←back to thread

Let's talk about AI and end-to-end encryption

(blog.cryptographyengineering.com)
187 points chmaynard | 3 comments | 17 Jan 25 05:50 UTC | HN request time: 0.201s | source
Show context
natch ◴[17 Jan 25 21:17 UTC] No.42743349[source]
From Apple's document on Advanced Data Protection:

>With Advanced Data Protection enabled, Apple doesn't have the encryption keys needed to help you recover your end-to-end encrypted data.

Apple doesn't have the keys. Somebody else might. Somebody other than you. Also, I think they meant to say decryption keys, although they're probably just dumbing down terminology for the masses.

>If you ever lose access to your account, you’ll need to use one of your account recovery methods

"You'll need to use." Not "there is no way except to use."

>Note: Your account recovery methods are never shared with or known to Apple.

"shared with or known to Apple." Not "shared with or known to anyone else."

The encryption is there, I believe that. I just don't know how many copies of the keys there are. If the only key is with me, it would be super easy for Apple to just say that. I believe that they have said that in the past, but the wording has now changed to this hyper-specific "Apple does not have the key" stuff.

replies(2): >>42743549 #>>42745667 #
1. musicale ◴[18 Jan 25 03:54 UTC] No.42745667[source]
As you suggest, the wording should be clarified to say that the key is never copied, is only stored on your device, is not accessible to others, etc.
replies(2): >>42745860 #>>42746236 #
2. natch ◴[18 Jan 25 04:33 UTC] No.42745860[source]
Maybe they are unable to make that clarification, if it would be false.
3. systoll ◴[18 Jan 25 06:01 UTC] No.42746236[source]
It does say

> It’s protected with the new key which is controlled solely by the user’s trusted devices

I think main thing they’re avoiding is an explicit guarantee that the key cannot be retrieved from your phone by a third party.