however, what is NOT true that you seem to be assuming is that a backup is just a cloned image of what is on the phone. A backup is a collection of individual data items from each application database on the phone stored as a SQLite database, each in its own unencrypted file (unless the user choses to encrypt the backup, but most don’t). A single backup is thousands of individual files; one of my backups is over 60,000 individual files.

nd further, if there is no encryption on the phone, assume that the bad operator you postulate sent a request for backup, and the password request came up. If that happens, the vast majority of users would supply it. And once the bad guy has the data they wouldn't have reason to ask again, so the user would never know it happened.

That's why that constant password business was nonsense from the start.

Do you even think about what you say? Seems to me that instead of looking at the problem and seeking a solution, you're focused on finding fault with anyything that everyone else says.

• I did see it, and rejected it as a major security vulnerability if the key is on the computer, it is a back door.

Hmm... if an encryption key is sent to the computer only at the phone's direction—once—then encripted and stored, that's a backdoor? Seriously?

Yes, but I’ve concluded that you are simply trolling, so this is my last response to you.

• That IS true, however, what is NOT true that you seem to be assuming is that a backup is just a cloned image of what is on the phone.

No, that's your unproven assertion. I never said or implied that. I spoke of "the data" and never mentioned the internal workings or format of the phone. Did you actually read what I said? It seems not.

• A backup is a collection of individual data items from each application database on the phone stored as a SQLite database, each in its own unencrypted file

To quote you for the SECOND time: "All storage on an iPhone is encrypted."

So, if your "unencrypted" claim is valid, my suggestion that files sent to the computer be encrypted as they are sent, instead of after arrival, solves the problem. If your prior claim is valid, and it's already encrypted, there's no need to worry.

Either way, the answer is to do it in the phone. You really need to do a reasonability check on what you say. You're letting yourself view anything said in any forum that's not in total agreement with your views as a battle that must be won at all costs. That's always a mistake.

[Edited by Moderator]

"...another Apple decision based on their security preferences and taking control away from users/customers...,"

or a case of "if customers want to use our global data store then here are the security requirements to keep it secure for you all"

Your choice to use it or not if typing in a few characters when backing up via laptop is inconvenient. My phone backs up OTA seamlessly without intervention overnight every night.

"...the older IOS is remembered in your keychain choice when paired with your laptop or desktop whichever variety you use..."

Total nonsense!

BTW iTunes still exists in Windows PCs

Well not a windows user, but I do not use iCloud storage as I really do not need such and backups to my laptop is my choice. I really do not take part in putting anything of a secure nature on my iPhone. Anyone relying on a mobile device to run their lives is already in trouble.

It was something not requested by the user community and no need for it, we the customers spend enough with apple. I bought apple as it allowed me to make decisions as to what and how I use my devices, not anymore was a great platform both IOS and OSX but getting more like Microsoft everyday and that's not a good thing

Hayg wrote:

Well not a windows user, but I do not use iCloud storage as I really do not need such and backups to my laptop is my choice. I really do not take part in putting anything of a secure nature on my iPhone. Anyone relying on a mobile device to run their lives is already in trouble.

So you are suggesting that Apple ask each of their 2 billion users if they have anything of a secure nature on their devices, and decide how much security to impose on the device based on that answer? Interesting.

And I guess you have no contacts saved on your iPhone, because if you did I’m sure that your contacts would not be pleased if the contacts were stolen with all of the contact information you keep about them. And you don’t use the calendar, because if you did a stalker could wait for you at one of the places that you would visit, knowing that you would be there because it was on your calendar. And you never use any financial management or banking apps on your phone. And don’t use Apple Pay or Apple Wallet. Or use the health app with your medical records. And you never exchange email or texts that contain the slightest bit of personal information. And of course you don’t use Keychain to fill in your passwords when you use apps or log in to websites.

Oh, and the requirement to enter a passcode before backing up has nothing to do with iCloud, it is because a vulnerability has discovered that can allow a hacker to steal your COMPUTER backup with all of its contents. But, as you don’t keep any secure information on your phone this would not bother you.

The Apple ecosystem is seen as a whole and protected as a whole. Having your iphone credentials on an accessible laptop backup could compromise your icloud data and therefore the ecosystem as a whole.

Sad you think that way my contacts are on my phone but limited to phone and email nothing else, I personally do not require more. I would not entertain holding anything overtly secure on a device that is easy to lose or be stolen. Each to their own, the lest you have on the device the better. My iPhone is secured and encrypted but has nothing of a secure nature on it, it is a phone with apps that is all I use it for, I am sure people out there use it to run their lives but I don't.

Saying that they are powerful useful devices but not for storing your life's work or data that you cannot afford to lose or be stolen. Why does Apple simply let you use a fingerprint to allow backups would seem the sensible way, typing 8 character passcode is a pain to allow backups.

No I don't, do use the camera, sadly I understand the risks in putting your life on a device that can be out in public. It is the way I use my iPhone and understand it is so easy to do everything with it but that is not me. I don't use iCloud storage I do all things locally and back up to my secure NAS backup services. My laptop never leaves the house and I work from home, so backups are all encrypted and secured.

I really do understand that you can do so much more with the iPhone I just do not need too and the clumsy way Apple deployed this annoying change in service is wrong. But agree if you do all online and do everything with your iPhone you may want and need additional security but I could survive losing a phone and it won't have me panic and canceling all my cards as my phone has none of that.

• So you are suggesting that Apple ask each of their 2 billion users if they have anything of a secure nature on their devices, and decide how much security to impose on the device based on that answer? Interesting.

Once a year the US asks all its people for their view on running the country and that works. Why shouldn't Apple? Have you not heard of focus groups? Would it not make sense for Apple to check forums like this to see how people are reacting to their latest changes?

No I very definitely did not say that, I do not use my iPhone for such management of personal or financial data, I use it for applications and as a mobile phone, nothing else. For myself that is enough and yes as an owner and user, I would like to manage my devices in a way that fits my needs.

I make no case or judgment on how other owners use their devices nor what they store or use the devices for, everyone has the right to do whatever suits their needs.

Well US politics is not an area I would ever have a comment about, that's is a question for US citizens and I cannot comment. I do hope Apple look at things on the forum's and perhaps reach out to survey their customers.

Well your original question (which has been lost in this mad security discussion) was why do I have to put in passcode "every time iphone is on charge". Your decision to undo auto sync and auto backup is the first answer I gave so I'm glad I could help.

The rest of the pages were concerned with WHY the passcode is required which is not my remit so I will unfollow now.