• Fubarberry@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    101
    arrow-down
    1
    ·
    6 months ago

    It restoring deleted photos onto wiped devices that have been resold is a privacy nightmare.

    • SzethFriendOfNimi@lemmy.world
      link
      fedilink
      arrow-up
      34
      arrow-down
      1
      ·
      edit-2
      6 months ago

      I wonder if they’re doing that to reduce the write cycles on the cells and since they’re “encrypting” the contents of the cells they figure the overall IO flag of the data being deleted is “good enough”.

      So, in a perfect world, when you wipe the phone it’s basically just trashing the encryption key and so it’s useless data.

      That’s all assuming that the encryption method/keys are foolproof which is always a bad bet.

      And, this here makes me wonder how effective that is.

      And a person claimed in a later post that “around 300” of their old pictures, some of which were “revealing,” appeared on an iPad they’d wiped per Apple’s guidelines and sold to a friend.

      That’s a huge issue. Not just for photos but also files for sensitive data, secrets, etc. this, if true, is a massive issue overall since it even happening at all shouldn’t be possible.

      • Em Adespoton@lemmy.ca
        link
        fedilink
        arrow-up
        21
        ·
        6 months ago

        Indeed. If true, it means Apple’s technology doesn’t work the way they claim. Which is a really big issue.

      • kevincox@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        6 months ago

        It seems unlikely that this is accidentally reading old encrypted data blocks. The filesystem wouldn’t even try to access data that it hasn’t written to yet. So you would need both filesystem bugs and bugs with encryption key management.

        I think the theory that iCloud is accidentally restoring images based on the device ID is much more likely. It is also quite concerning but seems more plausible to me.

        • SzethFriendOfNimi@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          6 months ago

          Offloading the data to the cloud and making it accessible on other devices no longer signed into iCloud.

          That is so much worse if true.