I finally dropped iCloud and you should too

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey sun here i'm a private santa security researcher and whoo echo echo oh sorry about that um yeah have been published in a while i have so much i want to share uh but i want to dive right into a topic that is important to me right now um i and i'm ashamed of that i was or i have been using icloud to sync my contacts and my calendar between my mac and my iphone oh it is it's been something on my list for so long to kind of break up with apple and and just move that some other place so i went down that rabbit hole that's what i want to talk about today but i want to start with a punch um while doing this research i stumbled upon this uh article by apple which i'll link in the description uh it talks about icloud security overview um and it talks about end-to-end encryption and apple is this very privacy conscious company they're spending you know millions on advertising putting billboards stuff like this and and they've done some decent work in some places but they also have been quite despicable on other places or is that is that even english um so yeah one would think that our contacts and our calendar two very sensitive pieces of data about us would be end-to-end encrypted that means that when the data is created on your computer uh it is synchronized with other devices but in a way where it's encrypted on our computer before being you know sent to the other devices and this is this is not not the case at all um so going down here uh we get to kind of see what data types and associate encryption happen at apple so okay backups in transit and on server so let's go through a little bit of vocabulary here in transit means when your computer sends data to their servers while the data is in transit to their servers it is encrypted that's the same as when you go on your banking website it's https for instance that means your computer does a diffie-hellman key exchange with the server both agree in a shared key and then data is encrypted it prevents men in the middle attacks stuff like this and then on server or usually that's called sorry at rest that means that the server itself has some form of full disk encryption that means that the data is encrypted on the server it means if an attacker grabs one of the servers in the rack runs with it they cannot access the data the data that said is you know encrypted and decrypted using encryption keys on that server while it's being operated really sophisticated data sets can use hsms or hardware security modules that stored encryption keys but all you have to know is those keys are under the governance of that vendor or provider that means that apple can definitely access all the data that said they get to create governance schemes to make sure that you know not all employees can just read this data that said um this data is accessible to apple so that's that's a brief overview of in transit and on server encryption and it says a minimum of 128 bit aes is used uh 128 is good enough military standards is more around 256. uh so we can see here that calendars are encrypted in transit and on server same applies to contacts same applies to icloud drive what that means is all of our data is accessible to apple if apple is subpoenaed or whatever so it does not use intent encryption that is why i have been wanting to break up with icloud and you know contact and calendar sharing forever and i've done it so over the following few days i'm going to be bringing you guys along down that rabbit hole and i'll be sharing all of what i've learned but i wanted this i wanted us to get this out of the way right away icloud is not end-to-end encrypted that means that any data that you upload to icloud is accessible by apple um so yeah we're going to go down alternatives over the upcoming days one of which is it's an open source project started by a guy in france the project is super cool i'll be discussing it as a really sovereign self-hostable alternative and then we'll be talking about protonmail and tutanota and also about kaldav and kardav the two uh really old protocols that are used in probably 99.99 of implementations for calendar and contact sharing whoa i'm glad to be back i have a lot to share about a lot of other topics as well so yeah um i do want to take a moment here to also say that uh some of you are members uh or had become members on the old website i am ridiculously pumped to share that the old website if you've been around for some time is back on steroids so everything that some of you liked about the old website that had gone away when i moved everything to github is back that is the privacy guides reference material which is so much more intelligible on this website if you want to learn about something debian you can just use a search and then access all of this information in a really user-friendly way like this um so the privacy guides reference material is now accessible on the website away from trackers uh but and that is something that i am so proud of um it does require membership i'll put that out here right away all of you have memberships have been migrated over to this now when you look at recent episodes something that was only available on youtube uh within the realm of google trackers and profiling all of this stuff is now self-hosted and available when you have a membership you can now stream this right there it's crazy i've created my own streaming platform and if it's not crazy enough i'm not sure if you can see this i'll have a look at the camera here woo this is oh this is weird spatial awareness is upside down when i'm recording this oh man i won't be able to do this here somewhere i have my own little data center i do have fiber coming here at this house and when you stream videos on my website you are actually streaming them from here from the lab i mean i have shivers it's so crazy it is so crazy uh obviously it's going through some routing so that you don't get to know my ip um more on this by the way in a little later episode i'm using malvad and it's quite amazing what you can do for more technical use cases on all that but yeah all of this stuff is streamed from this house the server itself another server but the website is uh hosted in iceland so the whole thing is like ridiculously sovereign so anyways when you have a membership you get to watch this stuff down there and i know it's kind of a weird place to put this but i had no other option for now uh you get to uh essentially oh now i showed you my email i'm going to have to mask this in post production but you get to do this you can manage your subscription i'll show you what it looks like when you're not logged in so when you're not logged in if i reload this page it says become a member to watch here if you want to click there members watch episodes here away from trackers and get occasional discounts on store wish to support my work in a grand way please consider donating this is supported by you if you want to be able to get more content it's a great way of supporting this project if you donate or if you become a member or both and yeah some of you have been donating so thanks to everyone who has and for those of you who are early adopters in the membership program i mean thank you so much for having supported my work uh quick uh update um i am pulling to plug on ask me anything's live streams i'm trying to streamline uh what i do with my time and very few of you were attending so really the value that you get as a member is you get to watch the episodes on the website uh and you get occasional discounts on store right now qr bridge is the only thing on the store but there will be other products and i will likely be releasing master classes sometime in the future so that is it that's the updates i will be talking about all kinds of things and i'm just gonna tickle you a bit here um i for the longest of times was using an iphone uh on ios and i've been becoming more and more upset about the wall garden of apple and how it's just like impossible to do anything on ios with any form of you know independence or sovereignty uh so i'm really happy to say that i have now switched to graphene os uh i'm running android i know i know it's crazy uh but it's been quite the adventure and i'm really excited about it so tons of content coming your way uh i will be more more more much more often now on youtube because i've been doing a ton of research and i want to share all of it with you so yeah see you soon bye

Info

Channel: Sun Knudsen

Views: 110,823

Rating: undefined out of 5

Keywords: Apple, Privacy, Security, iCloud

Id: picHC0L5clA

Channel Id: undefined

Length: 10min 6sec (606 seconds)

Published: Wed May 18 2022