Apple Will Offer End-to-End Encryption for Cloud Data, Including Backups
Apple is introducing several new security-focused features this week. The optional features give users new ways to secure their accounts and protect their data. A feature Apple calls Advanced Data Protection for iCloud will let users end-to-end (E2E) encrypt nine additional types of cloud data, including iCloud Backup, Notes, and Photos. This is beyond the 14 categories already E2E encrypted by default. E2E ensures that personal data stays encrypted in transit to/from the cloud, and while stored in the cloud, in such a way that not even Apple can decrypt it. Data would also be protected in the event Apple suffers a cloud security breach. This could present a challenge for law enforcement, which sometimes subpoenas Apple for iCloud data of suspects, including iPhone backups. Advanced Data Protection for iCloud is in beta now, and will be available to US users by the end of the year. Apple will also now support hardware security keys for two-factor login using Apple ID. Hardware security keys provide a much higher level of security compared to other types of two-factor authentication. This feature "will be available globally in early 2023." iMessage Contact Key Verification is intended for "users who face extraordinary digital threats — such as journalists, human rights activists, and members of government". The feature helps users "verify that they are messaging only with the people they intend". A unique Contact Verification Code confirms user identity and can be confirmed via other channels, including in person. Users with the feature enabled will also "receive automatic alerts if an exceptionally advanced adversary, such as a state-sponsored attacker, were ever to succeed breaching cloud servers and inserting their own device to eavesdrop". This feature will be available "globally in 2023."
http://dlvr.it/Sf7mz7
http://dlvr.it/Sf7mz7
Comments
Post a Comment