Viewing a single comment thread. View all comments

TimeWastingAuthority t1_izbwzxk wrote

In other news, data in iCloud servers is not currently encrypted.. giving credence to my theory that The Fappening was the result of an iCloud data breach rather than a series of spearfishing attacks.

326

SsiSsiSsiSsi t1_izc0077 wrote

It is encrypted, but not E2E encrypted; Apple has the keys and in theory could decrypt it on request from a government. This new policy will change that, even Apple won’t be able to decrypt your stuff, not even in principle.

190

AccomplishedDrag9882 t1_izccrci wrote

they will scan your handset before you back it up however

12

tricheboars t1_izclbmw wrote

The child porn scan program or whatever was also canceled

21

Technoist t1_izd6fcq wrote

Source on it being cancelled? I think they just delayed it for a bit.

Also I’d rather just call it for what it is: a backdoor.

These news about them having all the data end to end encrypted is GREAT news though and would put them ahead of competitors like Google, Dropbox, Microsoft etc.

People need to understand that these cloud companies have the keys to your data even though it is encrypted.

−2

mystateofconfusion t1_izd99q9 wrote

Last paragraph on the actual article posted, among many others.

12

Technoist t1_izdc9gv wrote

Thanks, but it says stopped, not cancelled. I read that as halted. The source they link to is behind a paywall. I haven’t seen an official statement about it.

Edit: here a link saying the information has been removed from the website but the “plans are unchanged” and it will come (1 year old however): https://appleinsider.com/articles/21/12/15/apples-hold-on-implementing-on-device-csam-photo-monitoring-may-be-permanent

−3

nickh4xdawg t1_izewdtf wrote

Craig confirmed it in an interview yesterday. Your link is a whole year old. It’s officially cancelled.

4

[deleted] OP t1_ize0xc9 wrote

[deleted]

0

nickh4xdawg t1_izewqaz wrote

You and him are both wrong that’s why he’s being downvoted. It was confirmed yesterday by Craig that it’s cancelled. https://9to5mac.com/2022/12/07/apple-confirms-that-it-has-stopped-plans-to-roll-out-csam-detection-system/ here’s a source newer than a year ago.

7

reckless_commenter t1_izdqhwv wrote

Dropbox used to claim that its data was encrypted at rest, without proof or explanation.

Eventually, it became clear that it wasn't, and Dropbox had to roll back its policy to "data is not encrypted at rest, but we have very strict employee policies about how personal data can be accessed..." - which, if I had anything confidential, I would absolutely not trust.

8

Technoist t1_ize3oqg wrote

That’s crazy. What a junk company. Wouldn’t use it unless together with Cryptomator or so but it just seems like a hassle and it just feels wrong to give them any money at all.

2

Iormungand t1_izk8cu0 wrote

As someone in IT and Security for over a decade..... Do people actually have widespread beliefs that cloud services are secure from the operators of that service? That's always going to be the exception (maybe changing with moves like this?)

1

Technoist t1_izkfz0v wrote

Oh yes, I’ve heard and read plenty of people argue that iCloud (and similar services) is 100% private because the “data is encrypted”. I bet the majority have no idea. If they even care.

1

2_Spicy_2_Impeach t1_izc2g7d wrote

It’s encrypted with Apple’s keys. That was social engineering and lack of 2FA.

53

qwerty12qwerty t1_izdaqd2 wrote

I’ve always found that just didn’t sit right, mainly because it just seemed too coordinated. I would understand maybe a few celebrities. Maybe a couple dozen photos. Spread out over months. Instead we got 500+ pictures dropped in a single night of every mainstream celebrity from Emma Watson to Avril Lavigne, even Vanessa Hudgens and Jennifer Lawrence. Then months later, got a second drop of a few hundred more. There were 4 fappenings total, the pirate bay showing a 7.2 GB zipped file.

I don’t discount the social engineering aspect of it, it’s just that you would have to have behind the scenes at least a dozen people with the charisma of Ted Bundy to pull this off in the time frame all these photos were hacked. That could have all happened though.

But compare that to the alternative. Some hackers exploit a flaw in iCloud and drop the fappening. Until Apple patched the security flaw, even if it was only a few days, people now knew there was a flaw, and exploited it

2

2_Spicy_2_Impeach t1_izdc4dp wrote

People are dumb and adding 2FA wasn't nearly as big for the general public in 2014. You get one celebrity, then you check their contacts to springboard from there.

If you found a flaw in iCloud that would allow you to pull anyone's iCloud backups, you wouldn't waste that on celebrities. You'd start looking at government officials and/or sell the exploit to a nation that's not the US for a king's ransom.

Social engineering works. That's why it's still so popular.

13

PaperclipStrategy t1_izdtmi6 wrote

>"...You'd start looking at government officials and/or sell the exploit to a nation..."

maybe if your a state-actor but i recall when that U.S. pipeline management software got infected with ransomware, the russian hackers practically shit themselves when they realized the impact of their effect on international geopolitics --At least as i understood it.

1

2_Spicy_2_Impeach t1_izebjr9 wrote

If you were a state sponsored, you’d never waste your time on celebrities with an exploit like that. Again, if you had an exploit like this, you could charge whatever you want. It’d eventually leak as well since you would be offering iCloud backup access to almost anyone for a fee. Even at trial for the guy at the center of this, they found it was phishing emails that got his 100+ victims.

3

rangeDSP t1_izc6x3r wrote

Wait, iCloud data has never been end to end encrypted. I thought this is public knowledge?

Only niche cloud storage services (like MEGA) have end-to-end encryption. Apple would be the first of the big players to have it.

20

happyscrappy t1_izc8ovb wrote

What does "encrypted" even mean in this case?

If it's not E2E then the information needed to decrypt it is on their servers. So does it really matter if it is "encrypted"?

It's really unlikely the Fappening was due to someone compromising Apple's servers. Compromising their servers and then stopping at that?

Paris Hilton's password was the name of her dog. Social engineering is very powerful on people who aren't trying to secure their accounts.

7

Gareth79 t1_izcgcxc wrote

It means the data is unreadable if you have access to the servers directly, eg. by stealing them physically, or by a low-level hack getting access to the filesystem. I don't know if Apple need the keys for any routine access, but they will be stored and handled separately and likely very securely.

2

happyscrappy t1_izch8es wrote

> It means the data is unreadable if you have access to the servers directly, eg. by stealing them physically, or by a low-level hack getting access to the filesystem.

You're seriously concerned about stealing drives physically?

And the data is not likely stored as files in a filesystem. But instead of a more capable database.

> but they will be stored and handled separately and likely very securely.

If they are employable on every use then they have to be at hand. You're thinking they can hack far enough in to get to everything on the machines but the keys?

1

Gareth79 t1_izclry6 wrote

Apple will definitely be concerned about physical server theft, yes. Virtually all modern cloud platforms use encryption at rest to protect against this.

8

happyscrappy t1_izdfckf wrote

> Apple will definitely be concerned about physical server theft, yes. Virtually all modern cloud platforms use encryption at rest to protect against this.

All data is encrypted at rest now. Because whether it is stored on SSD or HDD the data in encrypted by the storage device to whiten it. The question then comes where are the keys? For a drive the whitening keys are on the drive, you steal the drive you get the keys. So that encryption at rest does nothing for you.

So the question is does other additional encryption at rest you put on top do anything for you? It depends. If they steal enough drives they get your keys as well as the data. So the encryption at rest nothing for you.

0

Gareth79 t1_izdnln2 wrote

You appear to be talking nonsense.

4

happyscrappy t1_izeszqq wrote

No. I'm not.

They whiten data because if you don't, if the data has far more 0s than 1s (or vice versa) then it creates a local imbalance in charge level on the disk (or NAND sector). If the local imbalance is large enough it affects other data nearby (that's how magnetic fields work).

So as I said, all data is encrypted at rest now. So, as is nearly always the case for security the real question comes down to key management, not "whether it's encrypted".

E2E would mean that the keys are generated by the client each time it connects. And then presumably it is not written down (it better not be). So no one can steal drives and end up with the keys.

Is this the case for your idea of putting other encryption at rest on top but without E2E? Is it adding appreciable security?

1

qwerty12qwerty t1_izdb0zn wrote

I don’t necessarily think it’s at rest, doing so would exponentially increase your computing power. But it’s probably something like Windows a bit locker. Where the entire drive is encrypted when you turn it on, requiring a key to even boot. To steal a drive, the power would be disconnected. Or some other thing to trigger a shut down/require the key.

−2

Gareth79 t1_izdo06d wrote

Bitlocker encrypts when the feature is enabled, not when the computer is "turned on". Every read and write requires encryption/decryption of the data. It doesn't "exponentially" increase the computing power required, modern CPUs have AES acceleration: https://en.wikipedia.org/wiki/BitLocker

3

Volitank t1_izd4clg wrote

The accounts that read the data would likely have a method of utilizing the keys. I would assume a different key per account.

Authentication is handled separately from the database itself. A breach of a single database host, even as root, would not mean you're able to view the data in plain text or have access to the keys.

It could be decrypted in stream. User authenticates into the system, it then grabs the encrypted data in the database, decrypts it outside of that host using their key and sends them the decrypted data.

Of course I don't know Apples infrastructure exactly but encryption is definitely not useless in this regard.

1

happyscrappy t1_izdf60m wrote

> Authentication is handled separately from the database itself. A breach of a single database host, even as root, would not mean you're able to view the data in plain text or have access to the keys.

A breach of a single database host isn't even going to tell you who the data is associated with.

> It could be decrypted in stream. User authenticates into the system, it then grabs the encrypted data in the database, decrypts it outside of that host using their key and sends them the decrypted data.

Yes, it could be. It hardly matters. Unless it is E2E the key to decrypt it is there on the host that sends it. They just compromise that host instead.

1

Sorry-Ad8909 t1_izc8hz9 wrote

Bro the fappening has a wiki what is life

3

sjfiuauqadfj t1_izc9y91 wrote

a lot of memes have wiki pages so long as its notable enough

8

Paraphrand t1_izdfnb1 wrote

The internet and computers are just tools and mediums for real people to do real things. They are not some magical other place.

2

LevelStudent t1_izc6joe wrote

It's interesting how they managed to dance around this.

At the very least you'd expect it to have killed the reputation of iCloud, but it appears people are still using it and still happily uploading private data and images. I don't even remember Apple being mentioned during the whole fiasco when they should have been the primary focus.

−9