Apple has announced a major upgrade to its data privacy protection for iCloud, giving users of the cloud storage platform a significant security upgrade
Among the new advanced privacy features are iMessage Contact Key Verification, which looks to provide further SMS-based security, and Advanced Data Protection for iCloud.
While the announcement hints the new features are designed primarily for high-profile targets (journalists, dissidents, human rights activitists, political opposition, etc.) they will be available for all consumers, offering a welcome boost against security threats.
Fighting “exceptionally advanced” adversaries
Advanced Data Protection for iCloud is designed to keep user data protected, even in case of a breach in the cloud.
It does so by making sure the sensitive data is only decrypted on trusted devices. Currently, iCloud protects 14 sensitive data categories with end-to-end encryption, but Apple is now increasing this to 23, adding iCloud Backup, Notes, and Photos to the mix.
The only major iCloud data categories that are not covered are iCloud Mail, Contacts, and Calendar, due to the fact that these need to interoperate with the global email, contacts, and calendar systems, Apple said.
“As threats to user data become increasingly sophisticated and complex, these new features join a suite of other protections that make Apple products the most secure on the market,” the company said.
iMessage Contact Key Verification will allow users to further verify that the person they’re talking to is the only one receiving the messages they’re sending out. Users that have the feature enabled will receive a notification in case an “exceptionally advanced adversary, such as a state-sponsored attacker” manages to breach Apple’s cloud servers and inserts an eavesdropping device. Furthermore, iMessage Contact Key Verification users can compare a Contact Verification Code in person, on FaceTime, or through another secure call, Apple added.
