I wonder if the new models are sold already encrypted, or one needs to
add encryption after purchase.

On 19.11.23 13:21, Cameo wrote:
> I wonder if the new models are sold already encrypted, or one needs to
> add encryption after purchase.

https://support.apple.com/guide/security/encryption-and-data-protection-overview-sece3bee0835/web

Google defect on the other side of the pond?

--
"Gutta cavat lapidem." (Ovid)

On 2023-11-19 07:21, Cameo wrote:
> I wonder if the new models are sold already encrypted, or one needs to
> add encryption after purchase.

That's a cryptically vague question as you're not being clear about
"what" is to be encrypted.

There is nothing you need to add. However, there are apps you may want
to use that are not from Apple that use encryption - such as Signal (a
communication app).

A new iPhone is a blank slate from the user's POV. As you set up the
phone all data you enter is kept encrypted locally and the keys are
controlled by iOS (and for models going back many years such keys are
kept in the Secure Enclave which is only accessed when the system knows
it is you using it (password, Touch/FaceID)).

Content that you add is encrypted using keys created for you based on
your credentials. So a "dead" iPhone could not be read if someone
removed the SSD memory and put it onto a reader - it would be random
numbers.

--
“Markets can remain irrational longer than your can remain solvent.”
- John Maynard Keynes.

On 11/19/2023 4:41 PM, Alan Browne wrote:
> On 2023-11-19 07:21, Cameo wrote:
>> I wonder if the new models are sold already encrypted, or one needs to
>> add encryption after purchase.
>
> That's a cryptically vague question as you're not being clear about
> "what" is to be encrypted.
>
> There is nothing you need to add.  However, there are apps you may want
> to use that are not from Apple that use encryption - such as Signal (a
> communication app).
>
> A new iPhone is a blank slate from the user's POV.  As you set up the
> phone all data you enter is kept encrypted locally and the keys are
> controlled by iOS (and for models going back many years such keys are
> kept in the Secure Enclave which is only accessed when the system knows
> it is you using it (password, Touch/FaceID)).
>
> Content that you add is encrypted using keys created for you based on
> your credentials.  So a "dead" iPhone could not be read if someone
> removed the SSD memory and put it onto a reader - it would be random
> numbers.

Thanks. My question was prompted by a story a few years ago, when the
FBI wanted to know what was on the iPhone of a terrorist, but could not
brake its encryption. So it asked the help of Apple Co., but its CEO,
Tim Cook refused and was even willing to go to jail for his refusal.
Eventually, FBI found somebody who could help them, but we never found
out how and who the helper was. I suspect it was a former Apple employee
who knew about some backdoor to the phone.
From that story I assumed that iPhones come encrypted to the users, but
I am not sure that it is still the case.

Cameo <cameo@unreal.invalid> wrote:
> On 11/19/2023 4:41 PM, Alan Browne wrote:
>> On 2023-11-19 07:21, Cameo wrote:
>>> I wonder if the new models are sold already encrypted, or one needs to
>>> add encryption after purchase.
>>
>> That's a cryptically vague question as you're not being clear about
>> "what" is to be encrypted.
>>
>> There is nothing you need to add.  However, there are apps you may want
>> to use that are not from Apple that use encryption - such as Signal (a
>> communication app).
>>
>> A new iPhone is a blank slate from the user's POV.  As you set up the
>> phone all data you enter is kept encrypted locally and the keys are
>> controlled by iOS (and for models going back many years such keys are
>> kept in the Secure Enclave which is only accessed when the system knows
>> it is you using it (password, Touch/FaceID)).
>>
>> Content that you add is encrypted using keys created for you based on
>> your credentials.  So a "dead" iPhone could not be read if someone
>> removed the SSD memory and put it onto a reader - it would be random
>> numbers.
>
> Thanks. My question was prompted by a story a few years ago, when the
> FBI wanted to know what was on the iPhone of a terrorist, but could not
> brake its encryption. So it asked the help of Apple Co., but its CEO,
> Tim Cook refused and was even willing to go to jail for his refusal.
> Eventually, FBI found somebody who could help them, but we never found
> out how and who the helper was. I suspect it was a former Apple employee
> who knew about some backdoor to the phone.
> From that story I assumed that iPhones come encrypted to the users, but
> I am not sure that it is still the case.
>
>
>

This topic was discussed during that period and it was hotly debated
whether Apple builds a back door into iOS. I’m sure you can imagine who
denied it madly.

Regardless of whether it’s true or not, it seems prudent to me to have a
back door built in if even just for troubleshooting purposes.

On 2023-11-19 15:53, Cameo wrote:
> On 11/19/2023 4:41 PM, Alan Browne wrote:

>> Content that you add is encrypted using keys created for you based on
>> your credentials.  So a "dead" iPhone could not be read if someone
>> removed the SSD memory and put it onto a reader - it would be random
>> numbers.
>
> Thanks. My question was prompted by a story a few years ago, when the
> FBI wanted to know what was on the iPhone of a terrorist, but could not
> brake its encryption. So it asked the help of Apple Co., but its CEO,
> Tim Cook refused and was even willing to go to jail for his refusal.

Apple will happily comply with a court order to hand over data to the
authorities. What Cook did not want to do was supply the FBI with a
backdoor kit that they could use w/o oversight of the courts (that's how
I recall it).

Therefore Cook was at 0 risk of going to jail.

> Eventually, FBI found somebody who could help them, but we never found
> out how and who the helper was. I suspect it was a former Apple employee
> who knew about some backdoor to the phone.

No - they farmed out the contract to some co. in Australia or NZ as I
recall (I may be mistaken). They used a hardware brute force attack to
get in. (rapidly try millions of passwords but keep re-setting the try
count to 1 or some variation of such so the phone would not lock).

> From that story I assumed that iPhones come encrypted to the users, but
> I am not sure that it is still the case.

They don't "come encrypted" but all data you "add to it" is encrypted as
a matter of design. The key management is, er, key to it all.

--
“Markets can remain irrational longer than your can remain solvent.”
- John Maynard Keynes.

On 2023-11-19, Cameo <cameo@unreal.invalid> wrote:
> On 11/19/2023 4:41 PM, Alan Browne wrote:
>> On 2023-11-19 07:21, Cameo wrote:
>>> I wonder if the new models are sold already encrypted, or one needs
>>> to add encryption after purchase.
>>
>> That's a cryptically vague question as you're not being clear about
>> "what" is to be encrypted.
>>
>> There is nothing you need to add.  However, there are apps you may
>> want to use that are not from Apple that use encryption - such as
>> Signal (a communication app).
>>
>> A new iPhone is a blank slate from the user's POV.  As you set up the
>> phone all data you enter is kept encrypted locally and the keys are
>> controlled by iOS (and for models going back many years such keys are
>> kept in the Secure Enclave which is only accessed when the system
>> knows it is you using it (password, Touch/FaceID)).
>>
>> Content that you add is encrypted using keys created for you based on
>> your credentials.  So a "dead" iPhone could not be read if someone
>> removed the SSD memory and put it onto a reader - it would be random
>> numbers.
>
> Thanks. My question was prompted by a story a few years ago, when the
> FBI wanted to know what was on the iPhone of a terrorist, but could
> not brake its encryption. So it asked the help of Apple Co., but its
> CEO, Tim Cook refused and was even willing to go to jail for his
> refusal.

Jail was never in the cards, and the government has no constitutional
right to force employees of a company to break the encryption of the
company's products, which is why the FBI withdrew their case.

> Eventually, FBI found somebody who could help them, but we never found
> out how and who the helper was.

We did find out. It was a security researcher in Australia who figured
out how to break into the specific version of iOS that was running on
the iPhone 5c that the terrorist was using at the time.

> I suspect it was a former Apple employee who knew about some backdoor
> to the phone.

Nope. There is no intentional backdoor access to iPhones.

> From that story I assumed that iPhones come encrypted to the users,
> but I am not sure that it is still the case.

It's always been the case, and Apple has doubled down on security since
then.

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

On 2023-11-19, badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
> Cameo <cameo@unreal.invalid> wrote:
>> On 11/19/2023 4:41 PM, Alan Browne wrote:
>>> On 2023-11-19 07:21, Cameo wrote:
>>>> I wonder if the new models are sold already encrypted, or one needs
>>>> to add encryption after purchase.
>>>
>>> That's a cryptically vague question as you're not being clear about
>>> "what" is to be encrypted.
>>>
>>> There is nothing you need to add.  However, there are apps you may
>>> want to use that are not from Apple that use encryption - such as
>>> Signal (a communication app).
>>>
>>> A new iPhone is a blank slate from the user's POV.  As you set up
>>> the phone all data you enter is kept encrypted locally and the keys
>>> are controlled by iOS (and for models going back many years such
>>> keys are kept in the Secure Enclave which is only accessed when the
>>> system knows it is you using it (password, Touch/FaceID)).
>>>
>>> Content that you add is encrypted using keys created for you based
>>> on your credentials.  So a "dead" iPhone could not be read if
>>> someone removed the SSD memory and put it onto a reader - it would
>>> be random numbers.
>>
>> Thanks. My question was prompted by a story a few years ago, when the
>> FBI wanted to know what was on the iPhone of a terrorist, but could
>> not brake its encryption. So it asked the help of Apple Co., but its
>> CEO, Tim Cook refused and was even willing to go to jail for his
>> refusal. Eventually, FBI found somebody who could help them, but we
>> never found out how and who the helper was. I suspect it was a former
>> Apple employee who knew about some backdoor to the phone. From that
>> story I assumed that iPhones come encrypted to the users, but I am
>> not sure that it is still the case.
>
> This topic was discussed during that period and it was hotly debated
> whether Apple builds a back door into iOS. I’m sure you can imagine
> who denied it madly.

Just as you can imagine who claimed it was the case without a shred of
evidence to back up those claims.

> Regardless of whether it’s true or not, it seems prudent to me to have
> a back door built in if even just for troubleshooting purposes.

Only to those who know nothing about security.

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

On 2023-11-20, Alan Browne <bitbucket@blackhole.com> wrote:
> On 2023-11-19 15:53, Cameo wrote:
>> On 11/19/2023 4:41 PM, Alan Browne wrote:
>
>>> Content that you add is encrypted using keys created for you based on
>>> your credentials.  So a "dead" iPhone could not be read if someone
>>> removed the SSD memory and put it onto a reader - it would be random
>>> numbers.
>>
>> Thanks. My question was prompted by a story a few years ago, when the
>> FBI wanted to know what was on the iPhone of a terrorist, but could not
>> brake its encryption. So it asked the help of Apple Co., but its CEO,
>> Tim Cook refused and was even willing to go to jail for his refusal.
>
> Apple will happily comply with a court order to hand over data to the
> authorities. What Cook did not want to do was supply the FBI with a
> backdoor kit that they could use w/o oversight of the courts (that's how
> I recall it).
>
> Therefore Cook was at 0 risk of going to jail.

Yes, and notably, Apple executives went on record stating no such
backdoor existed and that Apple employees were not legally required to
create one. There was no constitutional basis for the government's
demands.

>> Eventually, FBI found somebody who could help them, but we never found
>> out how and who the helper was. I suspect it was a former Apple employee
>> who knew about some backdoor to the phone.
>
> No - they farmed out the contract to some co. in Australia or NZ as I
> recall (I may be mistaken). They used a hardware brute force attack to
> get in. (rapidly try millions of passwords but keep re-setting the try
> count to 1 or some variation of such so the phone would not lock).

Correct. It was in Australia, and that method of breaking into iPhones
no longer exists..

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

Alan Browne <bitbucket@blackhole.com> wrote

>> Eventually, FBI found somebody who could help them, but we never found
>> out how and who the helper was. I suspect it was a former Apple employee
>> who knew about some backdoor to the phone.
>
> No - they farmed out the contract to some co. in Australia or NZ as I
> recall (I may be mistaken). They used a hardware brute force attack to
> get in. (rapidly try millions of passwords but keep re-setting the try
> count to 1 or some variation of such so the phone would not lock).

As badgolferman remembered, we hotly debated this topic at the time, and
even nospam, of all people, agreed James Comey was playing political games.

At that time, there were _hundreds_ of iPhones in locked storage in New
York, for example, that the authorities wanted to get access to - but (as
it was later reported and intelligent people knew all along) James
Comey picked _that_ one particular specific San Bernardino phone because of
the news and emotion attached to it.

Funnily enough, that was a government-owned iPhone so they had all the
backups except the last one (which turned out to contain nothing new).

It was just a game Comey was playing - as he's a political animal to the
core - and he knew all the emotion for that phone was in his favor.

People, in general, are incredibly stupid - and Comey was banking on that.

Apple made a very public stance - but behind doors Apple easily gave Comey
everything he had asked for that Apple had on the iCloud data (as they
should, because iCloud data is not encrypted under many common situations).

In the end, it turned out all iPhones at the time were already hacked.
But that's not what Comey wanted - but he had to "go through the motions"
of getting everything off the phone - which was trivial - but that wasn't
what Comey really wanted from the start.

BTW, it took nothing but a contract to Israeli firm (as I recall) to open
the iPhone wide, but the government had never cared about the data (they
already had it from their own backups and Apple gave them the iCloud data).

The lesson we learned from this was that all iPhones are already wide open.
And that you have to be intelligent to understand what's really going on.
--
Never forget Apple only advertises security & privacy is on the iPhone.
The fact is that security and privacy have never existed on the iPhone.

Cameo <cameo@unreal.invalid> wrote

> I wonder if the new models are sold already encrypted, or one needs to
> add encryption after purchase.

Most people are incredibly ignorant of the encryption options you have.
Even for iOS.

Nobody who responded to date had any awareness that this exists for iOS:
<https://disk-decipher.app/>
<https://apps.apple.com/nl/app/disk-decipher/id516538625>

It reads/writes using an extremely useful & very powerful concept called:
*Encrypted Containers*
Which are cross-platform compatible (iOS, Android, macOS, Windows, Linux).

The same encrypted container.
On all platforms.

Fancy that.
Cross platform encrypted files.

I use it all the time.
And have done so for years.

But most (if not almost all) iOS owners are ignorant of the concept.
They don't understand the concept of cross-platform compatibility.

Your encrypted data on Windows reads/writes on Android and on Linux.
The very same encrypted data also reads/writes on iOS and macOS.

What a concept.
But you'll never get cross platform compatibility from Apple.

So you'll need third-party software, which is FOSS on all platforms.
Well, it's FOSS on all platforms... _except_ on iOS, that is.

The classic FOSS program to create encrypted container files is Veracrypt.
<https://www.veracrypt.fr/code/VeraCrypt/>

It has the strongest encryption you'll ever have access to, and it can
encrypt within a container (and nobody can tell that's what you did).

What I do is keep private data (e.g., medical records) in an encrypted
container which is synced to all my phones so it's always with me.

For example, a TrueCrypt / Veracrypt compatible FOSS app is EDS Lite.
<https://sovworks.com/eds/>
<https://github.com/sovworks/edslite>
<https://f-droid.org/packages/com.sovworks.edslite/>
<https://play.google.com/store/apps/details?id=com.sovworks.edslite>

Last I asked for a free TrueCrypt / Veracrypt compatible program on iOS,
nospam and the rest of the iKooks said *not needed* and *nobody wants it*.

Running a search for a iOS TrueCrypt / Veracrypt compatible program,
this question has an answer which suggests the "Disk Decipher" iOS app.
<https://www.reddit.com/r/privacy/comments/z7eg2w/eds_lite_replacement_for_ios/?rdt=58213>

In summary, the concept of cross platform encrypted containers is a
fantastic way of reading/writing encrypted data on any platform.
--
*I bought an iPhone that was missing all basic hardware functionality*
*And I was told to feel _courageous_ about doing that*

Jolly Roger <jollyroger@pobox.com> wrote

>> This topic was discussed during that period and it was hotly debated
>> whether Apple builds a back door into iOS. I�m sure you can imagine
>> who denied it madly.
>
> Just as you can imagine who claimed it was the case without a shred of
> evidence to back up those claims.
>
>> Regardless of whether it�s true or not, it seems prudent to me to have
>> a back door built in if even just for troubleshooting purposes.
>
> Only to those who know nothing about security.

This post is intended to add value to the solution of the problem set.

I will agree with anyone who makes a sensible statement, regardless of what
nym they fabricate on the header (pretty wrapping paper), where I will
agree with what Jolly Roger says & disagree with badgolferman's statement.

a. I doubt Apple put in a back door (but I wouldn't know for sure);
b. It's not a good idea to put in a back door (for security reasons).

Having stated I agree with Jolly Roger on this issue, whether or not they
created a back door, I'd suggest people consider encrypted container files.

For example, this iOS app reads/writes the same encrypted container files
that people read and write all day every day on all the other platforms.
<https://disk-decipher.app/>
<https://apps.apple.com/nl/app/disk-decipher/id516538625>

The beauty of VeraCrypt/TrueCrypt/Luks encrypted containers is that they're
cross platform compatible, so the same container you use on Windows works
on the Mac and it works on Linux and Android and on iOS.

That iOS app says it reads/writes any of these file types:
TrueCrypt, VeraCrypt, FreeOTFE, LUKS & Apple Disk Image (encrypted DMG)
--
Usenet is a venue for intelligent people to widely share their knowledge.

Jolly Roger <jollyroger@pobox.com> wrote

> Tim Cook refused and was even willing to go to jail for his
>> refusal.
>
> Jail was never in the cards, and the government has no constitutional
> right to force employees of a company to break the encryption of the
> company's products, which is why the FBI withdrew their case.

I will agree with anyone who proposes a sensible viewpoint.

I agree with Jolly Roger that it's absurd for Alan Browne to claim that Tim
Cook was at _any_ risk whatsoever (not even a side glance) from the FBI.

Alan Browne is desperate to make Tim Cook into a hero; but Tim Cook only
did what was in Apple's best interest - which was to give the FBI
everything Apple had on that phone but not a back door to all phones.

The only way that the government can get access to a back door is
a. If voluntarily Apple lets them (secretly or publicly), or,
b. If Apple is forced (by law) to create it (which would likely be public).

There are times that laws are not made public (e.g., in times of national
security emergencies) but even so, this would put Apple out of business
were word to get out (particularly for Apple sales in other countries), so
there's no reason for Apple to ever let this cat into the bag at all.

>> Eventually, FBI found somebody who could help them, but we never found
>> out how and who the helper was.
>
> We did find out. It was a security researcher in Australia who figured
> out how to break into the specific version of iOS that was running on
> the iPhone 5c that the terrorist was using at the time.

The only reason for _that_ specific phone, was that Comey needed a phone to
make his case and Comey figured _that_ specific phone had political value.

The actual data on the phone they already had since they already had all
the backups save for the very last one (which had nothing useful on it).

>> I suspect it was a former Apple employee who knew about some backdoor
>> to the phone.
>
> Nope. There is no intentional backdoor access to iPhones.

The big security issue with the iPhone is the huge number of zero-day holes
(more than three times that of Android this year for example), many of
which are exploited in the wild (ten times the rate that Android is).
>> From that story I assumed that iPhones come encrypted to the users,
>> but I am not sure that it is still the case.

> It's always been the case, and Apple has doubled down on security since
> then.

Unfortunately, Jolly Roger is fabricating his assessment because he's
basing his assessment only on Apple advertisements & not facts.

The facts are the iPhone is exploited ten times more than Android is:
<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>
--
Most people think that Apple's advertising is true but these same people
also thought that Big Tobacco's advertising was just as true as Apple's is.

On 11/19/2023 10:13 PM, badgolferman wrote:
> Cameo <cameo@unreal.invalid> wrote:
>> On 11/19/2023 4:41 PM, Alan Browne wrote:
>>> On 2023-11-19 07:21, Cameo wrote:
>>>> I wonder if the new models are sold already encrypted, or one needs to
>>>> add encryption after purchase.
>>>
>>> That's a cryptically vague question as you're not being clear about
>>> "what" is to be encrypted.
>>>
>>> There is nothing you need to add.  However, there are apps you may want
>>> to use that are not from Apple that use encryption - such as Signal (a
>>> communication app).
>>>
>>> A new iPhone is a blank slate from the user's POV.  As you set up the
>>> phone all data you enter is kept encrypted locally and the keys are
>>> controlled by iOS (and for models going back many years such keys are
>>> kept in the Secure Enclave which is only accessed when the system knows
>>> it is you using it (password, Touch/FaceID)).
>>>
>>> Content that you add is encrypted using keys created for you based on
>>> your credentials.  So a "dead" iPhone could not be read if someone
>>> removed the SSD memory and put it onto a reader - it would be random
>>> numbers.
>>
>> Thanks. My question was prompted by a story a few years ago, when the
>> FBI wanted to know what was on the iPhone of a terrorist, but could not
>> brake its encryption. So it asked the help of Apple Co., but its CEO,
>> Tim Cook refused and was even willing to go to jail for his refusal.
>> Eventually, FBI found somebody who could help them, but we never found
>> out how and who the helper was. I suspect it was a former Apple employee
>> who knew about some backdoor to the phone.
>> From that story I assumed that iPhones come encrypted to the users, but
>> I am not sure that it is still the case.
>>
>>
>>
>
> This topic was discussed during that period and it was hotly debated
> whether Apple builds a back door into iOS. I’m sure you can imagine who
> denied it madly.
>
> Regardless of whether it’s true or not, it seems prudent to me to have a
> back door built in if even just for troubleshooting purposes.

But then how long could such backdoor be kept secret?

>

On 11/19/2023 4:41 PM, Alan Browne wrote:
> On 2023-11-19 07:21, Cameo wrote:
>> I wonder if the new models are sold already encrypted, or one needs to
>> add encryption after purchase.
>
> That's a cryptically vague question as you're not being clear about
> "what" is to be encrypted.
>
> There is nothing you need to add.  However, there are apps you may want
> to use that are not from Apple that use encryption - such as Signal (a
> communication app).
>
> A new iPhone is a blank slate from the user's POV.  As you set up the
> phone all data you enter is kept encrypted locally and the keys are
> controlled by iOS (and for models going back many years such keys are
> kept in the Secure Enclave which is only accessed when the system knows
> it is you using it (password, Touch/FaceID)).
>
> Content that you add is encrypted using keys created for you based on
> your credentials.  So a "dead" iPhone could not be read if someone
> removed the SSD memory and put it onto a reader - it would be random
> numbers.

So what happens when a family member dies without first sharing access
key to his iPhone? There may be important info on it for the entire family.

Cameo wrote:

>>Regardless of whether it’s true or not, it seems prudent to me to
>>have a back door built in if even just for troubleshooting purposes.
>
>But then how long could such backdoor be kept secret?

Who says it is?

Cameo <cameo@unreal.invalid> wrote:
> On 11/19/2023 4:41 PM, Alan Browne wrote:
>> On 2023-11-19 07:21, Cameo wrote:
>>> I wonder if the new models are sold already encrypted, or one needs to
>>> add encryption after purchase.
>>
>> That's a cryptically vague question as you're not being clear about
>> "what" is to be encrypted.
>>
>> There is nothing you need to add.  However, there are apps you may want
>> to use that are not from Apple that use encryption - such as Signal (a
>> communication app).
>>
>> A new iPhone is a blank slate from the user's POV.  As you set up the
>> phone all data you enter is kept encrypted locally and the keys are
>> controlled by iOS (and for models going back many years such keys are
>> kept in the Secure Enclave which is only accessed when the system knows
>> it is you using it (password, Touch/FaceID)).
>>
>> Content that you add is encrypted using keys created for you based on
>> your credentials.  So a "dead" iPhone could not be read if someone
>> removed the SSD memory and put it onto a reader - it would be random
>> numbers.
>
> So what happens when a family member dies without first sharing access
> key to his iPhone? There may be important info on it for the entire family.

The info/data is lost.

That's why you need to set up legacy contacts on all online accounts.
https://support.apple.com/en-us/HT212360
https://www.theguardian.com/media/2021/apr/11/who-will-deal-with-your-online-presence-when-you-die-how-to-create-a-digital-will

On 2023-11-20 08:55, badgolferman wrote:
> Cameo wrote:
>
>>> Regardless of whether it’s true or not, it seems prudent to me to
>>> have a back door built in if even just for troubleshooting purposes.
>>
>> But then how long could such backdoor be kept secret?
>
>
> Who says it is?

That would be the POINT.

Any backdoor WOULD become known...

....and then used by bad actors.

badgolferman <REMOVETHISbadgolferman@gmail.com> wrote

>>>Regardless of whether it�s true or not, it seems prudent to me to
>>>have a back door built in if even just for troubleshooting purposes.
>>
>>But then how long could such backdoor be kept secret?
>
> Who says it is?

I make only sensible & logical assessments, where in this case, we're not
going to know all the details until decades from now (based on history).

History will tell, where we could dig up the details, but I remember us
discussing literally a "door" to a communications room at Google (or was it
at AT&T?) which the feds had access to, which became known only belatedly.

Just as the tap on the undersea cables (ala the Zimmermann Telegram) only
became known later, and just as the taps on the Russian Embassy telephone
lines only became known later.

Hell, the fact we broke both the Japanese JN24 and German Enigma codes,
knowing how fantastically secure those codes were (and how much faith both
the Japanese and Germans put in them - and they were no slouches), is
evidence that anyone who thinks that Apple's encryption hasn't long been
broken, is a fool (or at last, they're hopelessly overly optimistic).

I assume (based on my extensive knowledge of history alone) that there's
zero chance the feds can't read everything that goes on in Apple's servers.

And we already know from the news reports that Apple is incompetent at chip
design given the huge holes in both the secure enclave and Bionic CPU SOCs.
--
Anyone who thinks an iPhone is secure has absolutely no knowledge about it.

On 2023-11-20 11:42, Cameo wrote:
> On 11/19/2023 4:41 PM, Alan Browne wrote:
>> On 2023-11-19 07:21, Cameo wrote:
>>> I wonder if the new models are sold already encrypted, or one needs
>>> to add encryption after purchase.
>>
>> That's a cryptically vague question as you're not being clear about
>> "what" is to be encrypted.
>>
>> There is nothing you need to add.  However, there are apps you may
>> want to use that are not from Apple that use encryption - such as
>> Signal (a communication app).
>>
>> A new iPhone is a blank slate from the user's POV.  As you set up the
>> phone all data you enter is kept encrypted locally and the keys are
>> controlled by iOS (and for models going back many years such keys are
>> kept in the Secure Enclave which is only accessed when the system
>> knows it is you using it (password, Touch/FaceID)).
>>
>> Content that you add is encrypted using keys created for you based on
>> your credentials.  So a "dead" iPhone could not be read if someone
>> removed the SSD memory and put it onto a reader - it would be random
>> numbers.
>
> So what happens when a family member dies without first sharing access
> key to his iPhone? There may be important info on it for the entire family.

The Apple version of estate planning includes any number of legacy
contacts who will have access to your account upon presentation of
proper credentials (An Apple "key" and a death certificate). So if you
plan your estate and want your data out of Apple devices, you need to
set that up.

NOTE: I haven't delved into it, but I assume that once you have access
to the account, you can gain access to devices.

--
“Markets can remain irrational longer than your can remain solvent.”
- John Maynard Keynes.

On 2023-11-20, Cameo <cameo@unreal.invalid> wrote:
> On 11/19/2023 4:41 PM, Alan Browne wrote:
>> On 2023-11-19 07:21, Cameo wrote:
>>> I wonder if the new models are sold already encrypted, or one needs
>>> to add encryption after purchase.
>>
>> That's a cryptically vague question as you're not being clear about
>> "what" is to be encrypted.
>>
>> There is nothing you need to add.  However, there are apps you may
>> want to use that are not from Apple that use encryption - such as
>> Signal (a communication app).
>>
>> A new iPhone is a blank slate from the user's POV.  As you set up the
>> phone all data you enter is kept encrypted locally and the keys are
>> controlled by iOS (and for models going back many years such keys are
>> kept in the Secure Enclave which is only accessed when the system
>> knows it is you using it (password, Touch/FaceID)).
>>
>> Content that you add is encrypted using keys created for you based on
>> your credentials.  So a "dead" iPhone could not be read if someone
>> removed the SSD memory and put it onto a reader - it would be random
>> numbers.
>
> So what happens when a family member dies without first sharing access
> key to his iPhone? There may be important info on it for the entire
> family.

That's what designated Legacy Contacts are for:

<https://support.apple.com/en-us/HT212360>

Otherwise, that data is gone forever - as it should be. If you want
someone to have access to your accounts and data when you are gone, make
arrangements for it.

It's not a given that everyone necessarily *wants* others to have access
to their data when they are gone. And Apple doesn't violate people's
privacy that way.

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

On 11/20/2023 7:03 PM, Chris wrote:
> Cameo <cameo@unreal.invalid> wrote:
>> On 11/19/2023 4:41 PM, Alan Browne wrote:
>>> On 2023-11-19 07:21, Cameo wrote:
>>>> I wonder if the new models are sold already encrypted, or one needs to
>>>> add encryption after purchase.
>>>
>>> That's a cryptically vague question as you're not being clear about
>>> "what" is to be encrypted.
>>>
>>> There is nothing you need to add.  However, there are apps you may want
>>> to use that are not from Apple that use encryption - such as Signal (a
>>> communication app).
>>>
>>> A new iPhone is a blank slate from the user's POV.  As you set up the
>>> phone all data you enter is kept encrypted locally and the keys are
>>> controlled by iOS (and for models going back many years such keys are
>>> kept in the Secure Enclave which is only accessed when the system knows
>>> it is you using it (password, Touch/FaceID)).
>>>
>>> Content that you add is encrypted using keys created for you based on
>>> your credentials.  So a "dead" iPhone could not be read if someone
>>> removed the SSD memory and put it onto a reader - it would be random
>>> numbers.
>>
>> So what happens when a family member dies without first sharing access
>> key to his iPhone? There may be important info on it for the entire family.
>
> The info/data is lost.
>
> That's why you need to set up legacy contacts on all online accounts.
> https://support.apple.com/en-us/HT212360
> https://www.theguardian.com/media/2021/apr/11/who-will-deal-with-your-online-presence-when-you-die-how-to-create-a-digital-will

Thanks. I didn't know about that. I thought writing down my AppleID for
next of kin, and that would be it.