[HN Gopher] macOS Sonoma silently enabled iCloud Keychain despit...
___________________________________________________________________
macOS Sonoma silently enabled iCloud Keychain despite my
precautions
Author : walterbell
Score : 113 points
Date : 2024-05-26 20:18 UTC (2 hours ago)
(HTM) web link (lapcatsoftware.com)
(TXT) w3m dump (lapcatsoftware.com)
| justinclift wrote:
| Seems like Apple have clearly gone from "We take your privacy
| seriously!" to "We take your privacy, seriously!".
| cjk2 wrote:
| To quote the article
|
| _" I've always managed my data myself, taking personal
| responsibility for protecting it and backing it up. I don't want
| or need Apple to insert itself into this process as a remote
| nanny."_
|
| But do this to sync to iCloud at all, you'd have to log into an
| Apple account in the first place on the machine. Surely that is
| counter to the requirement?
| OsrsNeedsf2P wrote:
| Agreed. This is OPs fault
| FLT8 wrote:
| There are other reasons to be logged into iCloud. For example,
| "find my device" relies on this. Just because you want to be
| able to find a stolen device doesn't mean you also want your
| data exfiltrated.
| csande17 wrote:
| The author also ships software on the Mac App Store that
| includes an option to sync settings via iCloud. Presumably
| they test it on their main user account to catch all the
| weird iCloud bugs that only occur if you use it frequently.
| walterbell wrote:
| How does one download app security updates without login?
|
| It's usually possible to login via the App Store, without
| logging into iCloud.
| justinclift wrote:
| Yeah, that's the same setup I use. An Apple account for our
| dev membership and being able to download stuff (ie Xcode),
| but no iCloud usage at all. Neither need nor want iCloud
| anything.
| rock_artist wrote:
| I don't expect bug free software. But I do expect Apple to do
| minimal tests of the toggled off cases. It's one of the biggest
| companies. Why can they test minimum trivial QA workflows? Why
| there's always this bug where some toggle is broken resulting
| unintended data to be sent or downloaded?
| doubled112 wrote:
| I know I'm supposed to attribute things like this to
| incompetence, not malice, but how many times can a similar
| mistake repeat before it is not a mistake?
|
| Seems similar to how Windows settings "accidentally" revert to
| the less private ones.
| upon_drumhead wrote:
| I don't really understand the folks that use the platform and
| then talk about how completely untrustworthy it is.
| ben_w wrote:
| Pick your poison, everything else is also broken.
| upon_drumhead wrote:
| Sure, but if you fully believe that the platform is
| untrustworthy, that seems like the ultimate dealbreaker for
| someone who is concerned about their data privacy. It's the
| juxtaposition of "I don't trust this platform at all" and "I
| put my data that must remain private on it" that I don't
| understand.
| dkarras wrote:
| Trusthworthy has two meanings here. I trust that Apple does
| have no intention to look into my private data. I think
| they'd rather have no way of getting into it while
| providing the services as that minimizes their liability.
| In that sense they are trustworthy. But you might not trust
| them to be secure enough to store that data. Or maybe it
| has nothing to do with Apple, maybe you don't want your
| keychain in the "cloud" ever. I trust Apple does not intend
| to be nefarious, I don't trust (the security of) any
| "cloud" to store sensitive data. Those are not conflicting
| positions to be in.
| ric129 wrote:
| There's an inherent trade-off in everything
|
| Besides, in this case.. it does not help that you'd also have
| to exchange hardware
| asadotzler wrote:
| Because this particular untrustworthiness manifested _after_
| the user adopted the platform. I don 't really understand
| corporate bootlicking either, but I can at least take a minute
| to think about it before posting nonsense.
| revscat wrote:
| No one is fully trustworthy.
| Apocryphon wrote:
| It's kind of funny- I find myself to be on the critical side
| when it comes to Apple, especially on HN, but when it comes to
| iCloud Keychain I use it pretty unquestioning. Probably because
| I don't trust 1Password or other password managers to be any
| better, and it's a feature that's baked into the OS so adoption
| is frictionless.
| overstay8930 wrote:
| Seriously, you have to be so detached from reality to think
| iCloud Keychain sync is an issue at all, you just have to
| believe Apple put a backdoor their own TPM chip so they could
| decrypt your Keychain with a software update without human
| interaction.
|
| If you're this distrustful of Apple, your logic should say to
| not use local Keychain at all. You either trust Apple's
| hardware backed E2EE or you don't trust anything from Apple at
| all, there's no picking and choosing when it comes to this sort
| of thing.
|
| I bet privacy researchers at Apple are facepalming reading
| these threads thinking people can run their own crypto better
| than they can.
| pomian wrote:
| That's great you posted this information. As someone who helps
| various other people with their computers, and a lot of them
| Macs, it's hard to stay on top of all nuances of trying to keep
| secure and private. Apple keeps doing things that are more
| Microsoft like, all the time. It is becoming extremely difficult
| to keep your own data, on your own machine.
| walterbell wrote:
| Asahi Linux on Apple Silicon is increasingly attractive.
| umanwizard wrote:
| Unfortunately no support for M3 MBPs yet
| mixmastamyk wrote:
| Is it possible to install without mac os and/or internet
| access yet?
| II2II wrote:
| > why don't I just "go with the flow", adopt iCloud Keychain and
| passkeys?
|
| I don't like the "on principle" response since a lot of people
| will end up thinking, "oh, so it doesn't _really_ matter. " Even
| the author's elaboration could lead to responses like: "they are
| control freaks," or "they are paranoid."
|
| In my case, the answer is simple: I have access to systems that
| contain confidential information about other people. Protecting
| their data is my _responsibility_. While I have little doubt that
| Apple (and other vendors that provide similar services) do their
| best to guarantee the security of these products, their
| centralized nature and potential value of the data it leads to
| make them very juicy targets.
| andrewaylett wrote:
| I suspect that Apple (and Google) are going to be better at
| maintaining my privacy (at least from anyone who isn't Apple
| (or Google, respectively)) than I am.
|
| For the record, there's plenty of data I wouldn't want to give
| either company (especially Google) but the answer there is also
| fairly straightforward: I don't put my passwords into my iCloud
| Keychain. Or, for that matter, into Google's password manager.
| dijit wrote:
| I am your government.
|
| I am your doctor.
|
| I am your lawyer.
|
| I don't trust any company, let alone a foreign controlled one
| to have authorised access to my accounts as me. I would be
| held accountable if they were exposed and they sufficiently
| covered their tracks (and they are incentivised to try).
|
| Why should I brazenly permit this?
|
| (for the record, as a private individual I _am_ using iCloud
| keychain, and for work I use 1password with its online
| storage: however I just make video games, I don't have the
| power to destroy lives, nor do I have a responsibility to
| avoid it; I am merely pointing out that perfect being the
| enemy of good is not always good enough for everyone.)
| II2II wrote:
| > I don't trust any company
|
| It does not have to be a matter of trust. People make
| mistakes. The wrong mistake can lead to a vulnerability.
| Technology advances. What was considered secure 20 years
| ago is not considered secure today. Companies change hands
| and have changes in leadership. Then there is the question
| of: what does trusting a company mean? Their actions are
| the result of a multitude of minds, not a singular one.
| can16358p wrote:
| While not directly related to OP's issue, after using Apple Watch
| Ultra and seeing how buggy and crappy everything about it is for
| a several months with literally zero fixes (not just me, but
| several friends who has Ultra too), I'm convinced that QA at
| Apple is run by primate apes.
|
| There is no sensible explanation that a flagship device can be
| full of bugs and inferior quality to its 3-year older non-
| flagship counterparts.
| SahAssar wrote:
| > I'm convinced that QA at Apple is run by primate apes.
|
| If you yourself is not a primate ape I would be surprised and
| call every news agency available to tell them a new species is
| using written language and the internet.
| jimkoen wrote:
| I tried to report issues with a broken VP9 decoder causing
| system instability in MediaToolBox on my Mac Mini but I need
| to pay 100$ to even get a chance for an Apple tech to see
| this issue in their developer forums (not that they engage
| much with their developer community at all).
|
| Apple is shipping broken software left and right ever since
| the ARM transition and it's become noticeable.
| SahAssar wrote:
| I was mostly replying to the implication that apple would
| be using anything other than primate apes for QA.
|
| What other species/order than primate apes do you think
| would be suitable for apple QA?
| WWLink wrote:
| The regular apple watch has some bugs that have been around for
| years, too.
|
| One of my favorite features is on the mickey/minnie watch face,
| they verbally tell you the time if you tap them..... except
| when they don't. Sometimes they just stop working until you
| power cycle the watch lol.
|
| Also phone calls to/from the watch seem to go through fits of
| random failure. Like at least once a week it'll inexplicably
| fail to get notifications or fail to answer phone calls. And
| then once a month I'll have to power cycle both the watch and
| the phone because they fall into a trap where any call in/out
| fails.
|
| I first noticed these bugs on my s4 and iphone xs. I'm
| currently using an s8 and iphone 13. Still got those bugs lol.
|
| Oh I thought of one more. Any iOS device with a home button and
| an alphanumeric password won't show you the keyboard when it
| first starts up. You have to hit the power button and then wake
| it with the home button to see the keyboard lol.
| dukeofdoom wrote:
| I just got a regular mouse ear alarm clock. The phone one has
| bugged out on me before, can't trust it now.
| Rinzler89 wrote:
| What's a mouse ear alarm clock?
| saagarjha wrote:
| https://upload.wikimedia.org/wikipedia/commons/e/ef/Alarm
| _Cl...
| walterbell wrote:
| _> Any iOS device with a home button and an alphanumeric
| password won 't show you the keyboard when it first starts
| up. You have to hit the power button and then wake it with
| the home button to see the keyboard lol._
|
| Thanks for explaining iPhone SE2/SE3 behavior.
|
| iOS Magnifier (for blind people!) will randomly stop speaking
| "image descriptions", continuing onscreen, invisible to the
| blind user.
| samatman wrote:
| I have seen absolutely nothing of the sort. My experience is
| that other than a larger screen and an extra button, the Ultra
| is just like the normal Apple watch which preceded it: reliable
| to an almost boring degree.
|
| To the point where I want to include some sort of caveat or
| flaw in my reply, lest I be accused of the dreaded fanboyism.
| Problem with that is that I don't have one. I can't think of a
| single bug or glitch in the 18 months I've had it.
|
| I guess I have one kvetch: there was a major OS version bump
| during which they disabled swiping between faces. They added it
| back as an option, which I promptly turned on, and that was
| that.
| Rinzler89 wrote:
| _> I 'm convinced that QA at Apple is run by primate apes._
|
| Big-tech sees no value in QA thee days when they already have
| monopolies over huge markets, so these jobs get cut. And even
| when they don't get cut, since such jobs are dead-end for your
| career there anyway ... you get what happens.
|
| So a lot of QA is actually outsourced to third party body shops
| where employees don't care beyond shoveling some tests out the
| door to get home quick and get paid.
| squirtle24 wrote:
| I know someone who works at Apple QA. A lot of it is done by
| wholly unqualified contractors who blindly check off test cases
| as passed. Sad to say it, but most of these contractors aren't
| very bright and have zero experience or training, let alone
| interest in doing a good job; strange why apple continues to
| work with the sourcing firm.
| saagarjha wrote:
| I've worked with (as in, directly on their team) some of
| Apple's QA when I was an intern. They were quite bright and
| dedicated people. It's just that their job truly sucks and
| the rest of the company doesn't value them. When I was there
| their daily task was to run the same runbook of basic actions
| from 8 AM to the afternoon. It used to be to the end of the
| day, actually, until someone wrote up a Python script for
| them to save several hours on some of the checks. I had a
| chat with the actual engineers writing the code they were
| testing, vaguely pointing towards "hey I heard about CI and
| automated tests, wouldn't this make things a lot better?" and
| he just point-blank rejected it. QA was there to test the
| code he wrote. There was zero self-reflection on how he could
| improve or that this process sucked. My impression is that a
| lot of Apple has a similar mindset which they are slowly
| working to change.
| threeseed wrote:
| Be curious what bugs you are referring to.
|
| I've had an Ultra since it launched and it's been no different
| to any other Apple Watch.
| 015a wrote:
| I recently had my Apple Watch (Series 9, few months old) touch
| screen refuse to respond to touch input, and instead issue
| seemingly random pokes and drags until it eventually worked its
| way toward calling 911. After assuring the operator that it was
| just my nearly-new Apple Watch freaking out, I was able to dig
| up an Apple Support article that outlined how to hard reset it
| with the physical buttons, which still worked.
|
| Apple's quality control has been getting worse every year. This
| is something we say every year; that's because its true every
| year. They started the highest coming out of the 2000s, plenty
| big laurels to rest on. But their (and Microsoft's) software
| has gotten so bad nowadays that linux desktops are starting to
| look stable (and don't interpret that as an endorsement of the
| improvements in stability of the linux desktop experience, not
| even close, year of the linux desktop might happen but only
| because everything is so shit that you might as well at least
| use the shit that isn't taking screenshots of your desktop or
| resurfacing photos you deleted five years ago).
| giancarlostoro wrote:
| > resurfacing photos you deleted five years ago
|
| Yikes. That seems so wrong.I havent had this happen. For me
| the final straw was Windows Defender sending files to be
| analyzed, without letting you audit which files have been
| sent over.
| walterbell wrote:
| For maximum data isolation of hardware devices from Apple:
| - avoid storing anything on iCloud - disable iCloud via MDM
| / Apple Configurator policy profile - router block Apple
| network (17.0.0.0/8) connections - router block Apple CDNs
| via dnsmasq wildcard domains - router allow Apple servers
| for notifications and app/OS updates - login via App Store
| only, not Settings/iCloud
|
| Apple list by service: https://support.apple.com/en-us/101555
| macintux wrote:
| Discussion from the previous blog post, a week ago:
| https://news.ycombinator.com/item?id=40409290
| peppertree wrote:
| What are the best alternatives besides cloud keychains. Coming
| from sharing same password for multiple accounts, cloud keychain
| has been step up for me security wise. I'm honestly curious what
| are the better alternatives.
| readams wrote:
| Something independent and cross platform like bitwarden.
| walterbell wrote:
| iOS/macOS/Win/Android Codebook,
| https://www.zetetic.net/codebook/ - no
| subscription - open-source encryption (SQLCipher) -
| device-to-device encrypted sync via ethernet/wifi, dropbox,
| google drive - indie US developer, lineage to 1998 STRIP
| on PalmPilot - TOTP 2FA authenticator - sync
| encrypted notes/images
|
| 1999, http://www.cnn.com/TECH/computing/9911/30/palm.tools.idg/
|
| _> Secure Tool for Recalling Important Passwords (STRIP).
| STRIP uses heavy-duty, 128-bit triple-Data Encryption Standard
| to store information, and that means any information -- credit-
| card numbers, Web site accounts and voice-mail access codes.
| STRIP (Zetetic Enterprises, free) is also a great tool for IT
| managers who administer distributed environments. It can
| random-generate complex passwords and allows account
| information to be beamed between Palms, so the IT staff can
| stay up-to-date._
| nc0 wrote:
| 1Password is reputed. Or KeepassXC if you prefer something to
| self-host
| crazygringo wrote:
| Funny, I just checked and my iCloud keychain is _not_ enabled. I
| 've had it off for years (always?), and definitely upgraded to
| Sonoma when it prompted me, and it didn't re-enable it for me.
|
| My System Settings > Passwords says "Turn on iCloud Keychain"
| with two buttons "Not Now" and "Enable". (No idea what why
| there's a button "Not Now"?)
|
| But I don't use Keychain at all, I use a third-party password
| manager. At some points I'm sure Keychain has asked me if I
| wanted to save various passwords in Keychain and I've always said
| no. And it hasn't bugged me about it in a long time.
|
| I wonder why OP's systems are turning it on when mine didn't?
___________________________________________________________________
(page generated 2024-05-26 23:01 UTC)