iOS Security: Apple Makes It Impossible for Government Agencies to Spy On Your iCloud
Rich Mogull at TidBITS has an interesting article about the new highly advanced cryptographic options in Apple’s iCloud system, that essentially make it impossible even for government agencies like the NSA to spy on your iCloud data.
This week Apple released a massive update to their “iOS Security” white paper for IT professionals. It contains more information on iOS security than Apple has ever shared publicly before, including extensive details on Touch ID, Data Protection, network security, application security, and nearly all security-related features, options, and protective controls.
For the first time, we have extensive details on iCloud security. For security professionals like myself, this is like waking up and finding a pot of gold sitting on my keyboard. Along with some of the most impressive security I’ve ever seen, Apple has provided a way to make it impossible for agencies like the NSA to obtain your iCloud Keychain passwords.
The paper is incredibly dense, even getting to the level of detail of which flavor of particular encryption algorithms are used in which security controls. I will likely be digesting it for months, but one particular section contained an important nugget that explains why the NSA can’t snoop on your iCloud Keychain passwords.
Read the rest: TidBITS: How to Protect Your iCloud Keychain From the NSA.
Here’s that iOS Security White Paper: