Hacker News new | past | comments | ask | show | jobs | submit login

Which is why Apple protects your data in a way they can't access it - in the event that they change into Google and Facebook in future they have no access to the current information.

I don't think it's valid to say Apple can't access your data. Maybe I'm understanding it wrong, but wouldn't that mean all your data would have to be encrypted with a private key that only you have? All I use to access my Apple data is a password, which I can reset at anytime.

Correct, all your data on apple's services are encrypted such that apple can't access them. The final fallback for account recovery is the "iCloud key vault" which is covered in documentation they published. Those are essentially HSMs gated by your account password and passcode, and a counter that triggers recovery key erasure.

I think the primary security white paper describes exactly how it works, but essentially there's a set of shared symmetric keys that are encrypted to public keys for each of your devices. Outside of the key vault path, the way a new device gets access to those keys is one of your other 2fa devices encrypt a decryption key to the new device when you approve it. The basic result is that there is no point in which the key material is transmitted unencrypted off a device.

I mean, Apple can push a software update that changes how this works. But what you describe is still a lot better than nothing.

> all your data on apple's services are encrypted such that apple can't access them

This is only true for certain services.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact