Apple to offer more encryption on iCloud backups
Apple will start offering end-to-end encryption on users' iCloud backups, adding an extra layer of security to people's text messages, location data and other sensitive personal information saved to iCloud from iPhones, iPads and Macs.
Why it matters: Apple's extension of encryption will make it harder for both hackers and law enforcement to gain access to users' data.
Previously, Apple iCloud only offered end-to-end encryption for "14 sensitive data categories," including passwords stored in iCloud and health data.
- Now, as detailed in a blog post on Wednesday, Apple will also offer end-to-end encryption for backups, notes and photos.
- The only areas not end-to-end encrypted are iCloud's mail, contacts and calendar tools "because of the need to interoperate with the global email, contacts, and calendar systems," the company said in a blog post.
The big picture: Apple previously shelved plans to let iPhone users fully encrypt backups after the FBI complained the move would harm investigations, as Reuters reported in 2020.
Details: The new iCloud encryption features should be available to all U.S. users by the end of the year and to the rest of the world in early 2023.
- Apple announced additional security tools, including one that will verify the identity of messaging contacts and another allowing the use of hardware security keys.
- iMessages will soon allow users to turn on a tool that flags if someone is responding to messages from a different device than usual — an indication that their account might have been hijacked or spoofed.
- Users will soon also be able to use hardware security keys to log into their iOS devices, ditching easy-to-steal passwords and codes. iMessage verifications and security key capabilities will be available next year.
Between the lines: Apple has provided several resources in recent years to protect at-risk communities, including activists, journalists and political dissidents.
- In October, Apple launched Lockdown Mode to give those who believe they could be under surveillance the ability to block message attachments, certain web functions and video calls that could spread malware.
- Apple filed a lawsuit against NSO Group last year following reports that the vendor's spyware was used to exploit vulnerabilities in Apple products and spy on users.
Meanwhile, Apple officially killed off plans Wednesday for a controversial tool that would scan photos uploaded to iCloud for child sexual abuse materials, Wired reported.
- Privacy and cybersecurity experts worried the scanning tech could be expanded to other types of content and provide a backdoor for law enforcement investigations.
Editor's note: This story has been corrected to note that the new feature Apple is offering is end-to-end encryption, not simply encryption, as the story originally reported.
Sign up for Axios’ cybersecurity newsletter Codebook here.