And MY point is that if you're really concerned with that you never should have been using iCloud sync in the first place. You were already exposed to that risk.
This isn't about trying to defend iCloud's teething problems, so these links are irrelevant.
Yes, there are risks associated with using a 3rd party service. However if you don't use one, you are claiming that you can do better in architecture, implementation, and DevOps.
How many apps do you have? Let's say you have 30.
What percentage of the developers of these apps do you think will do a better job of sync than Dropbox or Apple?
Unless you think that number is in the high 90's, then your advice is a severe disservice to end users.
I do understand that, hence why I was highlighting that if anyone were to think this tool will cover you for data loss, it wont.
Personally, any product that allows accidental deletion in one place that gets synchronised across all devices is a bad, bad thing. It only takes one virus or rogue app to delete the contents of a directory and the iCloud software will do it's thing and spread it.
If you knew about the existence of this program and were determined to keep a collection of CSAM on your phone I don't understand why someone would choose to dance around specific thresholds rather than just disable iCloud sync.
I'm a non-iCloud user (well, sort of), and I can't fathom a scenario where I would ever be tempted to use it. However, it's completely understandable what happened here and the guy even states this repeatedly: it was entirely his fault. He corrupted his own data.
That said, the magnitude of problems resulting from this surprised me. What happens if an iCloud sync folders gets corrupted due to a technical problem one day? Isn't this fragility also kind of a nightmare for Apple's developers?
>(Yes, there is an opt-in e2ee for iCloud now. No, nobody is using it because it is off by default and buried in settings.)
These are contradictory statements. It IS e2ee. I can easily convince friends and family to click through two menus to enable it. I can't easily convince my friends and family to go through the effort of installing syncthing on multiple devices and then go through with the configuration of them.
It's great you're a syncthing advocate, but telling people that icloud drive is bad just because they don't enable a setting that could cause an average user to lose all of their data if they lose the key is a little ridiculous. I GUARANTEE YOU that your grandmother would MUCH rather be able to call Apple to get her pictures of little johnny back when she forgets her password than have it "more secure by default".
There are two kinds of users in this scenario. Those who don't care (99%) and those who do.
If you count yourself among the latter group, as I do, then it's always solid advice to choose actions which clarify your intentions.
In this case:
- don't use iCloud
- don't use iCloud sync for the app you use for private data
- do explicitly choose to save the file locally
- don't enable new features like Continuity that clearly change the file
persistence and availability model without considering your old patterns
The author is rightly sore that his bits got pushed to Apple due to his oversight. He's wrong to place the blame fully on Apple, but it's hard to be fair when you're angry. And I'm glad he wrote it up because it should encourage people to think carefully about where and to whom they trust their data. Though most people I know sync their private data to Dropbox, Ffs, so...thinking != thinking, I guess.
My secure notes strategy is vim with encrypted files on an encrypted partition. It could still leak, and I'd be angry, but there are at least three vendors involved that would have to alter their products behaviours before I was hugely surprised. TextEdit on HFS+ on OSX with iCloud enabled is just one vendor, who can't always cater to my 1% of 1% expectations.
Did you even read the article? It's asking developers of third-party apps to not use the iCloud sync backend for their apps, due to a lot of problems they are seeing with it.
I am going to go a little further and suggest that Apple's entire iCloud + iTunes + backup + synchronization strategy/system/product/code is a disaster.
Why? Simple: You cannot trust it. You need to be able to trust such software. I'm sorry, but you just can't in this case.
I won't go into all of the details, links and examples here. Do a little searching and it should not be too hard to find hordes of people who have lost calendars, contacts, notes, photos and other valuable data thanks to Apple's wonderful software.
I have personally experienced loosing all of my contacts, appointments, calendar items and notes. Of course, being that this ain't my first rodeo I had backups of the backups. I always go into data storage situations with zero trust for what is being offered. It took some work to get the data back but I recovered.
That is not the point. The first three rules of any piece of software that users entrust with their data are:
1- Thou shalt not loose user data
2- Thou shalt not loose user data
3- Thou shalt not loose user data
Notice that cool hippie user interfaces are never mentioned there. My data (and your data) is far more valuable than their cool icons and "beautiful" design. Far, far more valuable.
Go ahead, Google it. The stories are horrific. From people loosing contacts to students loosing semesters worth of notes. Auto-magically.
I even went to my local Apple store to consult with a "Genius" about this. The guy was clueless. And, in fact, right in front of my eyes, he proceeded to accidentally delete all of my calendar entries --something that should be darn-near impossible to do. Again, I had my backup at home so I didn't blow a fuse. But, please.
I explained that it was not reasonable to blow away someone's data if their email service provider changed. If you go from Google to Yahoo all the shit that was being synchronized with Google goes poof. Really? Why? I would love to hear from someone at Apple on this. Why it is even remotely reasonable to blow away all of my contacts, notes and calendar information?
If you close your email account and you are no-longer able to log-on it seems iOS will attempt to synchronize, fail and then blow away your data. My wife has had cases of constantly disappearing notes and appointments due to failed synchronization sessions.
The greater point is that you should not have to be a programmer or IT worker to have your personal data be safe on iOS. She is not a technical person and without my help she would have descended into data loss hell. Grandpa and Grandma have no hope.
Anyhow, now iCloud and all forms of automated synchronization are turned off on all of our devices. Manual backup is still the only way you can be sure your data will not be lost.
Right, so don't backup your phone, on iCloud or anywhere else. Use another cloud service to store your files and only sync to your phone, don't back it up.
The article is a pretty clearly a plea to third party developers, not Apple, asking them to not force him to use iCloud as the only syncing option. Turning off iCloud, and disabling sync altogether is not really a "fix" (hobsons' choice more like it).
What's worst if even if I disable everything, I will find that some app will turn on iCloud sync by default at a later date without me knowing. I have to constantly check the settings to make sure nothing is syncing without my permission.
reply