Comment by Noaidi
15 days ago
Apple will do this too. Your laptop encryption key is stored in your keychain (without telliing you!). All is needed is a warrant for your iCloud account and they also have access to your laptop.
sixcolors.com/post/2025/09/filevault-on-macos-tahoe-no-longer-uses-icloud-to-store-its-recovery-key/
> Your laptop encryption key is stored in your keychain
Probably not if one is not using Apple cloud on their laptops.
> stored in your keychain (without telliing you!)
How to verify that? Any commands/tools/guides?
Thanks, that's good to know. I suspect WhatsApp's "we're fully E2E encrypted" would be similar too.
It's most software. Cryptography is user-unfriendly. The mechanisms used to make it user friendly sacrifice security.
There's a saying that goes "not your keys not your crypto" but this really extends to everything. If you don't control the keys something else does behind the scenes. A six digit PIN you use to unlock your phone or messaging app doesn't have enough entropy to be secure, even to derive a key-encryption-key.
If you pass a KDF with a hardness of ~5 seconds a four digit PIN to derive a key, then you can brute force the whole 10,000 possible PINs in ~13 hours. After ~6.5 hours you would have a 50% chance of guessing correctly. Six digit PIN would take significantly longer, but most software uses a hardness nowhere near 5 seconds.
Take it a step further, even - "End-to-End-Encryption" is complete security theater if the user doesn't control either end.
We joke and say that maybe Microsoft could engineer a safer architecture, but they can also ship an OTA update changing the code ad-hoc. If the FBI demands cooperation from Microsoft, can they really afford to say "no" to the feds? The architecture was busted from the ground-up for the sort of cryptographic expectations most people have.
> A six digit PIN you use to unlock your phone or messaging app doesn't have enough entropy to be secure
The PIN is not usually used for cryptography, it's used to authorize the TEE (secure enclave) to do it for you. It's usually difficult or impractical to get the keys from the TEE.
Wrong.
You can (and should) watch all of https://www.youtube.com/watch?v=BLGFriOKz6U&t=1993s for the details about how iCloud is protected by HSMs and rate limits to understand why you’re wrong, but especially the time-linked section… instead of spreading FUD about something you know nothing about.
You can say anything you want in a YouTube video or a whitepaper. It doesn't have to correspond to your security architecture.
Where's the source code? Who audits this system?