Previous 1 2 3 Next 39 Replies Latest reply: Jun 12, 2013 10:07 PM by Ptit
Chuck Risher Level 1 Level 1 (125 points)

Greetings,

 

Does anyone know if iCloud encrypts files before uploading? If not, that is a major shortcoming.

 

Am I supposed to trust the cloud with my important documents?  My tax evaded financial documents, my home made **** party movies with underage girls, my detailed photo collection of top secret government buildings, and the first draft of my "Why American Must Fall" manifesto?

 

Thanks


MacBook, Mac OS X (10.6.6)
  • Kappy Level 10 Level 10 (257,805 points)

    All file transfers are encrypted.  This was discussed in the Keynote Address.

  • Chuck Risher Level 1 Level 1 (125 points)

    Not transfers. Are the files themselves encrypted? Are they encrypted, then sent, then decrypted after I download them? So that they are stored encrypted on iCloud.

  • Kappy Level 10 Level 10 (257,805 points)

    That's how I interpreted the information in the Address.  They are encrypted.

  • Chuck Risher Level 1 Level 1 (125 points)

    I just watched it and don't remember hearing anything about encryption and decryption. Nohting about having a passphrase key to encryot with, etc. I will watch it again...

     

    I also googled "iCloud encryption" and didn't find anything.

  • Kappy Level 10 Level 10 (257,805 points)

    Listen to it again.  Jobs stated that all data are encrypted and stored, then decrypted when transferred out.  It's automatic.  Most likely your Apple ID is the passphrase mechanism.

  • twtwtw Level 5 Level 5 (4,900 points)

    One can assume that security will be reasonable.  There's been enough bad press over twitter, google, and facebook security gaffs that Apple will have learned the lesson (Apple's good at that).  However, if you are going to engage in activities that make you paranoid, it's probably not a wise idea to be storing your information anywhere outside of your own personal hardware.  Current legal standards set a far lower bar for getting information from corporate sites than from personal machines. 

     

    Sorry, but if you are planning on using iCloud to become a criminal mastermind or to lay out your plots for world domination…  well, let's just say that would not be a mastermindish thing to do. 

  • Chuck Risher Level 1 Level 1 (125 points)

    I just watched it again. I'm sorry, but he said nothing about encryption.

     

    Please provide the time at which that is stated.

     

    As it stands now, the answer is no, there is no encryption. Nothing said of it in the keynote, and no information on it if you google.

  • BobHarris Level 6 Level 6 (15,695 points)

    I too would like to know if my non-purchased data is stored encrypted in Apple's iCloud.  And by encrypted, I mean it is encrypted on my Mac using an encryption key ONLY I know, and can ONLY be decrypted by me or a well funded government agency willing to spend years brute forcing the decrypt.

     

    I expect that purchased apps, music, and video are stored only as an accounting record, and when I want to download that I just the the master Apple copy.

     

    I would also expect that any email handled by Apple would mostly be unencrtpted, unless it was encrypted by the sending party and decrypted by the receiving party (I think that might be covered by S/MIME (Secure/Multipurpose Internet Mail Extensions)), but otherwise unencrypted email.

     

    But all my user generated content that I do not official share, I would want encrypted on my Mac before being sent to the iCloud.

  • Linc Davis Level 10 Level 10 (169,460 points)

    I've seen nothing to indicate that data stored in iCloud will be encrypted in the sense of making it secure from Apple administrators. Unless informed otherwise by an official source, you should assume that it won't be. "Encrypted in transmission" simply means that the transfer between client and server is secure from eavesdropping by third parties, as when you connect to an HTTPS website. This is the usual situation with cloud data services such as Dropbox and MobileMe. You have no privacy whatsoever from the service operator.

     

    In my view, iCloud is unsuitable for any data you consider to be private, unless of course you trust all Apple employees and contractors implicitly.

  • Luis Acosta Lema Level 1 Level 1 (0 points)

    I would also like all the data stored by Apple to be stored encrypted; if this is not the default behavior it should be an opt-in option. It is a matter of privacy. The owner of the data should be the only one to be able to decrypt it.

  • hayleypope Level 1 Level 1 (0 points)

    Take a look at SpiderOak or Wuala - client side encryption. I've only ever used .mac/.me for pics

  • johnalpha Level 1 Level 1 (0 points)

    Puzzles me as to why Apple WOULDN'T do that (encrypt on my hardware and store only the encrypted data). Why do they need access to my private data?

  • holtsch Level 1 Level 1 (0 points)
    In my view, iCloud is unsuitable for any data you consider to be private, unless of course you trust all Apple employees and contractors implicitly.

     

    That ^^

     

    I really like the idea behind iCloud and the way it transparently moves everything in and out of the cloud, that's really the way I'd expect it from Apple, and it's elegant from the usability perspective. Unfortunately, unless the data is encrypted on the clients in a way that only can be decrypted by the clients (and not anywhere else), iCloud is a severe threat to its users' privacy. Which is unfortunate because it shouldn't really be that hard to do it right (I've outlined my ideas in Solution to iCloud Privacy: Smart Public Key Encryption, see http://bit.ly/mRShuy).

     

    It's easy to come up with lots of situations where you wouldn't really want your data to be stored on some server in some data center in a way that has any risk of falling into the wrong hands, or anybody else's hands for that matter. No need to be involved in anything illegal - just think of pictures accidentally taken (or intentionally - but not meant to be published), documents with confidential data (business plans, for example ;-) ).

     

    While I'd certainly like to have all of these automatically distributed on devices that I have control over (my devices, my data, responsibility and control) - I just don't see myself taking the risk of having that data on servers I have no control over. I really hope Apple realizes this and implements a proper solution before they ruin their reputation by becoming the very definition of Big Brother.

     

    And from a technological point of view - it's really not that hard to do it right (even when it comes at a tiny inconvenience for users when adding new devices).

  • Ptit Level 1 Level 1 (0 points)

    Chuck Risher wrote:

     

    Greetings,


    Am I supposed to trust the cloud with my important documents?  My tax evaded financial documents, my home made **** party movies with underage girls, my detailed photo collection of top secret government buildings, and the first draft of my "Why American Must Fall" manifesto?

     

    Thanks

    according to people on this site its more secure then the US goverments own security cuz neither wikileaks, iran, russia, korea, china with several billion hackers out there could ever penetrate icloud of all things, trust apple, they already decided that users want share faces, places, locations with or with out their consent, why trust the US goverment right, isn't why people are protesting on Wall street?

     

    Believe everyone on this site because they said so so they must be honest ,

     

    btw u cant believe this, i had to edit my post becuase id id not write whatever it said, i think i was hacked

Previous 1 2 3 Next