Earlier this month it became widely publicized that Apple maintains complete control over the master encryption key to their marquee cloud offering, iCloud. Now, to anyone familiar with security and encryption this should come as no surprise. In order for nearly all consumer cloud services to provide anywhere access to data the provider must be able to encrypt and decrypt data on the fly. But it brings up the bigger question of, who should I trust with my data?
To even begin to answer that question, we need to first look at what types of data are being stored inside Apple’s iCloud. For our purposes, we’ll break the data into two sets: general media files and personal files. The first group consists of music, movies, books, and mobile apps – not exactly what you’d call sensitive data. If a third-party were to gain access to your music library, it wouldn’t be the end of the world. The second group, however, is made up of much more personal documents, including notes, calendar events, mail, contacts, and user settings. This is personal information, there’s no question about it, but would a hacker or rogue Apple employee really go through the effort to read your email, text messages, and photos? Maybe if you are Scarlett Johansson – but that’s a different story…