Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
thewebguyd 5 days ago

Apple is the only one that offers actual E2EE with advanced data protection for all iCloud services. Without it, yes, Apple can see your data. With it on, they can't. The key is stored on device, encrypted with your device pin/passcode and covers iCloud backup, including messages, drive, photos, notes, reminders, bookmarks, shortcuts, voice memos, wallet, passwords, health data, journal, home, maps, etc. The only thing not covered under ADP is iCloud mail, contacts, and calendars because it uses CalDAV and CardDAV.

> once that I forgot my password to the MacBook, all one needed to do to access my data was to enter recovery mode and reset the password. Sure it logged me off from browser sessions, but all my files where there available to anybody

Sounds like you didn't have FileVault (FDE) turned on. If you did, that wouldn't work you'd have needed your recovery key.

> it's known they scan all your content and pics on iCloud

They can't if you have ADP.

> Some tracking less by advertisers? That's privacy?

Yes, it is privacy. Let's not understate the massive surveillance that ad networks do, Google included.

Google is an advertising company, they have zero incentive to offer the same level of privacy that Apple does and probably never will, it would be directly detrimental to their core business.

lern_too_spel 5 days ago | parent | next [-]

Even Google also gives actual E2EE by default for Android backups. Same with Samsung. Others have mentioned that Proton and others do this for services that Apple won't.

https://developer.android.com/privacy-and-security/risks/bac...

thewebguyd 5 days ago | parent [-]

But not for photos, arguably one of the more important things to a lot of people to be E2EE, and not everyone wants to host their own Immich instance, or do things manually. iCloud offers E2EE photo back up and sync and native apps for it, it's a huge selling point that Google could just as easily offer but willingly choose not to.

lern_too_spel 5 days ago | parent [-]

> it's a huge selling point that Google could just as easily offer but willingly choose not to.

Google Photos is meant for sharing, where E2EE makes little sense. You can search your photos from any device.

If you really want to give up that convenience for E2EE, you might as well do it right and use Proton or Ente, which have E2EE for all photos, unlike iCloud, which isn't for shared albums or photos shared to anyone with the link. Unlike iOS, Android lets these apps have access to all the same device APIs as Google Photos, meaning they're as seamlessly integrated as possible. Apple iCloud uses iOS APIs not available to third parties, locking you in to using either a gimpy service or a gimpy app.

vishnukvmd 5 days ago | parent [-]

You can share and search[1] for your photos from any device on Ente as well, with E2EE.

[1]: https://ente.io/ml

gremlinunderway 5 days ago | parent | prev | next [-]

Is there any third-party validation on these claims of E2EE? Everyone keeps asking for some sort of validation or testing to these claims and everyone is just ignoring them. Without some kind of third-party testing none of this matters, anyone can say whatever they want unless someone can do testing to demonstrate its adherence to this.

fragmede 5 days ago | parent [-]

> As part of our commitment to security assurance, Apple regularly engages with third-party organizations to provide security assurance, certifying and attesting to the security of Apple’s hardware, operating systems, apps, and services. Our goal is to specify certifications that can be recognized by Apple users around the globe.

https://support.apple.com/guide/certifications/intro-to-appl...

epolanski 5 days ago | parent | prev [-]

Apple's E2EE is less safe than a proper one like Proton's (which also has storage, email, calendar). But one has to drink the Apple propaganda and believe it's true.

Also, ADP does not work in UK, at all.

The rest of the message I won't even comment. All things that if you care you get easier on any other device.

And Apple's ad business is booming while other are stagnant.

cmcaleer 5 days ago | parent | next [-]

> Also, ADP does not work in UK, at all.

It does work if you've enabled it before it got disabled back in Feb, and the US successfully managed to get the UK to back off its demands for a backdoor, but it remains to be seen if new UK customers will ever be able to enable ADP again.

atomicthumbs 5 days ago | parent | prev [-]

how is apple's not "proper?"