But in general, the way that most humans "naturally expect" such things to work is simply incompatible with the usually-extremely-convenient nature of computer accounts and cloud services.
Apple has no adequate way to actually verify who anybody is without (a) forcing them to physically visit one of a small number of offices (it can't be every store), and (b) probably charging a significant fee to cover the cost of doing real verification.
And even that demands assuming that the identifying information on the account is right.
I would also force users to watch a video explaining the security features and quiz them before turning them on. You can't expect users to immediately understand how the security model works.
The fact that the government doesn’t have a great standard for identity and it’s left to banks and tech companies is crazy.
Even with their strong privacy fundamentals they know more about their account holders than any single business should.
My bank is able to verify me remotely to login to their app from a new device in under 15 minutes, just with a photo of my ID card and a video of my face. And the bank is liable for any losses caused if they misidentify me.
Why can my bank do it but apple cant?
Banks write off tens of billions of dollars of fraud costs a year. They can do this because money is fungible.
Perhaps even more important, the bank knows exactly what liability it's assuming, and what risk it's exposing you to. There's a limit on how much money the app will let you move (even if the bank doesn't tell you what it is). All the transactions you can do are defined by the bank, it knows what's going on at all times, and it can and does apply extra checks for risky-looking transactions.
And bank transactions in general have a whole reversal-based security layer on top of all that.
On the other hand, people use their Apple accounts to log into God-knows-what third party systems with God-knows-what risks and God-knows-what other security measures or lack thereof.
Oh, and also the bank charges you ongoing overt or hidden fees specifically to cover the costs of securing your money. And of insurance if it fails to do so.
What's in it for Apple? Surely it's easy enough to define some kind of verification process based on various pieces -- phone number, credit card, purchase receipt, etc. -- and requiring a police report to be filed or something.
And this isn't like Google or Facebook where accounts are free, preventing manual account recovery from being scalable. People spend thousands of dollars on Apple devices across phones and laptops and more. People who don't spend money on Apple generally aren't keeping their data in iCloud.
I'm confused because it seems like the rational, profitable thing for Apple to do here is to have these procedures for account recovery. So what's stopping them? Is there some kind of huge liability question if they ever facilitate giving access to the wrong person?
Your opinion seems to be to trivialize how important this can be, which fine you do you, but I think saying it only protects "a few dissidents" is a bit ridiculous.
Every protest I've filmed at I hit the lock button 5 times so it forces a passcode. I feel secure knowing the police can't just take it and start scrolling - they need a warrant or they're bust.
You don't have to be a dissident to need your privacy.
The middle ground option where Apple has the ability to do this but is also somehow able to take a stand against the government is kind of difficult to support, because it doesn't make much sense.
I didn’t know what that meant - so I googled it. And it says something entirely different….
Quote: Pressing the lock button (or side button) five times quickly on an iPhone or many Android devices will activate Emergency SOS. This will prompt a countdown and eventually, if not cancelled, initiate a call to emergency services, potentially alerting emergency contacts and sharing your location.
Personally, I just open the slide-to-turn-off phone screen instead (hold volume + side button for a couple seconds). Once that screen is loaded, it'll require a passcode to unlock after you cancel out.
If the users have enabled Advanced Data Protection and don't have another Apple device, then I can understand why it would be lost for good. But that doesn't seem to be the case in these lawsuits. They make it clear that Apple has access to the data, and could transfer/restore it if they wanted to.
But they don't.
Protecting the contents of peoples devices and accounts with strong encryption and hardware security is great for the individual and protects them from thieves and governments alike. If Apple designed their devices so that they cannot unencrypt the content without the users secret passsword, that's sensible for a lot of users.
But E-Mail Addresses and Accounts are derivatives of your identity and companies should have ways of returning your accounts to you, even if the content is lost, in case of stolen identities.
I am pretty paranoid about this stuff and only store private data using encryption and on trusted devices running mostly hardened FOSS software (Graphene OS, Fedora Secure Blue, OpenSuse MicroOS, etc.) and my backups are rcloned encrypted to the cloud. Yet for my most important e-mail that is bound to paypal, banking, shopping etc. I use posteo. They do this exactly right. I have personally tested contacting their support to return access to the e-mail address in case of a "lost password". After some validation, they returned access for it to me, but the encrypted content was unrecoverable. That is exactly what any responsible company should do.
Various entities will still be able to get to the data, while users might incorrectly assume that that's not the case.
This is what I was thinking as I read the article. Imagine what will be written about them when they do give iCloud access to an impostor. Depending on what's on their account thieves could dedicate a ton of time to social engineering Apple into recovering the account. The article mentions police reports being "proof", but that doesn't seem like solid evidence considering how easy it could be to fake a police report from one of the tens of thousands of jurisdictions in the US. This is a problem for a lot of industries actually, i.e. banks and death certificates.
As long as the people cut off from the walled garden amount to less than a rounding error in Apple's bottom line, they simply don't care. They will only care when a judge forces them to care, as we had to find out the hard way in a class action lawsuit against Apple. We won, but they lost us as lifetime customers. My wife even owns Apple stock and refuses to buy anything else from them and warns others against it. They could have made it right for practically no cost to them, but they chose the dick move, and they were forced to pay out in the end anyway.
Look what happened to the mobile carriers and sim-jacking.
Apple has such a process in place: https://support.apple.com/en-us/118574 (The details aren't all laid out on that web page, but Apple support may ask for information like purchase records to confirm ownership.)
What I think is at issue here is that it will only restore access to an account which is not currently being accessed. If an account is being accessed from a logged-in device, Apple is unwilling to cut off the current user's access to that account and hand it over to another party.
And, quite honestly, I can see where Apple is coming from with this policy. Arbitrating access to a contested account can get really messy (e.g. consider a scenario where an abusive partner is trying to access the victim's online accounts).
An account is supposed to belong to a single person. If you are able to definitively prove that you are that person (for example, by showing up to an Apple store with your ID card), you should be able to restore access to it. An abusive partner won't have access to that.
Refusing restoration when someone else has access to it is understandable, but it works the other way around as well: an abusive partner would be able to prevent the legitimate owner from accessing the account.
I think it's far more likely that Apple just can't be bothered. Dealing with stuff like this is messy and complicated, and they aren't going to lose any revenue from those few thousand people a year losing their account and all their data.
Given the stakes, Cupertino may have decided that it does not wish to arbiter such disputes. Requiring a court order shifts the dispute to that forum.
What on earth are you referring to?
My daughter had her iPhone stolen in L.A. — she immediately wiped it remotely. The thieves were unable to access it.
I got her a new iPhone pretty fast (the budget one) and she was back in business, back in her iCloud account. (She was one of those that saw her device head to Asia. She got a handful of text messages pleading with her to remove the stolen device from her account but she ignored them.)
What, the guy just jumped into the Pacific and started swimming?
https://support.apple.com/en-us/102656
This article seems to make it pretty clear that having a passcode on a signed-in device is enough to reset the password.
One of the big distinctions I make in my life is whether a passcode is being typed in frequently and in view of the public. And since these are shorter codes, the entity on guessing from a distance is much lower.
In the end if you dont backup your data locally, then its not your data and you risk losing it.
If your business shuts down because you lost your phone its your own fault for not mitigating this type of risk enough.
I try to do it every month because I am that type of techie. They don’t make it easy.
For photos, i have a 2TB family plan. There is no export functionality I can centrally backup my families photos and shared albums
The supported way to do this is to use a Mac, force it to store all images locally in settings, then highlight all your albums and File->export
This takes hours. I need to stay connected to my network drive because I don’t have 4TB of local storage on my laptop. If there is a failure it’s game over. You can’t resume or even know what failed. There is a tiny progress bar icon to work with. That’s all
iCloud Drive? Same thing. You need to force it to sync all your files, and there is no way to know if it’s hung or what. You can’t do this as family account owner for everyone.
What about all that app data that is saved to iCloud? I don’t even know how to access that to back it up.
Apple makes many things very easy and other things practically impossible.
Backing up your entire iCloud data for disaster recovery is one of those things that’s basically impossible.
Apple could decrypt and return all the user data in all the cases in the article. They aren't doing that. Some folks are rightly pointing out "what is the point of storing all my stuff in your cloud if you're going to lock me out if I lose my phone?" That's not a backup, that's just paying a monthly fee to store more than what your phone alone can store.
Some facts:
Only the user's devices hold the keys to decrypt the data.
Apple cannot decrypt it, even if served a subpoena.
Just imagine Google letting people "brick" their accounts because they have a password protected PDF in their Google Drive they don't remember the password for...
And that's to say nothing about the not end-to-end encrypted data, which is still the default for most things in iCloud accounts (without ADP enabled).
Trust your government.
"It works well for everyone else, why are you being so weird by not doing what everyone else does?"
Grant the megacorporations control over your entire life.
Your government will protect you from the megacorporations.
"Self hosting? Open source? Linux? You're weird, just get an iPhone."
The megacorporations never make mistakes.
The government never makes mistakes either.
"What's wrong with you? Are you seriously too poor to afford an iPhone? Get a blue bubble already."
The megacorporations never lie to you, they never manipulate you.
Even if they tried, your trustworthy government would stop them.
This message brought to you by social conformity norms that are most certainly NOT subtly reinforced by the same billionaires and trillion dollar companies that benefit from them.
/s
For those interested in the silver bullet to backup iCloud.
Get a Mac mini with enough space for your photo library and wire it into your network. Sign into iCloud.
For photos open the app and change the settings to store full res photos locally.
Enable iCloud desktop and documents sync.
Two options
1 - Sign up for Backblaze and ensure you map the folders from iCloud and photos that are being synced to the device. Let it run and do a full sync. I use this option.
2 - Buy an external drive with a lot of space and use Carbon Copy Cloner to mirror your drive. The caveat is your at the mercy of a local copy that a home fire or electrical incident can destroy.
I like Backblaze for the sheer constant syncing it does and they allow me to set up an encryption key so they don’t have access to my data.
nashashmi•3h ago
lxgr•2h ago
That would be the fact that Apple lets anybody that knows the passcode reset the iCloud password as well, without any further authentication. And the passcode can be shoulder surfed by the thief...
"Stolen device protection" was developed as a response to a wave of such thefts: https://support.apple.com/en-us/120340
It seems like a good step forward but still not perfect, and I believe it's not on by default.
On the other side, with Advanced Data Protection, it seems shockingly easy to permanently lock oneself out of an iCloud account: As far as I understand, there is absolutely no way to recover an account protected that way if the recovery code is lost – not even by deleting all data currently stored on it and starting from scratch (e.g. from a local backup).
Given the fact that an iCloud account doesn't only contain a big pile of data, but access to some purchased products and services (subscriptions, app purchases, iTunes songs, the Apple Card etc.), that seems like a pretty big oversight.
XorNot•1h ago
crote•1h ago