I thought that the data would be encrypted with your device's key, not Apple's key.
Here's a quote of his from the Charlie Rose interview:
We’re not reading your email, we’re not reading your iMessages. If the government laid a subpoena on us to get your iMessages, we can’t provide it. It’s encrypted and we don’t have the key.
Perhaps that's not the case? Or rather, perhaps that's literally only the case with iMessage? I don't think iMessages are ever stored on iCloud, and instead only ever propagate from device to device...
Actually within US law and case law, even the horrible Patriot act, that is not true. The government cannot require you to design your photo service (for example) to allow eavesdropping. They almost made that a law back in the 90s but enough tech companies freaked that it got shitcanned.
Similarly, you cannot be ordered to lie and say the NSA has not been given access to your servers, you can only be ordered not to discuss it if it has happened.
They do for certain technologies (see CALEA) but even for others they would be required to take reasonable effort to comply with court orders. Intercepting passwords isn't particularly difficult, assuming they don't have them already. Lavabit was required to do something like this.
Hmm, yes. That makes sense. Being able to retrieve from a different device would blow the 'by device' idea apart. And you're also able to reset your password and have access to all of your stored information, which I think just further enforces the concept that nothing you're storing is unreadable by Apple(Or any requesting agency...).
I'm not sure how anything could be safely stored on their cloud(or any cloud), given these features.
Besides the fact that they can't (as we have seen with NSLs) admitting that the outcome is contingent on policy means the (technical) security is broken.
Here's a quote of his from the Charlie Rose interview: We’re not reading your email, we’re not reading your iMessages. If the government laid a subpoena on us to get your iMessages, we can’t provide it. It’s encrypted and we don’t have the key.
Perhaps that's not the case? Or rather, perhaps that's literally only the case with iMessage? I don't think iMessages are ever stored on iCloud, and instead only ever propagate from device to device...