
Apple confirms it uses Google cloud for some of iCloud - uptown
https://www.cnbc.com/2018/02/26/apple-confirms-it-uses-google-cloud-for-icloud.html
======
oflannabhra
From Apple’s actual iCloud security document:

> Each file is broken into chunks and encrypted by iCloud using AES-128 and a
> key derived from each chunk’s contents that utilizes SHA-256. The keys and
> the file’s metadata are stored by Apple in the user’s iCloud account. The
> encrypted chunks of the file are stored, without any user-identifying
> information, using third-party storage services, such as S3 and Google Cloud
> Platform.

From what I’ve heard, Apple’s services run on their own cloud platform called
Pie [0]. It sounds like this platform probably abstracts away whatever storage
service is used, allowing Apple to use whatever fits their requirements.

[0] - [https://9to5mac.com/2016/10/06/report-unified-cloud-
services...](https://9to5mac.com/2016/10/06/report-unified-cloud-services-
backend-pie-platform/)

~~~
flixic
[Apple] Pie in the Sky for Cloud platform. Clever name, looks like clever
tech.

~~~
oil7abibi
Idk, seems like that would be a pretty standard abstraction layer to implement
at a large company.

~~~
ksec
Sorry if this is an naive question. If every large companies are doing it, why
aren't there a standard open source abstraction library available?

~~~
cobbzilla
I used Jclouds [1] a few years back to do this. While it's very powerful, it's
also fairly complex (abstracts not just storage but also compute/etc). At the
time, I remember wanting a simpler abstraction layer over it, and ended up
building my own. Maybe something like that exists now, I'm not sure.

The devil is in the details of how each provider offers vendor-specific things
and you want to take advantage of them. For example Reduced-Redundancy storage
is iirc an Amazon-specific offering, or if others offer it, it's probably
under different SLA terms/measurements. This rapidly breaks many generic
abstractions; maybe this is why everyone ends up writing their own little shim
layer for their situation.

In some sense it reminds me a bit of building database-connection-pools in the
90's, before they were really standardized everyone rolled their own and
learned all the awful lessons about reference counting along the way. Then
along came ODBC, then JDBC, and things were so much easier because you only
had to deal with one API, and the databases would conform to their side of it.
So I think, isn't that what OpenStack (or something?) is supposed to be for
cloud services? But whoa, the depth and complexity of these services far
exceeds that of a 90's database. It will take a while -- but over time and
with patterns of common use well established, a stable base of standard APIs
will abstract away most differences, making things so much nicer. I can dream.

[1] [https://jclouds.apache.org/](https://jclouds.apache.org/)

------
kziojzwsndppqgg
Apple runs absolutely ludicrous amounts of its own storage. The idea that they
use GCP for 100% of anything is insane.

Saying they “use GCP for iCloud” sounds intentionally misleading... there’s a
missing qualifier there. But I guess “uses GCP for some stuff in iCloud” isn’t
nearly as click-worthy I guess.

~~~
spac
Can you provide any reference or evidence to support these statements?

~~~
kziojzwsndppqgg
Nothing in public, no. Apple doesn’t talk about this stuff generally. But I
know because I helped build a lot of it.

~~~
rconti
I'm familiar with the kind of amounts of storage (in terms of cabinets, # of
arrays) for various reasons, and I assumed it was the iCloud storage because
of how vast it is. On the other hand, with the high-end gear they're using,
likely the cost/GB is insane and more than Google or AWS charges them. I can't
imagine the big cloud providers are buying top-end arrays, but I could be
wrong.

------
ksec
Since Steve Jobs returned to Apple and Tim Cook took over operation, Apple has
always been running "Asset Light" approach. The less asset the better. They
value flexibility over the little benefits of owning those asset. Hence why
they were very late into building their own DC, the also view the Cash they
have as another asset they dont want too much. [1]

Apple also view Data Storage, as another aspect that depreciate quickly and
offer no strategic advantage to owning all of it.

Ever Since Apple merged and moved all(?) of its Cloud operation using Mesos,
things has been great every since. Last time they said it was the world
largest Mesos cluster running in operation. I suspect it is even bigger by
now.

I wonder what happen to Project McQueen. [2]

[1]www.asymco.com/2018/01/18/the-apple-cash-faq/

[2]venturebeat.com/2016/03/17/apple-cloud-project-mcqueen/

~~~
HillaryBriss
i hear what you're saying.

but how do we reconcile Apple's strategy with the fact that Amazon did invest
in an "asset heavy" approach? i have been under the impression that Amazon
makes a substantial percentage of its profits from S3 and other cloud
services.

~~~
ksec
I am not saying I agree with Apple's Asset Less approach, just pointing it
out. I would actually want them to have more DC, and more Apple Store around
the world. All should be buying them outright rather then rent.

But then their Apple TV is completely opposite of their Asset Less approach,
as they decide to spend more money to create their own TV Asset.

------
Zak
I thought this was the case. I was sharing mobile data over wifi to several
iPhone users with some basic data use monitoring so that I could firewall
services that used unreasonable amounts of data.

One of them, despite having all the automatic update and backup features we
could find turned off regularly attempted to upload gigabytes of data to
multiple IP addresses that resolved to Google Cloud. Since there were fairly
few apps installed (none of them suspicious) and a large number of photos and
videos on the device, my conclusion is that it was a spurious iCloud photo
backup.

Unfortunately, iOS does not appear to provide a way to see what's using data
on Wifi, only mobile, nor to designate a Wifi network as metered.

~~~
illumin8
It could just be using iMessage. When you send photo and video attachments
using iMessage, they get stored on iCloud for some period of time so that
other users can view or download them.

~~~
Zak
The user was not sending large attachments. While attempting to troubleshoot,
the phone was idle. This was definitely an automated background process.

------
kccqzy
How is this news? Years ago I’ve observed system processes like nsurlsessiond
and cloudd connecting to AWS, GCP, as well as Apple’s own infrastructure for
my iCloud storage. It’s really obvious for someone who’s using Little Snitch
and suddenly those processes start connecting to a new/different hostname.

~~~
danso
The article says claims were made in 2016. The news here is that Apple is
officially confirming it.

------
nik736
Interesting that Dropbox is saving a lot of money chopping off AWS while Apple
relies on Google for exactly the same thing. I would think that Apple would
host and build an inhouse solution, really curious what the reasoning is to go
with GCP.

~~~
_sdegutis
On the note of data storage, it's frustrating that I can have photos and
videos -- that I intend to keep for the next 50+ years -- spread out between 2
to 4 services (iCloud, Dropbox, OneDrive, Google Photos) just by owning a
couple phones and a computer or two, which I imagine is pretty typical. I know
there's a start-up idea in here somewhere, because I personally would pay
premium to consolidate all those into one organized location, but I don't
exactly know what that is. I know Dropbox has an option to import data from
other services, but in my experience it hasn't been as "smart", automated, and
thorough as I'd like it to be.

~~~
foobarian
Once the baby videos started rolling in all the cloud solutions started
getting expensive real fast. I had to stoop down to running my own file
server. Buy a pair of drives every now and then to expand, and nightly rsync
to keep things backed up.

The product I would like is a photo album with an indexing and web interface
components, and plugins to make sense of different phone platforms. Nannies
love to text videos and getting those off the phone has been a pain; I end up
saving the whole iOS backup and scraping any media looking files from it.

~~~
balls187
How much baby video do you record?

I have to imagine you're usage is an outlier here.

~~~
foobarian
Up to two TB now at 3yro kid. Part of the problem is the video resolutions
grew a lot, and having to snapshot the whole phone whenever it fills up.
(Though I did some deduping and the redundancy is not as high as I thought...)

I doubt my usage is an outlier. But I suspect that I keep more video than most
people just because I can.

~~~
antongribok
I do the same thing, although my data growth seems to be a bit higher. My kid
is less than a year old and I'm on pace to generate about 2-2.5 TiB for the
first year. (Mostly 4k video.)

At some point I might start thinking of re-encoding the originals, but so far
storage is cheap to have locally, and I'm going to see how long I can keep
this up.

------
viperscape
Fun fact, Apple also uses(d) Azure Microsoft services as well.

[http://www.theregister.co.uk/2011/09/02/icloud_runs_on_micro...](http://www.theregister.co.uk/2011/09/02/icloud_runs_on_microsoft_azure_and_amazon/)

[https://apple.slashdot.org/story/11/09/04/0051209/apples-
icl...](https://apple.slashdot.org/story/11/09/04/0051209/apples-icloud-runs-
on-microsoft-azure)

~~~
sjroot
If you read the article you will see that the mention of Microsoft Azure has
disappeared from Apple's security documentation.

------
sashk
I've seen (via Little Snitch) at different times, Apple Photo has been
downloading data from Amazon, at&t cloud (?) and Azure — at least it's what I
allowed it to use up until now. I didn't see Google yet, probably, it's recent
development.

------
jagger27
I thought that's what their DCs were for. It definitely seems a bit out of
character for a company that designs its own silicon to outsource something so
comparatively trivial.

~~~
agoodthrowaway
It takes about 3 years to build a DataCenter. Also depending on the type of
campus you want to build, the availability of power and contiguous land is
fairly limited. Additionally most web scale DCs are "passively" cooled and
require the local environment to support this.

We are in a construction boom nationally and it's currently difficult to get
enough people to construct DCs. The ability to scale out is limited by
construction.

Apple is building DCs, they are late to the game, but they probably can't
scale their infra fast enough and need to use cloud services as a way to keep
scaling without impacting their customers.

~~~
mschuster91
> It takes about 3 years to build a DataCenter.

That definitely depends on where and which kind of data center. If you're
willing to take a derelict warehouse and put in containers like Google did,
all you need to do is providing power and fiber (which should be plenty in any
industrial settings) and you're set in a matter of weeks to months.

If you're aiming higher, as in design a DC, buy the ground, build the building
itself and then installing all the stuff needed, you're in for much more money
and time. Depending on the local politics and laws as well as power/fiber
infrastructure, you can cut some corners but the worst-case (uncooperating
politicians that need to be brought in line by the courts, the next 110kV
transformer being at capacity, no fiber and no empty tubes in the ground which
means digging yourself) is the benchmark there.

~~~
Caveman_Coder
> "...the next 110kV transformer being at capacity"

They will mostly likely work with the local utility to build an entire
substation for the DC, so they won't have to deal with sharing capacity on an
existing sub's XFMR.

~~~
agoodthrowaway
Yep these facilities require >100MW and require their own substations. Hence
one reason why it takes so long to build.

~~~
Caveman_Coder
I'd imagine that the lead time on getting the substation equipment is probably
the longest for all of equipment inside a DC. Chillers, UPSs, generators, and
breakers are probably not in as high demand or take as long to manufacture as
a MV XFMR.

~~~
sah2ed
Why not shorten the lead time by biding higher for freshly built XFMRs from
other countries of the desired capacity?

------
kraig911
So does this mean kubernetes will win? :) Why does it matter if Apple uses
GCP? I think it's a terrific product and wish I could use it more. I also
don't think apple and google are competitors really in the 'cloud' space. It'd
be stupid to go to AWS if you were as large as Apple as companies like Apple
can actually have leverage I imagine.

~~~
bestnameever
> It'd be stupid to go to AWS if you were as large as Apple

why is it stupid for Apple to use AWS and not GCP? Personally, I don't think
using either is stupid.

------
djhworld
So from the anecdotes in this thread, along with some people suggesting Apple
use AWS/GCP/Azure for things....

I'm wondering if this is a capacity thing, or maybe a locality thing? It would
make sense to use the cloud providers if you don't have a data centre in a
nearby region of a user I guess

------
IamNotAtWork
Apple probably needs a datacenter of its own anyway. Just think about all of
the data they use internally for projects, and other sensitive stuff they
would never allow to leave the network. So building a state of the art DC with
low PUE makes sense.

However, farming out some of the costs to other cloud providers seems like a
good strategy to eliminate single point of failure, or avoid all data being
lost if somehow one provider loses data. And maybe then they can focus on
adding compute units rather than storage, and backup for the storage units.

In short, despite Apple's user base, I still don't think it is on the scale of
AWS or Google.

------
ksk
Could someone please explain to me why this is relevant to anything?

~~~
bonsai80
Yeah, the linked article feels like someone at cnbc is paid to come up with
anything that will get clicks (I wrote that sentence kind of jokingly, but
thinking about it now, of course they have exactly that) and it worked great
this time. Well played cnbc. You win this round.

Now hopefully there's a Rust vs Go blog posted or something gets merged into
systemd today so we can get back to business as usual here ;)

------
walrus01
What happened to the giant Apple-owned datacenters such as in North Carolina?

[https://www.google.com/search?client=firefox-b-1&ei=UR6UWsvn...](https://www.google.com/search?client=firefox-b-1&ei=UR6UWsvnK8fdjAOLobCgDw&q=apple+datacenter+north+carolina&oq=apple+datacenter+north+carolina&gs_l=psy-
ab.3..0i71k1l8.5020.5400.0.5474.0.0.0.0.0.0.0.0..0.0....0...1c.1.64.psy-
ab..0.0.0....0.tfYXf5e1CIU)

~~~
oflannabhra
I would guess that nothing happened to them, and that they have never been
used to store encrypted iCloud data. Apple has an enormous amount of data that
needs to be stored beyond iCloud: iTunes, App Stores, Apple Music, etc. I'm
sure they store much of that data in-house.

There is also the possibility that Apple eventually plans to move iCloud to
their own storage solution, but hasn't yet scaled up to it yet.

~~~
megaremote
> iTunes, App Stores, Apple Music,

Would it really require a datacenter to store that small amount of data?

------
udioron
While Waze (Google) is probably still using AWS.

~~~
jcwayne
And sticking with their Fisher-Price style UI.

~~~
moftz
It is a bit cheesy, yeah? But I do like the simplistic, big buttons with clear
pictures. I don't want to have to take an extra second to decipher a material-
design pictograph that sacrifices some aspect of understanding for visual
aesthetic. Waze gets their users on the value the app brings to people, not
how good it looks. There aren't many other players in the field of crowd-
sourced traffic data like Waze shows (at least in the US) so I don't see them
working on updating the UI until it actually matters.

------
synaesthesisx
It's no secret using Little Snitch (or an equivalent network monitor) - it's
interesting to see iCloud services connecting to AWS etc. No real surprising
considering Spotify etc all do the same, but one would imagine Apple could run
their own data infrastructure by now...

------
gerash
This is really not big news. If I were Apple, I would also sort cloud storage
vendors by price including building the whole infra in-house, throw away the
non secure or risky ones and pick the cheapest.

------
kbumsik
I am new to deploying services on cloud but I am wondering why Apple mixes
cloud services between Amazon, Google, and Azure? Is there advantage over
using a single provider? Maybe risk management?

------
jacksmith21006
Not really surprising. Plus it has to be a lot cheaper then Apple building
their own.

~~~
pmlnr
I don't think this is true long term. The cheapness of cloud applies when and
where deploying otherwise complicated systems - eg. a hadoop cluster - can be
done in matter of clicks, but for something simple - file storage - I'm
finding it hard to believe that it's cheaper. However, in case of apple, geo
distribution and locality is probably very important, which adds to the cost
for sure; I'd still be surprised if long term own/rented hardware wouldn't be
cheaper, than SaaS.

~~~
013a
Especially for object storage. The scale where deploying your own object
storage network gets cheaper than S3 is surprisingly small. Even handling your
own equivalent of "intra-zonal redundancy" is easy. The main concerns arise in
"how do you CDN that data to your customers" and "how do you gain redundancy
beyond intra-zonal"; that's where S3/GCS gets more interesting.

~~~
ddorian43
There are other CDN beside aws/gcs.

------
mtgx
> _But in the latest version, the Microsoft Azure reference is gone, and in
> its place is Google Cloud Platform._

Ouch. For Apple to move to _Google 's_ cloud infrastructure, they must have
been truly disappointed with Microsoft's Azure...

~~~
dkersten
A friend messaged me this morning saying he logged into his work Office 365
account and noticed a lot of the URL's (eg for attachments and such) point to
AWS services like S3. If Microsoft themselves use AWS instead of Azure.. wtf?

~~~
maxyme
I actually interviewed for the O365 team and yes, they said they don't trust
Azure at all and host everything they can on their own private cloud. Didn't
hear anything about S3 but they really didn't trust Azure, wouldn't be
surprised.

~~~
oblio
They don't trust Azure as in "Azure is flaky", or "we're running our own unit,
here"? [https://www.joelonsoftware.com/2001/10/14/in-defense-of-
not-...](https://www.joelonsoftware.com/2001/10/14/in-defense-of-not-invented-
here-syndrome/)

Though I think their average quality has went down lately (from the days of
Excel pcode to the current days of Office 365), I've been seeing Powershell
exceptions thrown directly in the UI in the Office 365 Admin...

------
outside1234
It’s almost like Google paid Apple to use it.

------
kerng
Misleading title, should say Apple also uses Google Cloud. AWS is not being
replaced here.

~~~
astrojams
It would make sense for Apple to continue to use both AWS and Google Cloud so
that it maintains its negotiating powers with both vendors.

------
_sdegutis
Strange that they're using Google and not Amazon, considering Google (and MS)
are direct competitors in the mobile device space.

Also this doesn't imply that user privacy is less secure, since they probably
still encrypt user data before it goes to Google's servers.

~~~
romanovcode
> since they probably still encrypt user data before it goes to Google's
> servers.

It still looks pretty bad for them.

~~~
bpicolo
[https://www.youtube.com/watch?v=BLGFriOKz6U&feature=youtu.be...](https://www.youtube.com/watch?v=BLGFriOKz6U&feature=youtu.be&t=25m43s)

They take security for these things seriously. You can store data safely even
in adversarial clouds.

------
lawlessone
This is like finding out McDonalds have been serving you Burger King.

~~~
MikeTLive
more like finding that McDonalds and BurgerKing use SEXTON to source their
burgers and that HAYMARKET sources to Wendy's.

------
MechEStudent
So apple is paying the maker of android to stay in business. Cute.

------
dijit
I wonder if this raises questions about privacy, if you're ultimately going to
end up in googles eco-system in a way anyway why would you want middleware?

As a cloud provider I really like GCP compared to others.. it's clean,
consistent, predictable and easy to use.

Speaking personally in my employment AWS always sent sales folks and Google
always sent engineers, this makes me more comfortable too.

~~~
jeromegv
Hosting encrypted data in the Google Cloud is not the same as having the
Google ecosystem where you willingly let Google harvest your
email/history/location/etc.

~~~
jacksmith21006
Apple does then get Google security. They have found most of the big
vulnerabilities including Shellshock, Cloudbleed, Heartbleed, Broadpwn among
others.

