Comment by KennyBlanken
1 year ago
Also, iMessage is very secure...but then all your stuff is backed up on iCloud servers unless you specifically disable it. That includes all your iCloud encryption keys and plaintext messages.
Worse, iPhones immediately start backing up to iCloud when set up for a new user - the only way to keep your network passwords and all manner of other stuff from hitting iCloud servers is to set the phone up with no network connection or even a SIM card installed.
Did I mention there's no longer a SIM slot, so you can't even control that?
And that iPhones by default if they detect a 'weak' wifi network will switch to cellular, so you can't connect the phone to a sandboxed wifi network?
You shouldn't have to put your phone in a faraday cage to keep it from uploading plaintext versions of your private communications and network passwords.
Well summed-up. Its crazy how efficient theese things are at working together to strip users of any agency or control, across many different domains.
That is the correct default. Every day users are far more likely to accidentally lose their data than to run into government snooping.
If that is the correct default then why Telegram is blamed for having non-E2E chats by default? Maybe they also care about users who can accidentally lose their conversations. When Apple does it, it is good, but when Telegram or TikTok do the same, it is bad and not secure.
because telegram and it’s users heavily insinuate it’s comparable to Signal rather than Tiktok.
right on their front page in giant font they declare “private” and “secure” when they’re neither. it’s telegram’s own fault they receive this criticism repeatedly—and they strangely constantly complain every time they’re publicly spanked and taken to task. theyre heavily insinuating (i call it it lying) to their users and then over and over crying because they get called out.
if they don’t want to be called out then they should quit insinuating those things, it’s dangerous af. they know they’re lying though, obviously they won’t stop. but omg i wish their users would run fast and run far—it’s like watching an abused person who keeps going back to their abusive partner “oh they mean well”… pffft, no, they really dont.
Because Apple is not in the business of hosting public discussion forums.
There is no crime in implementing or not of different encryption schemes.
It might be the correct default, but it doesn't make it secure (makes it insecure actually).
> That includes all your iCloud encryption keys and plaintext messages.
Are these stored encrypted or in the clear? If the latter, please cite your source.
They are stored encrypted but whether Apple has the key depends on whether you've turned on "Advanced Data Protection" (aka "I don't expect Apple to bail me out when I lose access to all my devices"). The table in this support article details the treatment of various data categories under the two options:
https://support.apple.com/en-us/102651
The default for many categories is that your keys are in iCloud so Apple can recover them for you. With Advanced turned on, the keys are only on your personal devices. A few categories, like the keychain, are always only on your devices.
Specifically, see Note 3: "If you use both iCloud Backup and Messages in iCloud, your backup includes a copy of the Messages in iCloud encryption key to help you recover your data." Under normal protection, Apple has the key to your backups, but with Advanced they don't.
And even "advanced" protection is not advanced enough to protect your calendar and contact list from the government (under silly excuse that Apple uses standard protocols for those data).
Apple devices are also always gossiping about which devices are where
Which is one of the best features. I wouldn’t mind having an option to disable it, but then you also don’t get the advantage of others’ phones finding your device.
Luckily, microwave ovens make easy Faraday cages.
15 seconds on low, then 120 seconds on high.
Oh, you meant... oh.
laf every image you take on an iphone is sent to apple server regardless of it being in icloud or not.
iMessage only encrypted messages in RSA 1280, why do you think it is very secure?..
iCLoud can be disabled by MDM profile installed by Apple Configurator at setup.
Looks like an easy task, even your granny can do it.
It does require a few clicks and passcode entry, https://support.apple.com/en-us/102400
2 replies →
Can I enroll my personal iPhone in MDM myself? And if I can have MDM with just my personal phone, do I need to buy some kind of subscription for it from Apple? Or pay some third-party?
I thought MDM was only for enterprise businesses and schools and universities, but I may very well be mistaken about that.
MDM profiles are just XML files. They can be created with any text editor and distributed to the phone by email or web server. Apple provides the free "Apple Configurator" app in the MacOS app store. There are also websites and/or OSS tools to generate profiles, e.g. https://github.com/ProfileCreator/ProfileCreator.
Apple supplies a free application for managing MDM.
https://support.apple.com/guide/apple-configurator-mac/welco...
2 replies →