Note that this doesn’t satisfy the government’s original request, which was for worldwide backdoor access into E2E-encrypted cloud accounts.
But I have a more pertinent question: how can you “pull” E2E encryption without data loss? What happens to those that had this enabled?
Edit:
Part of my concern is that you have to keep in mind Apple's defense against backdooring E2E is the (US) doctrine that work cannot be compelled. Any solution Apple develops that enables "disable E2E for this account" makes it harder for them to claim that implementing that would be compelling work (or speech, if you prefer) if that capability already exists.
That’s exactly the plan. Anyone with this enabled in the UK will need to manually disable it or they’ll get locked out of their iCloud account after a deadline.
The hardware will not allow this, at least not without modifications. The encryption keys are not exportable from the Secure Enclave, not even to Apple's own servers.
The Apple security paper describe how to disable ADP through a key rotation sequence.
This will be a "forced rotation", they just need to decide how to communicate to users and work out what happens to those who don't comply. Lockout until key rotation look like an option as someone said.
Yeah, this seems the most likely thing to happen here. You'll be forced to disable ADP to continue using iCloud in the UK. This still leaves the question of tourists and other visitors, but it at least fits within the parameters of the system without changing its fundamentals.
Behind the scenes, it'd probably decrypt it locally piece-by-piece with the key in the Secure Enclave, and then reencrypt it with a new key that Apple has a copy of when you disable ADP.
Assuming the enclave can receive OTA firmware updates and those updates can completely compromise it, which are not actually proven facts, there's no way to target this to the UK alone without either exempting tourists and creating a black market for loophole phones or else turning all of Britain into a "set foot here and ruin your iPhone forever" zone.
> how can you “pull” E2E encryption without data loss
You can’t. The article says if you don’t disable it (which you have to do yourself, they can’t do it for you, because it’s E2E), your iCloud account will be canceled.
How would an alt service help this situation? You’d just end up with backdoored services advertising E2EE, no? Apple’s move here is definitely the right one, introduce as much friction as possible to hopefully get the user pissed off at their government for writing such stupid laws.
> introduce as much friction as possible to hopefully get the user pissed off at their government for writing such stupid laws.
I'm actually surprised that they didn't add more direct text in that screen. "We are unable to provide this service... BECAUSE OF YOUR GOVERNMENT 1984 STYLE REQUESTS. Contact your MPs here and here and oh, here's their unlocked icloud data, might want to add some choice pictures to their stash..." would have been a tad more on the nose...
We are told the encryption keys reside only on your device. But Apple control “your” device so they can just issue an update that causes your device to decrypt data and upload it.
Apple has already fought US government demands that they push an update that would allow the US governmrnt to break encryption on a user's device.
> In 2015 and 2016, Apple Inc. received and objected to or challenged at least 11 orders issued by United States district courts under the All Writs Act of 1789. Most of these seek to compel Apple "to use its existing capabilities to extract data like contacts, photos and calls from locked iPhones running on operating systems iOS 7 and older" in order to assist in criminal investigations and prosecutions. A few requests, however, involve phones with more extensive security protections, which Apple has no current ability to break. These orders would compel Apple to write new software that would let the government bypass these devices' security and unlock the phones.
From the Advanced Data Protection whitepaper [0], it appears the keys are stored in the iCloud Keychain domain, so not the Secure Enclave:
> Conceptually, Advanced Data Protection is simple: All CloudKit Service keys that were generated on device and later uploaded to the available-after-authentication iCloud Hardware Security Modules (HSMs) in Apple data centers are deleted from those HSMs and instead kept entirely within the account’s iCloud Keychain protection domain. They are handled like the existing end-to-end encrypted service keys, which means Apple can no longer read or access these keys.
Apple can push firmware updates to the HSM just like the device. So if they really wanted they could add an operation that extracted the keys (likely by encrypting them to a key that lives in Apple's cloud).
An HSM bypass (extracting keys, performing unauthenticated crypto ops) on any recent iOS device is worth 10s of millions, easily. Especially if combined with a one-click/no click. In that sense, it’s auditable, because it’s one of the biggest targets for any colour hat, and the people smart enough to find a bug/backdoor would only be slightly aided by a spec/firmware source, and a bit more by the verilog.
This is true for pretty much every “real” hsm on the planet btw. No one is sharing cutting edge enclave details, Apple isn’t unique in this regard.
If someone has a reliable and workable secure enclave hack they can become a multi-millionaire for selling to state actors or become one of the most famous hackers in the world overnight (and possibly get a life changing amount of bounty from Apple)
Basically it's not a hack someone just throws on the internet for everyone to use, it's WAY too valuable to burn like that.
Apple is in a really tough position. I don't know if there's any way they could fulfil the original request without it effectively becoming a backdoor. Disabling E2E for the UK market is just kicking the can down the road.
Even simply developing a tool to coerce users out of E2E without their explicit consent to comply with local laws could be abused in the future to obtain E2E messages with a warrant on different countries.
But customers. People keep saying they should just not be in that country. It is far better to have the choice of using an iPhone even if particular features are no longer available.
> Any solution Apple develops that enables "disable E2E for this account" makes it harder for them to claim that implementing that would be compelling work (or speech, if you prefer)
I think it’s really speech [0], which is why it’s important to user privacy and security that Apple widely advertises their entire product line and business as valuing privacy. That way, it’s a higher bar for a court to cross, on balance, when weighing whether to compel speech/code (& signing) to break E2EE.
After all, if the CEO says privacy is unimportant [1], maybe compelling a code update to break E2EE is no big deal? (“The court is just asking you, Google, to say/code what you already believe”).
Whereas if the company says they value privacy, then does the opposite without so much as a fight and then the stock price drops, maybe that’d be securities fraud? [2]. And so maybe that’d be harder to compel.
>> Apple's defense against backdooring E2E is the (US) doctrine that [government can’t] be compelling work (or speech, if you prefer)
It’s really not "work” but speech. That’s why telecoms can be compelled to wiretap. But code is speech [2], signing that code is also speech, and speech is constitutionally protected (US).
The tension is between the All Writs Act (requiring “third parties’ assistance to execute a prior order of the court”) and the First Amendment. [1]
So Apple may be compelled to produce the iCloud drives the data is stored on. But they can’t be made to write and sign code to run locally in your iPhone to decrypt that E2EE data (even though obviously they technologically could).
It's weird bending of law. Code, especially closed-source code, is not a speech; it's a mechanism and the government may mandate what features a mechanism must have (for example, a safety belt in a car).
> how can you “pull” E2E encryption without data loss? What happens to those that had this enabled?
They'll keep your data hostage and disable your iCloud account. Clever, huh? So they are not deleting it, just disabling your account. "If you don't like it, make your own hardware and cloud storage company" kind of a thing.
> "If you don't like it, talk to your local politicians",
Indeed people only noticed this because Apple tried to do the right thing and now it's somehow also Apple's fault. No good deed goes unpunished, I guess.
I think there is a feeling the government power is so overwhelming that they are hoping maybe some trillion dollar corporation would help them out somehow.
But I have a more pertinent question: how can you “pull” E2E encryption without data loss? What happens to those that had this enabled?
Edit:
Part of my concern is that you have to keep in mind Apple's defense against backdooring E2E is the (US) doctrine that work cannot be compelled. Any solution Apple develops that enables "disable E2E for this account" makes it harder for them to claim that implementing that would be compelling work (or speech, if you prefer) if that capability already exists.