this post was submitted on 18 May 2024
239 points (94.8% liked)

Privacy

31939 readers
811 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 100 points 5 months ago (1 children)

It restoring deleted photos onto wiped devices that have been resold is a privacy nightmare.

[–] [email protected] 33 points 5 months ago* (last edited 5 months ago) (2 children)

I wonder if they’re doing that to reduce the write cycles on the cells and since they’re “encrypting” the contents of the cells they figure the overall IO flag of the data being deleted is “good enough”.

So, in a perfect world, when you wipe the phone it’s basically just trashing the encryption key and so it’s useless data.

That’s all assuming that the encryption method/keys are foolproof which is always a bad bet.

And, this here makes me wonder how effective that is.

And a person claimed in a later post that “around 300” of their old pictures, some of which were “revealing,” appeared on an iPad they’d wiped per Apple’s guidelines and sold to a friend.

That’s a huge issue. Not just for photos but also files for sensitive data, secrets, etc. this, if true, is a massive issue overall since it even happening at all shouldn’t be possible.

[–] [email protected] 21 points 5 months ago

Indeed. If true, it means Apple’s technology doesn’t work the way they claim. Which is a really big issue.

[–] [email protected] 2 points 5 months ago* (last edited 5 months ago) (1 children)

It seems unlikely that this is accidentally reading old encrypted data blocks. The filesystem wouldn't even try to access data that it hasn't written to yet. So you would need both filesystem bugs and bugs with encryption key management.

I think the theory that iCloud is accidentally restoring images based on the device ID is much more likely. It is also quite concerning but seems more plausible to me.

[–] [email protected] 4 points 5 months ago

Offloading the data to the cloud and making it accessible on other devices no longer signed into iCloud.

That is so much worse if true.