undefined | Better HN

0 pointscodedokode1y ago0 comments

Apple already has a kind of "backdoor": they store the keys for encrypted cloud backups in their cloud as well. They advertise that cloud data are encrypted but prefer not to mention that they also have a key to decrypt it. Even with the highest level of security [1] your contacts list in Apple Cloud are not encrypted. Why? Probably someone asked for this.

[1] https://support.apple.com/en-us/102651

0 comments

EduardoBautista1y ago

No, it’s because the CardDAV standard was not created with encryption in mind. It’s also why calendar and mail are not encrypted in iCloud.

codedokodeOP1y ago

CSV or PNG weren't created with encryption in mind, but one can easily encrypt them. Apple can always make their own proprietary protocol. This doesn't explain anything. However the version that the govt wants to be able to see who is in person't contact list explains it well.

dijit1y ago

If Apple did that, people like me would accuse them of EEE.

We don’t trust proprietary stuff because we’ve been burned by it, if there’s an open standard, even a worse one: use it.

If it’s really that bad, we need to improve the standard.

1 more reply

EduardoBautista1y ago

CSV and PNG are not server protocols like CardDav, CalDav, and IMAP, they are file formats.

j / k navigate · click thread line to collapse

0 comments

EduardoBautista1y ago

No, it’s because the CardDAV standard was not created with encryption in mind. It’s also why calendar and mail are not encrypted in iCloud.

codedokodeOP1y ago

dijit1y ago

If Apple did that, people like me would accuse them of EEE.

We don’t trust proprietary stuff because we’ve been burned by it, if there’s an open standard, even a worse one: use it.

If it’s really that bad, we need to improve the standard.

1 more reply

EduardoBautista1y ago

CSV and PNG are not server protocols like CardDav, CalDav, and IMAP, they are file formats.

j / k navigate · click thread line to collapse