Apple today introduced Advanced Data Protection for iCloud, a new feature that uses end-to-end encryption to protect sensitive iCloud data, including backups, photos, notes, and more.

For customers who choose to enable this new security feature, Advanced Data Protection is designed to protect “most iCloud data even in the event of a cloud data breach” by ensuring that encrypted cloud data cannot be decrypted only on users’ trusted devices. .

Those who register will first be prompted to choose an alternate recovery method (device passcode or password, recovery contact or personal recovery key) required if they lose the access to their Apple account. This is necessary because Apple will not have the decryption keys to recover the data.

Data types protected using end-to-end encryption include device and message backups, iCloud Drive, photos, notes, reminders, Safari bookmarks, Wallet passes, voice memos, Siri shortcuts, etc.

iCloud Mail, Contacts, and Calendar data will not be encrypted because it is needed to communicate with other mail, contacts, and calendar systems.

“Starting with iOS 16.2, iPadOS 16.2, and macOS 13.1, you can choose to turn on Advanced Data Protection to protect the vast majority of your iCloud data, even in the event of a cloud data breach,” Apple Explain on its support website.

Users can also disable backup encryption at any time, and their devices will securely upload encryption keys to Apple servers (their accounts will automatically revert to standard data protection).

Advanced Data Protection is already available in the US for customers enrolled in Apple’s beta software program and will be available nationwide later this month. It will begin rolling out to users outside of the United States in early 2023.

“Advanced Data Protection is Apple’s highest level of cloud data security, giving users the choice to protect the vast majority of their most sensitive iCloud data with end-to-end encryption so it cannot be decrypted. only on their trusted devices,” said Ivan Krstić, head of engineering and security architecture at Apple.

Advanced Data Protection for iCloud
Advanced Data Protection for iCloud (Apple)

Apple today also introduced two additional security features: iMessage Ignition Key Verification and Apple ID Security Keys.

The first allows iMessage users to verify the identity of people on the other end of the line and alerts them if a malicious actor manages to add their own device to the conversation to spy on their encrypted communication channel.

“Now, with iMessage Contact Key Verification, users facing extraordinary digital threats – such as journalists, human rights activists and members of government – can choose to verify more than they are only communicating with the people they want,” Apple said.

The second allows Apple customers to configure their Apple ID account to require a physical security key to complete the sign-in process.

“This feature is designed for users who, often due to their public profile, face concerted threats to their online accounts, such as celebrities, journalists, and government officials,” Apple added.

Today’s announcement follows the release of iOS 16 in September, when Apple introduces more features to enhance security and privacy for iPhone usersincluding lock mode and security check.

first unveiled in July, Lock Mode defends high-risk individuals such as human rights defenders, journalists and dissidents against “extremely rare and highly sophisticated cyberattacks” such as targeted deployments of mercenary spyware.

On the other hand, the security check The Privacy Tool provides users whose personal security is in immediate danger with an emergency reset for their account security and privacy permissions to block those they no longer want to be connected to.


Source link