Encryption & Key Management , Endpoint Security , Enterprise Mobility Management / BYOD
Report: Apple Scuttled Encryption Plans for iCloud Backups
Technology Giant Didn't Want to 'Poke the Bear,' Sources Tell ReutersApple previously scuttled plans to add end-to-end encryption to iCloud backups, in part because such a move would have complicated law enforcement investigations, Reuters reports.
See Also: Netskope FERPA Mapping Guide
Instead, Apple opted to apply end-to-end encryption only to select iCloud data, such as health and payment information. As a result, Apple can supply investigators with unencrypted backups of iMessages, data from other services and sometimes WhatsApp chat histories, after it gets served with a legal order, Reuters reports.
Apple's ability to decrypt iCloud backups has been well documented. But what hasn’t been clear is why Apple wasn't encrypting those backups to the same degree that it protects data stored on iOS devices.
Reuters' scoop highlights a behind-the-scenes compromise that explains what happened, with Apple reportedly opting to not use end-to-end encryption for iCloud backups as it faced increasing pressure from the U.S. government to ensure investigators could access user data.
Apple officials did not immediately reply to an Information Security Media Group request for comment.
‘Legal Killed It’
The decision by Apple to add end-to-end encryption for iCloud backups occurred about two years ago, but the plan was dropped the following year, Reuters reports.
One anonymous source told Reuters that “legal killed it,” referring to the end-to-end encryption plans, and that the company didn’t want to “poke the bear.” The source said that Apple didn’t want to be attacked by public officials for hampering law enforcement investigations. Reuters’ reporting is based on comments from unnamed current and former FBI and Apple employees.
Apple, however, continues to face high levels of encryption criticism from U.S. officials. Earlier this month, Attorney General William Barr criticized Apple for not providing more information on an iPhone 5 and iPhone 7 belonging to Saudi Royal Air Force Second Lt. Saeed Alshamrani (see: Attorney General Presses Apple to Unlock Shooter's iPhones).
On Dec. 6, 2019, Alshamrani shot and killed three people and injured eight at the Naval Air Station Pensacola, before he was killed by police. Apple says it turned over all of Alshamrani's data that it could access. But the U.S. government has pushed further, which suggests there may be a gap between when Alshamrani last backed up his phones and the incident. Experts also say investigators likely want access to data stored in apps such as WhatsApp, which iOS does not by default back up to iCloud.
What remains unclear is why law enforcement hasn’t turned to third-party tools to unlock the phones. Forbes reported earlier this month that law enforcement in Ohio used a tool called GrayKey to unlock an iPhone 11 Pro Max, the latest model. GrayKey uses hardware and security vulnerabilities to attempt to break into a device.
Forbes’ report suggests that law enforcement could get tools to unlock the devices, and it raises questions about why the U.S. government is making such an aggressive run at Apple - and whether it's doing so at the same time as it's pursuing the use of third-party unlocking tools.
One political motivation may be to bolster support for legislation that would force technology companies to maintain access to encrypted data.
End-to-end encryption means data is fully encrypted, with the keys only held on an individual device. For messages, this means only the sender and recipient have copies of the key. For law enforcement to get access to those communications, they would need physical access to one of the devices, together with passcodes for unlocking them. Or, as mentioned earlier, they could potentially use a cracking tool to guess the passcode and break into a device.
That’s the route the U.S. government took after pushing Apple to unlock the iPhone 5C belonging to one of the two shooters involved in the mass shooting in San Bernardino, California, in December 2015 (see: Apple, FBI Draw Lines in Crypto Battle).
The government gained a court order that instructed Apple to create a version of iOS that would disable security protections. Apple fought the order, and the government dropped the pursuit after it cracked the phone with a private security tool.
Workaround: Deactivate iCloud Backups
Apple opted for a compromise on iCloud encryption to make the FBI less displeased, but users still have the power to shut off access to their data. iCloud backups are optional, and it’s possible to turn them off.
But if backups are turned on, some of the data is end-to-end encrypted, according to Apple’s iCloud security overview. For example, that includes home data, health data, the iCloud keychain, payment information, screen time, Siri data and Wi-Fi passwords.
But iMessages sit somewhere in the middle. Apple says iMessages uses end-to-end encryption. If iCloud backups are active, however, the key for a user's iMessages discussions get backed up to the cloud, meaning it would be obtainable through a legal order. If someone turns off iCloud backups, that key is erased, and a new key is generated on the device, Apple says.
For other encrypted messaging apps, whether Apple might access to the content varies. Joseph Menn, the Reuters journalist who broke this story, tweets that messages within Signal - a popular encrypted messaging app - will not back up to iCloud.
Indeed, Signal’s guidance says that an iCloud backup does not contain Signal’s message history. WhatsApp’s guidance, however, says that it is possible to restore chat histories from an iCloud backup - which means there would be a key stored - provided a user has opted to back up their WhatsApp data to iCloud.
"You can enable automatic, scheduled backups by tapping 'auto backup' and choosing your backup frequency," according to a WhatsApp FAQ. "This will back up your chats and media to your iCloud account. You can choose to include or exclude videos from the backup. The iCloud backup process can take a while to complete, depending on your internet connection and backup size."
Executive Editor Mathew Schwartz contributed to this story.