Sure, iCloud’s convenient, but how safe is your data? No need to be alarmed: it’s actually about as well secured as it can possibly be, as long as you’re not an idiot.
Over at Ars Technica, Chris Foreman did some research on iCloud security and found that your data there is “at least as safe as it is when stored on any remote server, if not more so.”
How does Apple keep it secret, keep it safe? Well, first, they transmit everything in an encrypted formate using SSL via WebDav, IMAP and HTTP. This is then encrupted on their servers except for email and notes, which are left unencrypted to make it easier for users to search on the server.
As for the encryption being used on disk, Ars believes that they’re using “some type of ile-system encryption that is decrypted on the fly when requested from an authenticated device or computer.”
The end result? If you’ve got an iTunes email address that is relatively unknown, and you aren’t using a dictionary password, and assuming Apple is encrypting its data with keys more than 64 bits in length, “the chances of someone brute-forcing the key and decrypting the data within a lifetime are slim to none.”
A lifetime? What about hacker vampires, Chris? Hmmm?