Apple widens usage of end-to-end encryption for its iCloud. What are the implications for Nextcloud?

iCloud’s new end-to-end encryption (E2EE) features are explained here: iCloud data security overview - Apple Support (also check out the Hacker News discussion).

Nextcloud already supports E2EE, but there are still some very useful features missing:

  • Secure sharing with other users without the need to enter passwords. (not yet implemented)
  • Efficient sharing and revoking shares without the need to re-encrypt large files. (not yet implemented)
  • Supports a Hardware Security Module for enterprise environments which enables securely issuing new keys to users. (not yet implemented)
  • Supports an offline administrator recovery key to be kept in a physically separated location. Users get warned when this key is enabled. (not yet implemented)

Apple’s iCloud also doesn’t have full support for all its features when using E2EE, e.g.:

Advanced Data Protection is designed to maintain end-to-end encryption for shared content as long as all participants have Advanced Data Protection enabled. This level of protection is supported in most iCloud sharing features, including iCloud Shared Photo Library, iCloud Drive shared folders, and shared Notes.

iWork collaboration, the Shared Albums feature in Photos, and sharing content with “anyone with a link,” do not support Advanced Data Protection. When you use these features, the encryption keys for the shared content are securely uploaded to Apple data centers so that iCloud can facilitate real-time collaboration or web sharing. This means the shared content is not end-to-end encrypted, even when Advanced Data Protection is enabled.

Owning and having control of your data is one of the key benefits of Nextcloud over other cloud services (e.g., by running it on a bare metal server/VPS using E2EE or using a home server to make sure only you can access your data). When other services (like iCloud) apply the same (or even better) E2EE, some of these benefits of Nextcloud are now gone.

There are still many reasons to favor Nextcloud (open source, created and maintained by a European non-big tech company, trust, etc.), but I’d like to have a discussion on how iCloud’s E2EE might remove a big reason for quite some people to use or move to Nextcloud. I think that other big tech cloud services will have to follow Apple and offer E2EE as well, so this discussion seems urgent.

Some talking points:

  • Nextcloud’s E2EE has to be top notch: it needs to restrict Nextcloud’s features as little as possible and be extremely easy to use and solid. Ideally it’d be on by default (only people that fully trust a bare metal server/VPS or use a home server or only host public data might want to explicitly turn it off and maybe enjoy a bit more functionality in return).
  • This situation reminds me of Signal and WhatsApp. When WhatsApp implemented E2EE (actually created by Signal), the main selling point to move to Signal was gone. The remaining selling points are more subtle for the general public (open source, encryption of more metadata, foundation instead of big tech, trust).

I’m very interested in what other think about this! Is it a problem? Maybe not as much?

This is an excellent thing, which is not a problem. It is also much more complex and nuanced then you’ve described it.

Implementation is everything. Also, whether you actually trust whatsapp or Apple or Nextcloud to properly maintain or even implement e2e encryption. History suggestions companies do not understand what e2e means… no one else has access to read/write or recover your data without the keys (which they do not have).

This means e2e should break all existing functionality, because it cannot be accessed by outside tools. If the server can access your data without a client, how is that e2e encrypted? Make sense? If you want proper e2e, wouldn’t you client side encrypt before the data reaches the server in the first place…?

There are many scenarios where E2EE is not wanted or needed. For example, if you control the hardware, then it’s largely just a hinderance (my opinion of course). To me, this is a feature to use when you don’t trust the sysadmin, but if I didn’t, then my data would not be on that system regardless of E2EE.

Also in enterprise environments where the data is not personal (or not supposed to be at any rate) then it’s better for the sysadmin to have a level of access for a variety of reasons.

I will also just point out that Apple does gratuitous unwarranted searches of your data, in violation of the US Constitution. So clearly that data is not as secure as we are led to believe, nor are they the sticklers for privacy they claim to be. I would not trust Apple or any other big tech to not have a backdoor key to read any data they host.

A few days ago Google announced Client-side encryption for Gmail available in beta, for Google Workspace Enterprise Plus, Education Plus, and Education Standard.

This further expands their optional use of client side encryption beyond Drive, Meet and Calendar.