An option, totally agree 🙂
My point is that probably most people wouldn’t want to loose all their data if they lost their password. Even worse, turn on something like this without understanding it, loosing their secret, then blaming Apple.
Conversation
Most people may not want that, but a lot of people would want to use the option. That's how it works with Bitcoin wallets where people can manage/store their own keys and use backup solutions like cryptosteel.com/product/crypto rather than just writing down the seed phase on paper.
1
1
The backup feature in GrapheneOS uses a BIP39 seed phrase like a Bitcoin wallet so it's compatible with those storage mechanisms. It asks the user to write it down / record it and then asks it to be entered, demonstrating they did actually back it up. Up to them beyond that.
1
1
Security keys an are a option where people don't actually have to manually write it down. It only costs a few dollars to produce those and they could be bundled with other products. Nice having at least one physical backup that's not digital though.
1
1
And continuing with Bitcoin as an example, it's true that a lot of people simply trust exchanges to hold onto their money. It's possible that even most Bitcoin users do that.
However, a LOT of people do own / control their own keys and the seed phrase approach works really well.
2
2
Don’t disagree with any of this.
My only point is that it’s a design trade off Apple are making; not a simple choice that therefore implies they are after your data. 1/2
2
Another thing to account for is that iCloud these days can be used to _share_ data; that fundamentally can’t be done with complete encryption.
So if you turned on this feature you would have to turn off the sharing features and stuff starts getting complex quickly!
1
It can be done by using public key encryption under the hood. Each user can have a public key based on the seed for their end-to-end encryption and then other users can share data with them. Can be done efficiently by having per-file key normally encrypted with only your own key.
2
Given this a few reads 😂
Does this not mean you have to store a copy of the data yourself; same as WhatsApp shared messages?
Again, it’s a solution, but not the aim of shared cloud storage…
1
Cloud storage can have a key for each file stored alongside it encrypted itself. Keys can be stored encrypted by a key that's only available on the user's devices. If they share it with people, they can have copies of the key encrypted with the pub key of each person with access.
1
Lots of end-to-end encrypted messaging apps have support for cloud storage of the messages which can be synced to a new device once it's properly paired.
The keys being local doesn't imply that the data and keys encrypted with them also have to be local.
In order not to kill everyone’s notification, I’ll DM you, interested… 🙂