Apple today introduced Advanced Data Protection in iCloud. This new feature uses encryption end-to-end to protect sensitive data such as photos and notes.
Advanced Data Protection can be enabled by customers to protect “most iCloud Data even in the event of a breach in the Cloud”. It encrypts encrypted cloud data only on trusted devices.
Opting in will prompt you to select an alternative recovery method. This could be the device password or password, recovery contact or personal recovery key. If they are unable to access their Apple account, this is required. Apple does not possess the keys necessary to decrypt the data.
End-to-end encryption protects data such as device and message backups and photos, notes, reminders and Safari bookmarks. Voice memos and voice memos are also protected.
iCloud Mail, Calendar, and Contact data won’t be encrypted as it is necessary to communicate with other email systems, contacts and calendar systems.
Apple that you can enable Advanced Data Protection starting with iOS 16.2, iPadOS 16.2 or macOS 13.1. This will protect your vast majority of iCloud data even in case there is a breach in the cloud.
Users will be able to choose to have encrypted iCloud backups. This is a huge win and a bad thing for law enforcement. They loved being able to ask for iCloud back-ups in order to avoid the hassle of hacking into phones.
You can toggle backup encryption anytime. Your devices will secure upload your encryption keys to Apple servers. Users will then automatically return to the standard data protection.
Advanced Data Protection, which is available for all customers who are enrolled in Apple Beta Software Program in the U.S., will soon be made available to everyone in the U.S. The service will be available to users from other countries in the early part of 2023.
Advanced Data Protection by Apple is the highest level of cloud security. It allows users to choose to secure the vast majority their sensitive iCloud data using end-to-end encryption, so it can only ever be read on trusted devices.” said Ivan Krstic from Apple Security Engineering and Architecture.
Apple today introduced two new security features: iMessage contact key verification and Security keys for Apple ID.
This first allows iMessage users verify the identities of people on the other side. It also alerts them if a threat agent manages to insert their device to the conversation in order to spy on encrypted communications channel.
Apple stated that users facing extraordinary digital threats, such as journalists and human rights activists or members of the government, can now use iMessage contact key verification to verify they’re communicating only with those they want.
This second option allows Apple customers who have an Apple ID account to create one. To complete the process, they will need a physical security code.
Apple explained that this feature was for people who are often threatened by celebrities or journalists.
This announcement comes after the September iOS 16 release. Apple such as Lockdown Mode, Security Check, and Privacy Check.
July 1, protects individuals at high risk such as journalists and human rights defenders against “extremely rare, highly sophisticated cyberattacks” like the targeted deployments of spyware mercenary.
privacy instrument provides those whose safety is at immediate risk with an emergency reset of their account security and privacy permissions that can be used to remove people they don’t want connected to.