In a rather unexpected announcement (no prior leaks, no rumors), Apple announced some new upcoming features to protect user data. My first reaction - it is about time! Let's break down these new features.

iMessage Contact Key Verification

iMessage has end-to-end encryption (E2EE) by default (unlike some other messaging platforms that provide it only as an option). However, for some "exceptionally advanced adversary" who somehow gets to insert their device into the mix and eavesdrop (though personally, I find it extremely sophisticated hacking, BUT not impossible), having all the devices belonging to a contact verified provides a way to find out if a rogue device was added to the mix. Signal, the E2EE messaging app, has this for quite sometime already. Whilst I have yet to see this in action (the verification thing, not being infiltrated), being able to know if a rogue device is part of an iMessage thread would be useful specially for high risk users.

Adding E2EE to more iCloud services

This has been one of the major criticisms about Apple's privacy marketing - that iCloud back-up is encrypted with Apple's keys, which allows law enforcement to request (demand?) Apple for a copy. Note that Apple has E2EE on some iCloud data, e.g., health data, keychain, home, iMessage (when not backed up on iCloud), payment information, WiFi passwords, even Safari browser history, map, screen time settings and memoji already.

With Advanced Data Protection for iCloud, Apple now has E2EE on ALL data points (see this for complete list), except for Mail, Contacts and Calendar, because these are based on industry standard protocols that do not have built-in support for encryption. Yeah, Proton and Tutanota have E2EE encryption on mail, contacts and calendar, but these cannot be accessed by other industry-standard third-party mail, contacts and calendar clients (proton provides a bridge for mail, but that is quite tricky to setup). With E2EE, even Apple cannot decipher the content of these data on iCloud. The Advanced Data Protection for iCloud is OPT-IN, meaning users will need to enable it.

Users need to understand that enabling this will prevent Apple from recovering ANY iCloud data, in case users forget their password. In fact, before this is enabled, users are required to have Recovery Key/Pin and/or Recovery Contact enabled, which removes Apple from the equation should account access needs to be restored. I think Apple can help regain access to your account, but the encrypted data is lost forever. I guess Apple's numbers on the Recovery Key/Pin and Recovery Contact enabled accounts are too low for Apple to pull the trigger and make it the default. I reckon that in 5 years, this will be the default (when old hardware has been declared as vintage). A full E2EE iCloud data, including photos, was mentioned as a justification for Apple's plan for on-device photo scanning to combat Child Sexual Abuse Materials (CSAM) earlier this year. Whilst this does not, in anyway, solve the entire problem of on-device scanning, it is a welcome surprise that Apple has finally shelved this plan.

Hardware Authentication

Apple has two-factor authentication for a long time already. This year, Passkeys was rolled out - which allows your Apple devices as your secondary hardware key. Now, Apple is enabling third-party hardware authentication support. Think Yubikey and other similar dongles. This provides more protection to users, as the current second factor can still be phished - a hardware security key helps prevent this. All of these new features will be rolling out next year. I cannot wait to get these features and enable them. Yes, even though my threat level is not high, these protections are always welcome. I can now add my Apple account to my Yubikeys! Thanks, Apple!