Wednesday, July 18, 2018

iCloud data in China stored by government servers

Everybody loves that little cloud backup thing. All your crap, backed up in one, supposedly really safe, place.

A state-owned telecommunications company in China now stores the iCloud data for Apple's China-based users. This is really bad news for dissidents and critics of the government.
In February, Apple caused an uproar when it announced it would be moving Chinese users' iCloud accounts — and their encryption keys — to a China-based server company Guizhou-Cloud Big Data. Human rights advocates warned this move would be dangerous, especially so for Chinese dissidents. Apple's response was that it simply had no choice but to comply if it wanted to continue providing its iCloud service to Chinese customers.

But then it got worse.

Fast forward to today: China Telecom, a government owned telco, is taking over the iCloud data from Guizhou-Cloud Big Data. This essentially means that  a state-owned firm now has access to all the iCloud data China-based users store, such as photos, notes, emails, and text messages.

Yeah. The Chinese Stazi has full control and access to all the shit your iPhone does if you live in China. What are the main differences between the present day Chinese Stazi and the old East German Stazi? The original was smaller and therefore less evil. On the other hand, the Chinese knock-off has much better press coverage from the American media.

Here's a question you should consider before pushing that cloud button: Who, exactly, has access to all your iPhone shit here in North America? The answer is:
YOU DON'T KNOW.
There's literally no way for us to know, for sure, who has access to all that stuff on those remote servers.

Hmmmm.....

The Phantom

8 comments:

Robin Munn said...

This is one of the reasons I went with SpiderOak One for my off-site backup. They have set up their backup system as a "no knowledge" system, where they have no knowledge about your data except for the things they specifically tell you they'll know about it. (Like how much space you're consuming on their servers, because that determines how much storage they bill you for). Specifically, they couldn't access you data even if they wanted to, because they don't have access to your data's encryption key. (Assuming that they haven't build any backdoors into their client, but they very publicly hired an outside auditing firm to check that, so it's rather unlikely that they're lying about that detail). This does mean that if you forget your password, that's it: your backups are unrecoverable, because only someone who knows your password will be able to decrypt the files. But on the plus side, even if they stored all their data in China, I would know, not just guess, that my files were still private.

Anonymous said...

Worse yet, there's no way to *really* know that your data is not being sent to the cloud even if you have iCloud or some other cloud backup turned off.

The Phantom said...

Salutations, fellow computer nerds. ~:D

Robin, peace be upon SpiderOak, but even assuming the security of their encryption is unassailable, there is the -public- infrastructure part of the equation to consider. We know that the NSA copies pretty much every packet on the internet, they have taps on all the backbones in the USA and Canada, plus the international cables. While I'm quite sure they don't give a crap what The Phantom keeps on his phone, if they have a copy, they can go find out some day.

As a practical matter, pretty much all encryption can be assumed compromised, because it runs on corrupt hardware. If somebody wants to know what's on that hard drive, they are going to know.

Also, as Anonymous said there's no way to be -sure- your phone is not calling home to Mummy short of sticking it in a steel box.

Therefore, the only safety available is don't put important stuff on your phone, and keep your important stuff backed up on hardware that you physically control. If I was running a company that needed to keep IP secure, it would be air-gapped out the wazzoo. No web connected PCs in the same room with secure network PCs, and no phones in the office at all.

As consumers, our sole resort in times of need is doing business with private companies which can be sued. You can't sue city hall, but you can sue Apple. The only thing that will keep a Liberal with a Good Idea within the bounds of reason is fear of retribution.

If all of the above seems paranoid, it may be a result of being in the computer business since the 1980's. I remember populating the motherboards of Compaq 386s with memory chips, in at a time. Those original PC systems freed us all from the grip of Big Iron mainframes, where all your work was stored on hardware you had zero control over.

Every year we take step after step back to that Big Iron way of life. Mainframes are different now, but the mainframe mindset remains the same. Control the data, control the user, centralize everything, etc.

My phone is supposed to work for -me-, not be an ankle bracelet for the government and Big Iron companies like Apple and Google.

ZZMike said...

If your answer is, "I don't know", then the real answer is "anybody".

The Phantom said...

Potentially, yes. We know right now that Google and Farcebook sell their databases to anybody with the coin.

Zsuzsa said...

Phantom,

I don't think all encryption should be assumed to be compromised. I think most people have an incorrect picture of what encrypted data looks like. I think most people think of an encrypted file as like information in a safe: you get through the safe, and your data is waiting. In theory, you'd get in by opening the door with the combination, but you could drill your way in or explode the safe, or something, and get the info.

A better metaphor for encrypted data would be half of a treasure map. Essentially, the original data was cut up into two parts, the encrypted file and the encryption key, and without both, you can't recover the original data. It doesn't matter how clever a hacker you are; the information literally does not exist.

Now, there are admittedly a lot of cavaets in this, one of which would be that your password exists only in your head, and that you've never sent it (or the original file for that matter) unencrypted over the internet. But still, the encryption itself is secure.

ZZMike said...

Zsuzsa:

Countries have been breaking each others' codes & ciphers for decades. Even millennia, going back to the Greeks and Egyptians..... Remember Bletchley and Turing during WW2, and our code-breakers in the Pacific.

A recent news item told of a major company CEO who had his password cracked - it was 4-words, separated by "_". I'm convinced that my encrypted files are secure - but: the amount of effort into decryption is determined by how valuable the data is to the guys who want it.

It's inconceivable how many US companies have had their data stolen in recent years.

The Phantom said...

Headline on Drudge today: there's a billion "internet of things" devices out there with a newly discovered security hole. That would be a different one from all other security holes in IoT devices already discovered.

Zzussa said: "I don't think all encryption should be assumed to be compromised."

About the only thing I'd consider secure is a complex cypher running on a one-time pad. That would take an extremely long time to crack.

But as we see with IoT devices, the actual hardware itself has hard-wired faults that crackers can leverage. I posted something on the subject recently:

http://phantomsoapbox.blogspot.com/2015/09/on-subject-of-wiping-hard-drives.html

Read that article. It will curl your hair. There is no way to reliably wipe a hard drive anymore, as told by a guy who wipes hard drives for a living.

Even assuming that the US government has not coerced computer manufacturers into putting back doors into their chips, insufficient attention has been paid to security over the years. Given the revelations of Snowden and others, it seems plain that the concerned citizen should assume the reverse.

With pones its much worse. We know that the camera and microphone can be turned on remotely, and we know the phone can be switched "off" when this is done, and remain to the eye switched off.