undefined | Better HN

0 pointssneak2y ago0 comments

Oh, because Apple has the plaintext file hashes even under ADP, if those files exist anywhere else in any user account in iCloud (that doesn’t have ADP enabled) then Apple has the plaintext file contents too, so it’s effectively non-e2ee for those files.

0 comments

ok_dad2y ago

Gotta trust someone if you want to use things like cloud file storage. Everything you said is true but sensationalized, someone could be accessing my files but I trust that there are controls in place not to allow that. If I cannot trust Apple, then why should I trust Google or even an AWS EC2 configured by myself to host my files? Anything could be backdoored and any service could read your data, either trust no one and live offline or choose to give your trust to the most trustable service. I chose Apple for now.

sneakOP2y ago

This simply isn’t true. There are lots of ways of not trusting cloud storage; that’s the whole point of end to end encryption.

You don’t need to trust the provider to not read your files if they are encrypted clientside and they don’t have the keys.

j / k navigate · click thread line to collapse

0 comments

ok_dad2y ago

sneakOP2y ago

This simply isn’t true. There are lots of ways of not trusting cloud storage; that’s the whole point of end to end encryption.

You don’t need to trust the provider to not read your files if they are encrypted clientside and they don’t have the keys.

j / k navigate · click thread line to collapse