January 2023 - Breaking Down Apple's New Security Features

This week Apple released two new security features that offer huge improvements in security and privacy for its iCloud users, but they come with usability, complexity and recovery costs. On Monday January 23rd, Apple released iOS 16.3 and macOS 13.2, and with these new releases comes worldwide support for iCloud Advanced Data Protection and support for hardware security keys for two factor authentication.

Apple has supported Advanced Data Protection in the United States since iOS 16.2, however 16.3 brings this new privacy feature to the rest of the world.

So what is Advanced Data Protection and do you need it?

If you use Apple iCloud to backup your devices and sync your photos, documents and messages, then this is a feature you should review. Advanced Data Protection is Apple's terminology for end-to-end encryption (E2EE). This allows users to store their private encryption keys on their devices only, instead of on Apple's servers.

This means that the data is protected from being accessed by Apple employees, insider threats, law enforcement or anyone else, even if iCloud servers were to be breached or if Apple is served with a court-issued warrant or subpoena from a Law Enforcement Agency or other government entity. Apple already provides end-to-end encryption for 14 data categories without Advanced Data Protection turned on, referred to as “Standard Data Protection”.

However, Advanced Data Protection expands this protection to the vast majority of iCloud categories including device backups, with the major exceptions being the Apple Mail, Contacts, and Calendar apps. These last 3 services cannot function with full end-to-end encryption in place, per Apple.

The biggest improvement in privacy that Advanced Data Protection offers, is end-to-end encrypted device backups stored in iCloud. Without this enabled, your iCloud device backups are stored on Apple’s servers in such a way that they can be decrypted by Apple and/or anyone who has access to them on Apple’s servers.

This has been a point of contention with privacy advocates for many years. With Advanced Data Protection, this is now a point of contention with Apple and Law Enforcement, as it is a common practice for Law Enforcement to issue search warrants directly to Apple for a user's iCloud backups. A decrypted iCloud backup will contain data that is natively encrypted on Apple’s servers.

For example, your iMessages that are backed up and synced to iCloud are currently end-to-end encrypted and cannot be accessed by Apple or anyone other than the user who holds the encryption keys. A loophole in this protection is your device backups. If you backup your devices to iCloud, those backups store those same messages in a way which can be decrypted by Apple and anyone who has access to said device backups.

Law enforcement and other entities use this loophole with a search warrant, compelling Apple to hand over unencrypted device backups stored on Apple’s iCloud Servers. The user is unaware that their data has even been requested or accessed by a third party entity.

If privacy is important to you and you meet the requirements to set up Advance Data Protection, it is recommended that you enable it. However, there are some concerns that should be considered before turning it on:

1. All devices connected to your Apple ID have to support Advanced Data Protection, which means they must be running iOS 16.2 (16.3 for International users), macOS 13.1 and watchOS 9.2. Click the link for the full list of supported devices and required Operating System versions.
2. After enabling Advanced Data Protection, Apple can no longer assist you with recovering your data if you lose your devices and/or forget your device passcodes. Apple requires that you set up a recovery contact and/or recovery key to assist in the case of a lockout scenario.
3. You will no longer be able to access this encrypted data on the iCloud.com web portal. You will only have access to it on supported devices directly. This is great from a security and privacy standpoint, but reduces usability and access.

If you do decide to enable Advanced Data Protection, it is imperative that you understand the risk of losing access to your data if you lose or forget your passcodes. Apple has no means to help you regain access, your iCloud data will be unrecoverable. You must create a recovery key and securely store this somewhere safe, ideally in more than one place such as a password manager, home safe and bank safety deposit box. Setting up a trusted recovery contact in addition to a recovery key is a good idea, as long as that trusted contact has a secure Apple ID and is truly a trusted contact.

In summary, this new privacy option from Apple is a huge shift away from the current norm of storing users data in vendor reversible encryption. This feature sets Apple apart from most of its peers. Microsoft (OneDrive) and Amazon (Fire Tablets) do not offer end-to-end encryption for their consumer users on any of their consumer products, as of this writing.

Each individual will want to weigh the huge increase in privacy offered by Apple’s new end-to-end encryption offering over the added complexity and risk of losing access to your data if you do not have a good understanding of what is needed to recover your access.

Stay tuned for our next release on Apple’s new support for hardware security keys for two factor authentication.