undefined | Better HN

0 pointscmarschner10y ago0 comments

Naive quedtion perhaps, bit why wouldn't they be able to employ the same hardware on icloud than on the phone?

0 comments

Uploading the encrypted content has no value as backup, if you don't have keys that can decrypt it. If the keys are backed up as well, all security is gone.

ethbro10y ago

Is it that hard to have the phone display an encryption key and have the user copy it to dead tree?

As above, not a good idea for a default, but don't see why it wouldn't be technically viable for opt-in protection.

philipov10y ago

The hardware key is designed to be impossible to extract from the device. That's part of the security, so you can't simply transfer the data to a phone where protections against brute-forcing the user key have been removed.

1 more reply

dignati10y ago

It can be the same hardware but I believe that not usually meant with "hardware based encryption". The point is that the private keys never leave the hardware of the phone, thus making it secure. So they could employ the same hardware but the hardware does not have the necessary keys.

j / k navigate · click thread line to collapse