Turn THIS on if you use iCloud!
Summary
TLDRThe video script discusses the misconception of privacy associated with Apple's iCloud service. Despite Apple's marketing on privacy and the introduction of end-to-end encryption for certain iCloud categories in late 2022, the script highlights that iCloud may not be as private as users believe. It explains that the 'Advanced Data Protection' setting, which prevents even Apple from accessing user files, is not enabled by default. The video provides a guide on how to enable this setting, including updating devices, setting up account recovery, and using two-factor authentication. It also outlines the limitations of Advanced Data Protection, noting that iCloud Mail, Contacts, and Calendars are not end-to-end encrypted, and metadata remains visible to Apple. The script concludes with alternative backup options for those seeking to limit their exposure to the Apple ecosystem and emphasizes the importance of taking control of one's data privacy.
Takeaways
- š± Apple's marketing emphasizes privacy, leading users to believe their data is private when using Apple products.
- āļø iCloud, Apple's cloud storage service, is not as private as users might think without additional settings.
- š End-to-end encryption for iCloud was introduced in late 2022 for certain categories, enhancing data security.
- š”ļø The 'Advanced Data Protection' setting offers stronger privacy by ensuring only the user can access their files, even from Apple.
- ā ļø Advanced Data Protection is not enabled by default, meaning Apple can see your data if you haven't turned it on.
- š To enable Advanced Data Protection, update all devices, enable Account Recovery, and set up a recovery contact or key.
- š With Advanced Data Protection on, you won't be able to access your data via iCloud.com unless you manually toggle the feature.
- š« Despite Advanced Data Protection, iCloud Mail, Contacts, and Calendars are not end-to-end encrypted.
- š Apple can still see metadata for all files, even with Advanced Data Protection enabled.
- š Users are responsible for their own data recovery; Apple does not have access to help with account recovery.
- š± For users concerned about privacy, there are alternative options to Apple's ecosystem for mail, calendar, and file backups.
Q & A
What is the main misconception about iCloud privacy that Apple users often have?
-Many Apple users assume that all their data with iCloud is private due to the company's aggressive marketing on privacy, but in reality, iCloud may not be as private as they think, especially if the Advanced Data Protection setting is not enabled.
What was introduced by Apple in late 2022 to enhance user privacy and data security in iCloud?
-Apple introduced end-to-end encryption for a range of iCloud categories and a setting called 'Advanced Data Protection' which significantly enhances user privacy and data security by ensuring that protected data can only be accessed by the user.
Why is it crucial for users to know about the default settings of the new end-to-end encryption feature in iCloud?
-It's important because the end-to-end encryption provided by the new setting is not turned on by default. This means that if users have been backing up their private files to iCloud without enabling Advanced Data Protection, Apple has been able to see everything they've uploaded.
What are some of the data categories protected by the Advanced Data Protection setting in iCloud?
-Advanced Data Protection protects iCloud Backup including device and Messages backup, iCloud Drive, Photos, Notes, Reminders, Safari Bookmarks, Siri Shortcuts, Voice Memos, Wallet passes, and Freeform.
What steps are required to enable Advanced Data Protection on iCloud?
-To enable Advanced Data Protection, users must update all their devices to the latest software versions, enable Account Recovery by setting up a recovery contact or a 28-character recovery key, and ensure that 2FA is enabled on their Apple ID with a passcode locking their device.
What is the main limitation of Advanced Data Protection when it comes to iCloud Mail, Contacts, and Calendars?
-Even with Advanced Data Protection enabled, iCloud Mail, Contacts, and Calendars are not end-to-end encrypted. Apple retains the ability to scan these data due to the need for interoperability with other email and calendar providers.
What metadata is still visible to Apple even when Advanced Data Protection is enabled?
-Apple can still see metadata such as file type, file size, how many times a photo has been viewed, whether a file was pinned or marked as favorite, and usage data like timestamps of when the file was created or last modified.
What is the responsibility of the user when it comes to regaining access to their account with Advanced Data Protection enabled?
-With Advanced Data Protection enabled, Apple does not have access to the user's account, so the user is responsible for keeping their recovery contact information up to date and ensuring their recovery key is saved safely. These are the only options to recover the account if the password is forgotten.
What alternative options are suggested for users who want to limit their exposure to the Apple ecosystem for backups?
-For users looking for alternatives, it's recommended not to use Apple mail, calendar, or contacts due to the lack of end-to-end encryption. Instead, users can explore more private email options, use Proton's end-to-end encrypted calendar, store contacts locally on a device, and consider private backup options like Proton Drive, Synology, or Nextcloud.
How does the privacy and security of Apple products compare to top competitors?
-Apple products generally offer a higher level of security and privacy compared to top competitors. For instance, a stock iPhone is considered more private and secure than a stock Android device.
What is the importance of turning on Advanced Data Protection for users who are already logged into an iCloud account?
-Turning on Advanced Data Protection is a crucial step for users to improve the privacy of their digital files. It ensures that only devices signed into the user's iCloud account and explicitly trusted by the user can access the files.
How is the NBTV channel funded, and how can viewers support it?
-NBTV is funded entirely by community donations. Viewers can support the channel by making donations through the provided link on their website or by purchasing their book, 'Beginnerās Introduction to Privacy'.
Outlines
š Understanding iCloud Privacy and Advanced Data Protection
This paragraph discusses the misconceptions about Apple's iCloud privacy. Despite Apple's marketing, which emphasizes privacy, the default settings of iCloud do not offer end-to-end encryption, meaning Apple can access user data. The paragraph introduces 'Advanced Data Protection,' a setting that, when enabled, ensures only the user can access their data, even preventing Apple from doing so. It outlines the categories protected by this feature, including photos, notes, and iMessage backups, and provides a step-by-step guide on how to enable it, including updating devices, enabling account recovery, and setting up two-factor authentication and a passcode. The limitations of Advanced Data Protection are also mentioned, noting that certain data like iCloud Mail, Contacts, and Calendars are not end-to-end encrypted and metadata remains visible to Apple.
š Advanced Data Protection Limitations and Alternative Backup Options
The second paragraph delves into the limitations of Apple's Advanced Data Protection, emphasizing that even with the feature enabled, iCloud Mail, Contacts, and Calendars are not end-to-end encrypted, and Apple can still access metadata such as file types, sizes, and usage data. It also stresses the importance of having a recovery contact and key due to Apple's lack of access to encrypted user data. The paragraph then suggests alternative backup options for those wanting to minimize their exposure to the Apple ecosystem, including using non-Apple mail, calendar services with end-to-end encryption, and self-hosting options like Synology and Nextcloud for photos and files. It acknowledges Apple's higher security and privacy compared to competitors but advises users to enable Advanced Data Protection for better privacy of their digital files. The paragraph concludes with a note on the video's funding through community donations and a personal anecdote from a hacker conference.
Mindmap
Keywords
š”Privacy
š”iCloud
š”End-to-End Encryption
š”Advanced Data Protection
š”Account Recovery
š”Two-Factor Authentication (2FA)
š”Data Metadata
š”Interoperability
š”Proton Drive
š”Self-Hosting
š”Telemetry
Highlights
Apple's iCloud is not as private as users might think, contrary to the company's marketing on privacy.
Apple introduced end-to-end encryption for certain iCloud categories in late 2022.
The 'Advanced Data Protection' setting significantly enhances user privacy and data security on iCloud.
Despite the new setting, iCloud is not private by default as end-to-end encryption is not enabled by default.
Apple can see all data uploaded if Advanced Data Protection is not turned on.
Advanced Data Protection allows only the user to access their files, even preventing Apple from accessing them.
Sensitive data categories like passwords, health data, and home data are protected by end-to-end encryption by default.
Enabling Advanced Data Protection adds more categories to the list, including iCloud Backup, Photos, and Notes.
To enable Advanced Data Protection, all devices must be updated to the latest software versions.
Account Recovery must be set up before enabling Advanced Data Protection.
A recovery contact or a 28-character recovery key is required for data recovery if the password is forgotten.
Two-factor authentication (2FA) and a device passcode are prerequisites for Advanced Data Protection.
Once enabled, Advanced Data Protection prevents access to data via iCloud.com by default.
Turning on Advanced Data Protection is a significant step towards improving the privacy of digital files.
Certain data types like iCloud Mail, Contacts, and Calendars are never end-to-end encrypted.
Apple can still see metadata of all files, even with Advanced Data Protection enabled.
Users are solely responsible for protecting their data once Advanced Data Protection is enabled.
Alternative options for backups outside the Apple ecosystem are suggested for users concerned about privacy.
The video recommends not using Apple mail, calendar, or contacts due to the lack of end-to-end encryption.
Proton Drive, Synology, and Nextcloud are suggested as private backup options.
Apple products generally offer a higher level of security and privacy compared to competitors like stock Android.
It is crucial to enable Advanced Data Protection on iCloud for better privacy of digital files.
Transcripts
ļ»æMany people who use Apple productsĀ assume that all their data with themĀ Ā
is private because of the companyās aggressiveĀ marketing on the topic. They say things like:
āSome things shouldnāt be shared.Ā iPhone helps keep it that way,ā
and āPrivacy. Thatās iPhone.ā
Privacy is something weāve come toĀ immediately associate with Apple.
Now if you use an iPhone or other Apple products,Ā Ā
you probably also use the companyās cloudĀ storage service, iCloud, to back up your photos,Ā Ā
contacts, emails, calendars, notes,Ā messages, voice memos, and other data.
But your iCloud is probably NOT asĀ private as you think. Let me explain.
In late 2022, Apple did introduceĀ end to end encryption for a rangeĀ Ā
of iCloud categories. SensitiveĀ and personal data like photos,Ā Ā
notes, and iMessage backups were nowĀ protected from unauthorized access.
With the addition of a setting called āAdvancedĀ Ā
Data Protectionā Apple significantlyĀ enhanced user privacy and data security.
Things protected with this setting can only beĀ Ā
accessed by the user -- not evenĀ Apple can access these files.
But itās super important that users know that,Ā Ā
even though this enhanced privacy settingĀ exists, and despite Apple, in general,Ā Ā
being a vocal proponent of privacy, yourĀ iCloud is probably not at all private.
Because this new settingās end to endĀ encryption is NOT turned on by default.
So if youāve been happily backing upĀ all of your private files to iCloudĀ Ā
all this time and never bothered toĀ turn on Advanced Data Protection,Ā Ā
Apple has been able to seeĀ everything youāve uploaded.
In this video Iām going to give an overview ofĀ exactly what is being protected with AdvancedĀ Ā
Data Protection, how to turn it on, andĀ Iāll also talk about its limitations,Ā Ā
and other options that you mightĀ use for your backups instead.
Letās start by diving into theĀ details of Advanced Data Protection.
Itās a setting that gives you a choice to betterĀ protect your privacy on iCloud if you want to,Ā Ā
and take your data out of theĀ reach of even Apple itself.
Once enabled, it makes sure that data can onlyĀ Ā
be decrypted on devices where you'reĀ signed in with your Apple ID account.
Whether you turn on Advanced DataĀ Protection or not, Apple does alreadyĀ Ā
protect some sensitive data categoriesĀ with end to end encryption by default.
These include things likeĀ your passwords and keychain,Ā Ā
payment information, health data and home data.
Enabling Advanced Data Protection, adds aĀ whole bunch more categories to that list.
iCloud Backup including device and MessagesĀ backup, iCloud Drive, Photos, Notes, Reminders,Ā Ā
Safari Bookmarks, Siri Shortcuts, VoiceĀ Memos, Wallet passes, and Freeform.
Now letās dive into exactly how to set it up.
First you'll first have to update all yourĀ devices to the latest software versions.
This means every device where youāre signedĀ in with your Apple ID, otherwise youāllĀ Ā
have to sign out on those devices, becauseĀ they wonāt support end to end encryption.
Next, youāll have to enable Account Recovery.
If you lose access to your account, ApplyĀ wonāt be able to resend you your log in.
So youāre required to setĀ up a recovery contact first,Ā Ā
which ensures that you can still recoverĀ your data if you forget your password.
First, open Settings on your iPhoneĀ and click on your Apple ID at the top.
Then select iCloud. Click Advanced DataĀ Protection and click Account Recovery
Then youāll add your recovery contact,Ā Ā
which is a trusted person who also owns anĀ Apple device, like a friend or family member.
Once you confirm them as your recovery contact,Ā they will receive recovery codes if you everĀ Ā
forget your password. You'll also have theĀ option to set a 28-character recovery key,Ā Ā
which you should write down somewhereĀ safe or store in a password manager.
The final two things that youāll need in order toĀ turn on Advanced Data Protection are 2FA on yourĀ Ā
Apple ID and a passcode locking your device, bothĀ of which you hopefully already have set up anyway.
Now you should see the option to toggle onĀ Advanced Data Protection for iCloud backups.
Once Advanced Data Protection isĀ enabled, itās worth noting that,Ā Ā
by default, you wonāt be able toĀ access your data via iCloud.com.
If youād like this feature, youāllĀ have to toggle it on manually,Ā Ā
but keep in mind that this allows the web browserĀ and Apple to have access to your encryption keys.
That's it. Your iCloud backups are now protectedĀ with end-to-end encryption. It means that onlyĀ Ā
devices signed in to your iCloud account, andĀ that you have explicitly trusted, can accessĀ Ā
your files. Your decryption keys are held onlyĀ on these devices, so nobody else can decryptĀ Ā
and view your sensitive digital assets. TurningĀ this on is a huge step forward for your privacy.
But now letās talk about some of theĀ limitations of Advanced Data Protection.
First, even if you turn on the newĀ Advanced Data Protection feature,Ā Ā
three important kinds of data are never end-to-endĀ encrypted: iCloud Mail, Contacts, and Calendars.
Apple says that it canāt encryptĀ this data because it wants theseĀ Ā
services to remain interoperable withĀ other email and calendar providers.
So keep in mind that no matter what you do, AppleĀ will be able to scan your emails, calendar events,Ā Ā
and see personal details about people in yourĀ network. But on top of that, whether you haveĀ Ā
Advanced Data Protection turned on or not, allĀ your filesā metadata is still visible to Apple.
This includes: File type, File size,Ā How many times a photo has been viewed,Ā Ā
Whether a file was pinned or marked as favorite,Ā Ā
usage data, such as timestamps of whenĀ the file was created or last modified.
Finally, you are now in controlĀ of protecting your own data.
You canāt go to Apple to regain access to yourĀ account, because Apple itself doesnāt have access.
So make sure your recovery contact isĀ up to date, and make sure that you haveĀ Ā
your recovery key saved somewhere reallyĀ safe. If you ever forget your password,Ā Ā
these recovery methods are your only options.
Now I want to briefly mention some alternativeĀ options to using the Apple ecosystem for backups.
Why might you want to do this?
Well, in other videos we talk about the hugeĀ amount of data that Apple collects from users,Ā Ā
especially through things like telemetry,Ā and how they bypass VPNs for a lot of thisĀ Ā
collection. So some people mightĀ want to limit their exposure to theĀ Ā
Apple ecosystem as much as they can,Ā even while still using Apple devices.
So weād recommend not using apple mail,Ā calendar, or contacts because of their lackĀ Ā
of end to end encryption. We have videos divingĀ into more private email options. For calendars,Ā Ā
I personally like Protonās end to endĀ encrypted calendar, and my contacts areĀ Ā
all stored locally on my Graphene phoneĀ and not backed up to any central server.
When it comes to backing up photos and files,Ā we just released a video exploring 3 optionsĀ Ā
that we like: Proton Drive, and 2 self hostingĀ options: Synology and Nextcloud. These are allĀ Ā
private backup options that you can set up toĀ happen automatically, so that you never have toĀ Ā
think about it again. So check out those videosĀ if you want to be walked through the process.
In general, Apple productsĀ do offer a higher level ofĀ Ā
security and privacy compared to top competitors.
For example, stock iPhone is far moreĀ private and secure than stock Android.
But donāt presume that your iphone is moreĀ private than it actually is. And if youāreĀ Ā
already logged into an iCloud account, absolutelyĀ make sure that you have Advanced Data ProtectionĀ Ā
turned on. Itās an easy step that goes a long wayĀ to improving the privacy of your digital files.
As always, there were no sponsors in this video.Ā NBTV is funded entirely by community donations.Ā Ā
So if youād like to support our free educationalĀ videos, head to nbtv.media/support. Or take a lookĀ Ā
at our book, āBeginnerās Introduction to Privacyā,Ā which also supports our channel. Thanks so muchĀ Ā
for liking, sharing, and subscribing,Ā and for watching through till the end.
I just got back from CactusCon, whichĀ is a hacker conference in Arizona,Ā Ā
and they had the best theme thisĀ year, which was āBig Hacktarā,Ā Ā
a Big Brother spin off. So, a big shout out toĀ them for putting a focus on privacy at theirĀ Ā
conference. And this little guy is gonna go intoĀ my set. And thanks so much to everyone who cameĀ Ā
to say āhiā! It was super awesome to meet soĀ many of you. If you ever see me at an event,Ā Ā
come say hi because you will get one of theseĀ little NTV stickers. Stickers! Heās adorable!
Browse More Related Video
5.0 / 5 (0 votes)