I checked my data when the GDPR came into effect, and was pleasantly surprised to find only information i "expected".
It has my complete purchase history over every Apple product I've ever _registered_ as well as iTunes/AppStore, it has every service/repair call/appointment I've ever made.
It then goes on to list everything I've uploaded to iCloud.
There were no unpleasant surprises. No records of phone calls, no text messages (I don't use iMessage in iCloud), and absolutely no data i wasn't expecting them to have.
Google/Facebook have become greedy, and i expect a backlash will happen eventually (if not already) where people are fed up with them siphoning every little detail of their lives.
I attribute this to always having used iOS, and me always having been rather conservative with what permissions I give out to apps. I never give out address book permissions, location updates is allowed if _I_ have use for it within the app, etc. I've never used Google apps on my iPhone.
Mostly though, it's probably due to iOS. It has always had better/finer privacy settings, and where Android used to require permissions up front, iOS asked for them when you actually used the feature within the app.
The option to disable background updates also helps a great deal. Can't very well siphon my entire location history if you only receive location updates for 6 minutes per day.
We need to be careful to distinguish between data we store in these services, and data these services store about us and our use of those services. Providing a summary and exports or access to the first implies nothing about the second, or who any of this data might have been sold to.
Inferences though... things that they think might describe you, which is changing over time, does not come out. Something like profilelens.com might provide these insights.
I think the CCPA talks about data flows too. Ask for data flows. Ask for justification.
They have to share who they shared your data with on your request.
When Google sells you a device they can afford to "discount" it as they'll make more money whenever you use the device.
Did you verify you got 100 % of the data they had/have on you? Or was the problem of verification a surprise to you?
Although im in the U.S. and i dont see the option to download my data. Perhaps it hasn't rolled out to everyone? or am i looking in the wrong place?
>If the “obtain your data” option isn’t immediately available, it may still take time to roll out to all customers.
Time to sit and wait!
2FA popping up on your personal device that you authorized, even when that's the same device you're trying to log in on, doesn't reduce the security of that.
Exchanging her phone for a new one meant we could not activate her new phone without creating a new account.
"The release of iOS 11" ... "also made a number of other changes under the hood" ... "Each and every one of these changes was aimed at making the user’s life easier (as in “more convenience”), and each came with a small trade off in security. Combined together, these seemingly small changes made devastating synergy, effectively stripping each and every protection layer off the previously secure system."
"The passcode. This is all that’s left of iOS security in iOS 11. If the attacker has your iPhone and your passcode is compromised, you lose your data; your passwords to third-party online accounts; your Apple ID password (and obviously the second authentication factor is not a problem). Finally, you lose access to all other Apple devices that are registered with your Apple ID; they can be wiped or locked remotely. All that, and more, just because of one passcode and stripped-down security in iOS 11."
I don't know if it got any better with iOS 12.
I’d still like to see anything that disproves their claims and support yours which appear to be unsupported. Elcomsoft documents in details what changed in the whole system. And the post was already discussed on HN and I haven’t seen anybody disproving it:
Until iOS 11 what existed was
1) your "digital identity" by Apple (Apple ID and Apple ID password)
2) your "physical identity" (fingerprint) stored only at the device(s) and impossible to extract.
3) the "device key" that allowed the access to the device, but not to the (1)
And they were separated.
Since iOS 11, snooping the (3) and stealing the device is completely enough to overtake (1). Before iOS 11, that was simply not possible.
That's the whole point of the article I've quoted: if I just simply see which passcode you type and then I get an access to your device, you lose your Apple ID and everything it protects but that is not on your device.
It your Apple ID doesn't protect some additional material that is not on that single device, you don't have to care. If it does, it does make a difference. It's real.
And it's on topic. The post to which I've replied claimed:
"Someone would need my apple id, my password, access to one of my apple devices (I had to enter a code that appeared on one of my devices" ( https://news.ycombinator.com/item?id=18241224 )
Whereas in fact since iOS 11, somebody needs just access to one of his devices and the passcode, Apple ID and the password he can obtain having only the passcode and the device, since iOS 11.
The Elcomsoft's article explicitly claims that no, you don't need Apple Id and password when you have an access to the device and the passcode.
And nobody was able to disprove these very specific claims that are the actual topic of Elcomsoft's article.
What you assert, in the words you assert "the sum of changes would make this a weaker target", was claimed nowhere as the "argument". From the two paragraphs I've quoted the first was a mere introduction (how the reduced security level was achieved, specifically, "Combined together, these seemingly small changes made devastating synergy", and yes, such changes can actually make the system easier to exploit, everybody wit experience in this field knows that). The second was explicit:
"The passcode. This is all that’s left of iOS security in iOS 11. If the attacker has your iPhone and your passcode is compromised, you lose your data"
It was just your interpretation, based only on one of the only two paragraphs I've quoted (and your unawareness of both the second paragraph and the whole article) which obviously missed the whole point. Yes, the user "convenience" decisions did lead to having the Apple Id password irrelevant (obtainable by just a plain and typically simpler passcode). Sorry that you missed that. Any I won't reply to this thread anymore, because I've written all the arguments. Anybody can check the whole thread and compare.
And yes, also read the Elcomsoft's article and prove them wrong, if they are wrong. But I haven't seen anybody achieving that up to now.
None of the iOS related things apply to the download portal, and none of the intercept/local access exploits apply to normal users.
It is absolutely relevant for this very thread: it disproves the initial claim in the thread that the attacker would need “device, passcode and appleid password”. The article proves that the third (appleid password) is not needed (that was the main topic of the article) and you never demontrated anything else.
I don’t care for other kinds of relevance or irrelevance as they never were never claimed by me.
If you want to scope the thread to the Elcomsoft article and specific on-device physical extraction, sure you'd have a different story.
"Someone would need my apple id, my password, access to one of my apple devices (I had to enter a code that appeared on one of my devices), and access to my email." Note: "someone would need my" -- as in "an attacker", not "me as the owner of the device."
And the answer, supported by the Elcomsoft's article is, no, the attacker just needs the device and the passcode. Nothing more. Since iOS 11, everything else he can extract from that.
If you accidentally approve creating an Apple ID that's some variation on your e-mail it opens up your account to human phishing attacks. Just call apple support and raise hell until someone makes a mistake.
The RFC mentions dot-atoms in address elements are locally interpreted. There's no rule specifying if x.y.z or xyz are equivalent or not. The issue for me is that an Apple ID looks just like an e-mail address. firstname.lastname@example.org and email@example.com are equivalent to Gmail but not to Apple. From that I believe it creates an opportunity for confusion.
How exactly would this attack even work that you have in mind? And wouldn't it even be easier to conduct this so-called attach on an email host that actually treats firstname.lastname@example.org as a different email from email@example.com since it wouldn't even require the 'victim' to click anything in their email?
The right answer is for Apple to keep treating them as separate emails and refuse to give people access to accounts with different email addresses. It's that simple.
Not really. It's left open to interpretation from my reading of the relevant RFC. The spec says the dot-atom form should be used but does not say in what way it should be used. Google collapses x.y.z@gmail and firstname.lastname@example.org to the same thing which is fine they're welcome to do so. However the Apple IDs email@example.com and firstname.lastname@example.org are entirely different entities. So we have a namespace collision in one space but not the other because although an Apple ID looks like an e-mail address it's not. I'm just saying that can create a problem.
An addr-spec is a specific Internet identifier that contains a
locally interpreted string followed by the at-sign character ("@",
ASCII value 64) followed by an Internet domain. The locally
interpreted string is either a quoted-string or a dot-atom. If the
string can be represented as a dot-atom (that is, it contains no
characters other than atext characters or "." surrounded by atext
characters), then the dot-atom form SHOULD be used and the quoted-
string form SHOULD NOT be used. Comments and folding white space
SHOULD NOT be used around the "@" in the addr-spec.
No. The part of the spec you quoted says that if the local part of the email address is in the format "atext+ (\. atext+)*" where atext is "Any character except controls, [spaces], and specials", then the quoted-string form shouldn’t be used. In other words, don’t use quotes when you don’t need them. This has nothing to do with how to "interpret" dots; they are interpreted like any other char except they can’t occur everywhere in the local part (e.g. "foo.@bar.com" isn’t valid).
That's pretty clearly stating (to me) that the dot-atom is locally interpreted. It doesn't say anything about how to interpret a dot-atom. Just to use it in preference to the quoted string if the rules you mention apply.
It just so happens that Google decides to treat them as the same for incoming mail.
Apple is under no obligation to treat them as the same. Neither is any other web service.
If you expect the web services you use to treat them as the same, then I foresee major disappointment in your future.
For security, I would prefer the more stringent interpretation over those that are more forgiving.
"While [Apple Support] can answer your questions about the account recovery process, we can't verify your identity or expedite the process in any way."
Even if you manage to confuse a support agent, they cannot do anything to speed account recovery or be socially engineered into account compromise.
For more information from Google on this topic:
I don't think that's quite right if I'm understanding what you are saying. I've logged into my gmail account using both email@example.com and firstname.lastname@example.org. Both work and both take me to the same account.
So if you created your account as email@example.com, you can also log into Google with username firstname.lastname@example.org.
But if you created your account as email@example.com, you can't log in with firstname.lastname@example.org.
Closest thing is UPS mailing me a PIN to authenticate the address for the My Choice portal.
Reminds me of how when I sign into my Gmail from another computer, it sends me an email saying "alert! someone signed in from this computer!" which I could immediately delete if I was a hacker. Seems useless to me.
Google Takeout has been available everywhere for years. June 2011 according to this.
Deployed and available outside the EU, and more specifically in the US?
For more up-to-date information see the Wikipedia page:
This service works quite well, I'm using it to backup the whole of my Google data every few months, including Gmail, Photos and Drive.
While I feel locked in to an extent because I don't want to give up macOS/iOS/watchOS and their integration, I never felt that my data was locked up with Apple.
Google Takeout was/is a nice user feature. Google is not required to pass all of user's data.
GDPR compliance is different, companies are required to pass basically a database dump by law.
Or for specific products, you can figure out the demographic inferred for you on ads, or gps tracking for maps:
The site introduced under www.apple.com/privacy/ address is from my PoV, of power user not something that I'm not aware - maybe it will be helpful to the masses but I don't find such "tips" useful at all. Overall tone of this page is no different than any other similar and says "trust us, we won't do bad things". Which sided with leaks, privacy breaches we had doesn't give me the positive vibes - despite of Apple approach to the privacy.
What I mean is it's innovation.
What we really need is a TRUE DELETE FOREVER YOUR DATA with 0% chance of recovery by anyone. People want to be able to log into google, microsoft, apple etc. download and then delete accounts completely if they fee like it. My data, i own it, i should be able to take it out of the system forever.
THAT we will never get. Why? Because customers personal data is gold and no one wants or will throw that away.
Then write down your PIN code somewhere else, now you don't have a "single point of failure".
That's the point... this is a publicity stunt. Corporations don't have feelings, and the board that drives the company is primarily concerned with company health and growth above all other things. Leadership may, however, set a strategy that capitalizes on recent public scrutiny of user privacy concerns to push the narrative that will sell more iDevices. Humanizing corporations is a dangerous game, because it plays right into their hand. Don't let them fool you into it.
(Not that intentions matter particularly either way.)
We don't need to humanize companies.
If they behave nicely because it is profitable that's a win-win in my book.
In fact that is even better than said company being nice because the current CEO is nice :-)
I'm not saying it'd be easy, but it not like they don't already offer PIM services for all their customers on iCloud, essentially for free. No one is suggesting that they should suddenly compete with G-Suite and offer business accounts.
Thank you. We are preparing your data.
When your data is ready we will notify you
As a reminder, this process can take up to seven days. To ensure the security of your data, we use this time to verify that the request was made by you.
You can view and check the status of your request on this site at any time by visiting privacy.apple.com/account.
Also, what is your metric here? A lot of "journalists" comparing the takeouts from Facebook or Google use horrible metrics such as byte size, which make zero sense because these takeouts contain videos from Photos and files you've uploaded to Drive. It's in no way an indicator of how much "data" these companies collect.
If the “obtain your data” option isn’t immediately available, it may still take time to roll out to all customers.
'course not, it's GDPR stuff, it was rolled out in the EU back in May (https://9to5mac.com/2018/05/23/download-all-apple-id-icloud-...)
They're doing what they originally pledged: rolling it out globally instead of limiting it to where they're legally required to.
Thank you. We are preparing your data.
When your data is ready we will notify you at XXXXXXXXX@XXX.com
What i really, really want is a DELETE button that wipes out all of my personal data on Apple's servers FOREVER with 0 chance of recovery.
I want to press DELETE and i disappear forever from Facebook, Google, Apple, Comcast etc. Pewfff like i never existed... THAT would be cool my friends!
Wake me up when that happens.....(not a chance that will ever happen).
I just did it from NZ.
Is it possible that seeing the information on your credit report would give you more information, and you would change your behavior when you saw what data was recorded there?
Is this legal?
Maybe this is what will force companies to understand that stored user data is both an asset and a liability.
Depending on your iphone's settings, and what data you don't want Apple collecting, that could mean anything from turning off iCloud to not using iTunes and the App Store.
Basically, any app is likely giving Apple data on you. (Well I take that back. Apps will give some company data on you. But they won't necessarily give it to Apple. Obviously for full and complete privacy you would need to turn off any google, facebook and amazon stuff as well. Also any ancillary apps, like mileage meters, or health and wellness type stuff. A lot of games too now I think about it.)
This is very crucial and I really don't see any alternative services to the ones like Strava and RunKeeper for iOS.
Even an app that does the job w/o any social features would do (in fact I never use the social feature aspect of these apps)
2. stop using publication stuff (gamecenter) since that's literally public information Apple broadcasts for you
3. that's about it, the rest is various accounts information e.g. your appstore/itunes purchases, your retail stuff, repairs, … basically your files at Apple, the only way to request that Apple does not generate it is to delete your account (which the portal lets you, there's an option to nuke your account entirely and permanently) and stop interacting with Apple entirely, or at least in such a way that they can link things together (e.g. appleid when purchasing devices, that kind of stuff)
Just a small correction: although most of iCloud is definitely not E2E encrypted, a small portion, iCloud Keychain, is. It's a great way to sync passwords and secure notes across devices.
TLDR; if you're not actively asking Apple to store data for you, they probably aren't.
If you are going to take a few minutes and write about a launch or release like this, please take the extra few seconds to include a link for your readers. Make your content useful.
Article on a new law being passed... no link to the raw text of the law. Article about a new scientific study that has come out... ofcourse, no link to the study. Famous person issues a statement or makes a speech... sure, we'll give you a few quotes but no link to the full text.
It's like, come on!
Because people would click the link and leave the article/news website as soon as possible, since the link will probably have more pertinent information than the drivel on bloomberg. Or, they're just that dense.
How do I locate the OG footage?
Maybe filter out all results posted by media orgs. Or show only those results that don't have cuts in them (almost all original footage is a continuous shot of a situation, with no titles, cuts to reporters or anchors, or introductions)
I think I'm headed down a rabbit trail of leveraging ContentID smarts for better searching and filtering.
Technical challenge is one thing, but getting people to choose some random search engine over Google is incredibly hard, as Google spends billions of dollars to divert all the traffic to themselves.
TechCrunch, for example, not only has links to the privacy pages, but has a screen shot of what the page looks like. That page also links to another separate page that shows exactly how to download your data.
"Because Bloomberg articles are for <some company's> investors, not <some company's> customers"
They don't like to "advertise" other companies and get traffic out of their sites.
I remember, many years ago, when I was doing some freelance web development, one of the customers didn't want to put a link to his Facebook page on his website, because "we won't be advertising Facebook for free".
They were even moderately effective at teaching journalists to write links in a natural style, ie not telling readers to "click here" or putting everything in numbered footnotes like it's still the 1980s
Other publications that do this want to rank for the keywords they are linking to—those words are a vote for the internal article that is being linked. Just look up any Verge article about the Pixel 3. All the keywords link to other internal articles.
They should add links and use words like Original Source or Original Video—less valuable keywords, that would still be helpful to readers. They could even nofollow those.
Your request could not be completed.
This action could not be completed because of an error. Try again later.
This is data which Apple has/had already, nothing has changed there and law enforcement could already request it.
This is them starting to roll out GDPR-related tools globally (it's been available since May for EU accounts).
> Or, is there stuff on the phone that won't be included here?
Anything which is not sent to Apple, or is only sent device-encrypted (as in, encrypted with a key which does not leave the device) or E2E encrypted.
According to the section titles, the data here mostly contains account data (appstore, retail, appleid), public/shared data (gamecenter stuff) and cloud-synched stuff (bookmarks, reading list, notes, contacts, …) as well as ancillary data ("Marketing subscriptions, downloads and other activity").
This doesn’t make any additional information available to law enforcement.
Apple may not collect that much data, but they enable a platform which allows massive data collection. They're not exactly banning Facebook from the App Store are they? In a way, this allows them to have their cake and eat it, by avoiding criticism from 1st party data collection, but selling a curated platform that deliberately approves of it from third parties.
If the FBI founds out you downloaded a white nationalist, or Islamic app, they now know where to continue their fishing expedition. This isn't exactly benign information.