Encrypted Backups … The Backdoor Into Your Life, or a User Disaster in the Making?
Good or bad?
Bill Buchanan OBE
I’ve have used an Apple Macbook Pro for many years, and it has served me well. While Windows often feels like it is still the same old operating system that I used in the 20th Century, undernealth, my Mac can drop happily into a near native Unix-like terminal. It seems, too, that Apple has always taken their security seriously, and their security settings on devices just seem so natural to use. And so with our devices holding virtually every single part of our lives, it has never been so important for encryption to play a core part in every aspect of storage, transporting and processing our data. This must increasing include the backup of data.
But how should we backup? Should we backup to a trusted vendor, and who will keep a copy of our encryption key — just in case we lose it? Or should we go for a full end-to-end backup, and where the user stores the key, and only they can recover it. For many investigators, encryption is the method that give them cold sweats, and a world with complete end-to-end encryption would possibly shut the door on a mine of data.
So how will the tech companies improve security, whilst keeping law enforcement agencies off the back. The answer is … backups to the Cloud. If these are made non-encrypted, or where the key is stored with the backup, it gives law enforcement agencies a way to monitor and trace user activity. The greatest threat to this would be end-to-end encryption of backups, and where the user holds the encryption key. It is here that tech companies are walking a tighrope.
With WhatsApp, we naturally use end-to-end encryption, and where Facebook itself cannot crack the communication channel. But WhatsApp now back-up its messages to the Cloud, and it is here that investigators can search data.
Over the past few years, Apple received over 127,000 requests from US law enforcement agencies for information, and have generally not actively cracked the information held on their devices. This has sent a strong message to their customers, that they respect their privacy. But in the case of Pensacola investigation, Apple did release data from iCloud backups.
And so now it has been revealed that Apple have dumped plans for end-to-end encrypted data backups into their iCloud, bowing to possible pressure from the FBI. One of the reasons given by Apple is that they just didn’t want to be responsible for users losing their passwords for the key generation process. At present Apple stores a copy of a user’s encryption key, and can thus recover their backups. But the next backup service included an end-to-end encryption service, and where not even Apple could recover the encrypted data.
One must wonder, though, that the only way for Apple and other tech companies to keep both the user and law enforcement agencies, is to store an encryption key for their backups on their system. Obviously, this leaves the backups open to an insider threat, and one must wonder how much these backups could be sold for, and if they could lead to a massive data breach.
As a final aside, I like virtually everything about Mac OSX, but iCloud is still a disaster area, and I have regularly lost documents, and where updates have introduced a whole lot of bugs. It is the one piece of software from Apple that I don’t actually trust, and have little idea about how it actually works.
Bill Buchanan OBE
Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.