Dandy Cat

Apple advances user security with powerful new data protections

From Apple Newsroom:

Apple today introduced three advanced security features focused on protecting against threats to user data in the cloud, representing the next step in its ongoing effort to provide users with even stronger ways to protect their data. With iMessage Contact Key Verification, users can verify they are communicating only with whom they intend. With Security Keys for Apple ID, users have the choice to require a physical security key to sign in to their Apple ID account. And with Advanced Data Protection for iCloud, which uses end-to-end encryption to provide Apple’s highest level of cloud data security, users have the choice to further protect important iCloud data, including iCloud Backup, Photos, Notes, and more.

For a company that touts a claim of superior privacy protection over all of its competitors, not providing end-to-end encryption of all iCloud data capable of being encrypted1 was a glaring and shameful hole in its messaging. Their marketing said one thing and their actions another. As we should all know, words don’t mean anything when they’re not backed up with action.

While all three features are fantastic, the most notable is the Advanced Data Protection for iCloud. I’m going to turn this on2 as soon as I reasonably can. I feel confident in my safeguards against data loss, i.e., I’ve made sure to memorize my Apple account information and have that safely backed up elsewhere. If I sound anything like you, then I’d recommend doing the same.

Good on Apple for doing this.

  1. iCloud Mail, Contacts, and Calendar are unable to be encrypted. These can’t be to ensure that they’ll work with other systems. ↩︎

  2. It does appear to be an opt-in service. ↩︎