Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Confirms It Uses Google's Cloud For iCloud Services (cnbc.com)

Posted by BeauHD on from the fresh-coat-of-paint dept.

An anonymous reader quotes a report from CNBC: A file that Apple updated on its website last month provides the first acknowledgment that it's relying on Google's public cloud for data storage for its iCloud services. The disclosure is fresh evidence that Google's cloud has been picking up usage as it looks to catch up with Amazon and Microsoft in the cloud infrastructure business. Some media outlets reported on Google's iCloud win in 2016, but Apple never provided confirmation. Apple periodically publishes new versions of a PDF called the iOS Security Guide. For years the document contained language indicating that iCloud services were relying on remote data storage systems from Amazon Web Services, as well as Microsoft's Azure. But in the latest version, the Microsoft Azure reference is gone, and in its place is Google Cloud Platform. Before the January update, Apple most recently updated the iOS Security Guide in March. The latest update doesn't indicate whether Apple is using any Google cloud services other than core storage of "objects" like photos and videos. The document also doesn't make it clear when Apple started storing data in Google's cloud.

46 comments

  1. So much for Apple security by Anonymous Coward · · Score: 0

    Everyone rants about how great Apple security is and how google spyâ(TM)s on people (which they do). Well it looks like Apple cloud is just a shell on top of google. Yippy.

    1. Re:So much for Apple security by Anonymous Coward · · Score: 1

      Exactly. Foolish apple worshipper.

    2. Re:So much for Apple security by known_coward_69 · · Score: 2, Insightful

      original icloud ran on AWS and Azure

      apple doesn't know cloud

    3. Re:So much for Apple security by jellomizer · · Score: 2

      Normally when businesses use a cloud service (especially large ones) they normally have their legal teams evaluate the license and contract, and if they don't like it they will go back to the company and negotiate an other one.

      For consumer use, we normally just want the service for free or near free, and are not willing to take months of time negotiating a new license for yourself.

      Also, for particular tasks cloud computing is cheaper, and Apple for such services, my not be able to run it as affordable off of their own data centers. While their data centers probable do other tasks cheaper then via google cloud.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    4. Re: So much for Apple security by saloomy · · Score: 3, Insightful

      It doesn't matter. The data is encrypted such that Goodle (and in some cases Apple itself) doesn't have the keys. The end user holds the keys.

    5. Re: So much for Apple security by Anonymous Coward · · Score: 0

      Except for when you're in China... There keys are practically stored with the data

    6. Re:So much for Apple security by Bing+Tsher+E · · Score: 0

      Nobody is an Android fanboy. There are the Apple zealots. And there are the rest of us.

    7. Re: So much for Apple security by Anonymous Coward · · Score: 0

      Wrong. Data is encrypted with both Appleâ(TM)s encryption key and using your passcode.

    8. Re:So much for Apple security by Anubis+IV · · Score: 5, Informative

      You seem to subscribe to the misguided notion that this is a new or concerning development. It's not. The fact that Apple uses other cloud vendors as commodity services on which they build their own has been well documented for years and is even explicitly stated on a number of Apple's user-facing pages. For instance, Apple's Approach to Privacy page mentions in the section on iCloud:

      If we use third-party vendors to store your information, we encrypt it and never give them the keys. Apple retains the encryption keys in our own data centers, so you can back up, sync, and share your iCloud data.

      Apple hasn't exactly been shy about mentioning (in lectures, white papers, and other communications) that parts of iCloud have been built on top of S3 and Azure for the last several years. The only thing that changed recently is that they swapped Azure out for Google Cloud in some of their documentation, suggesting that Google likely outbid Microsoft the last time the contract came up for renewal. Given that Apple's cloud contracts are reported to be worth billions of dollars apiece, it's not exactly surprising that competition would be rather fierce and that Google would have been gunning for it.

      As for your concerns over what the providers might do with Apple's data, as noted above, Apple is already encrypting the data at rest on those servers, but as a Slashdot reader you may want to dig your teeth into some more details. For people who are technically-minded, such as yourself, Apple has helpfully published an iOS Security Guide that does a decent job of explaining what all goes into their devices' security, including iCloud services that are used on their devices. It should be a relatively easy read for you, given that they've done a good job of taking deeply technical details and making them accessible in intermediate-level language. You'll quickly find that besides encrypting the data when it's at rest on third-party servers, they're also employing other techniques for securing their users' data, such as using end-to-end communication (with keys that they have no access to because they're always kept on-device) for a number of their services.

      Aside from the technological means they've employed to secure their users' data that resides on others' servers, there's almost certainly also legal means that they're employing. With these contracts being worth as much as they are, Apple isn't simply clicking an "I Agree" button for a take-it-or-leave it Terms of Service that the rest of us have to agree to when we sign up with these providers. Rather, they're using teams of lawyers to negotiate one-off contracts with their cloud service providers...contracts which will no doubt make the lives of those providers hell should they ever try to misuse Apple's data. After all, that's how contracts between competitors tend to work.

      All of which is to say, while I don't have any expectation that anyone here will rise above the standard of petty tribalism and glib comments, this site is at its best when it manages to do so. There are plenty of valid complaints to make against Apple, but flippant aspersions based on a lack of understanding about widely employed business practices that have been in use by them for years without issue is not the way to do it.

    9. Re:So much for Apple security by sphealey · · Score: 0

      Very good summary. Thanks.

    10. Re:So much for Apple security by Anonymous Coward · · Score: 0

      ...other than the fact that they are 88% of the smartphone market, you mean...

    11. Re:So much for Apple security by Bing+Tsher+E · · Score: 0

      Apple has always encouraged the idea that their product line is an 'insurgency.' All the rest of the computer users are out to get you because you use a Mac. You're superior because you're such a renegade.

      A total crock of shit. If you had been around the assholes who were Mac users in the 1990s you'd know what I mean.

    12. Re: So much for Apple security by Anonymous Coward · · Score: 0

      It doesn't matter. The data is encrypted such that Goodle (and in some cases Apple itself) doesn't have the keys. The end user holds the keys.

      Prove it.

  2. Apple stores data on Google, metadata locally by SuperKendall · · Score: 5, Interesting

    The article doesn't seem to break it out, but I recall what Apple has been doing with storage is that they store encrypted data on third party clouds (like AWS / Google / Azure), but all of the metadata aspects are held on Apple servers so they maintain control.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re: Apple stores data on Google, metadata locally by Anonymous Coward · · Score: 0

      Just like energy, storage is fungible.

  3. So? by jellomizer · · Score: 1

    Should I be Shocked that Rivals in the Phone Market are being partners in an other area?

    Actually compared to Google and Amazon, Apple tends to play nice in areas they are not competing in, and fiercely in areas which they are.
    We See this with Apple and Google, Apple and Samsung...

    While Apple being one of the worlds largest companies, it could go on its own, and play games with its rivals and mess up other areas. But they tend to play relatively nice.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    1. Re:So? by Anonymous Coward · · Score: 0

      Looks like apple is the one that needs the real tech leaders. apple is the one tech company that if it disappeared tomorrow nothing much would change in the world; apple has never played nicely with anyone.

    2. Re:So? by jellomizer · · Score: 1

      Which company if disappeared would have change the world? The future isn't set. However if Apple never existed then we would be in a different world. Maybe somethings better, and something worse.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    3. Re:So? by Anonymous Coward · · Score: 0

      AFAICT you're supposed to be shocked that it's not Amazon, and also (to a much lesser degree) that it's not Microsoft. It just goes to show that AWS isn't the only game in town, whereas a lot of people apparently assume it is.

  4. amusing by Anonymous Coward · · Score: 0

    just..amusing.

  5. Apple's Obsession with in sourcing by Anonymous Coward · · Score: 0

    I am surprised they didn't build or buy their own cloud service with how obsessed they seem to be with in sourcing and snapping up small tech firms

  6. So why the massive datacenters? by mbourgon · · Score: 4, Interesting

    Since they've been building datacenters for over 5 years, what are they using them for? Even the 500k square foot one in North Carolina was already overkill, more so if they're just holding metadata.

    Fun task: on Windows, rip a new CD with iTunes, preferably something rare. Start Resource Monitor, go to Network, TCP Connections, Search for iTunes. Was trying to find a different network hog this weekend and saw iTunes uploading to AWS, which made no sense.

    --
    "Sometimes a woman is a kind of religion, she can save your soul & set you free from all your sins" - Bad Examples
    1. Re:So why the massive datacenters? by Anonymous Coward · · Score: 0

      You don't need a network connection to rip a CD with iTunes. If you find traffic you know nothing about disturbing then unplug the network cord when you rip.

      You won't get your cool album artwork and your library won't update on your other devices but at least your tinfoil hat will get a workout.

    2. Re:So why the massive datacenters? by AHuxley · · Score: 1

      PRISM.

      --
      Domestic spying is now "Benign Information Gathering"
    3. Re:So why the massive datacenters? by known_coward_69 · · Score: 1

      probably accessing gracenote to match song names to files

      apple was also looking at building out its own CDN for itunes data distribution. movies and music and app store

    4. Re: So why the massive datacenters? by saloomy · · Score: 4, Informative

      You probably have iTunes Match turned on, which uploads your music in your library for your own consumption from your other devices. When the song is common to Apple's library, it's just linked and replaced with their "official" version. When it's "rare", they upload the entire track.

      The benefits include cover art and metadata when available, plus a high quality version they have already stored.

    5. Re:So why the massive datacenters? by Anubis+IV · · Score: 1

      Was trying to find a different network hog this weekend and saw iTunes uploading to AWS, which made no sense.

      It makes sense to me. There are a number of reasons that could be happening. Just off the top of my head:
      * If you have the "Genius" feature enabled (it's on by default), it's sending metadata back to Apple regarding the new songs you've added to your library so that it can improve and personalize the recommendations it makes for you. Given that many of iCloud's services are (and have been) hosted via AWS, it makes sense that you'd see a connection to them.

      * It could be asking Gracenote for the CD so that it can populate the track name and other fields. I don't believe you can disable this lookup, but it isn't necessary for ripping CDs, so if you simply disable iTunes' network access things should still work just fine. You'll possibly have to provide your own track names and other data, but otherwise it shouldn't be a problem.

      * It could be pulling down album artwork from the iTunes Store's servers (which, again, are oftentimes hosted on AWS). I believe you can disable this in the Store settings, but like Gracenote, it too isn't necessary, so disabling iTunes' network access won't inhibit your ability to rip CDs. It'll simply force you to have to provide your own artwork.

      Mind you, none of this is intended as a defense of the abomination that is iTunes. I'm simply pointing out that there are explanations for the network activity you were seeing.

    6. Re: So why the massive datacenters? by mbourgon · · Score: 1

      This (iTunes Match) is correct. My statement "which makes no sense" was them backing up to AWS, as opposed to their own datacenters.

      --
      "Sometimes a woman is a kind of religion, she can save your soul & set you free from all your sins" - Bad Examples
  7. they don't have any server hardware and if they di by Joe_Dragon · · Score: 0

    they don't have any server hardware and if they did it will be some thing that looks cool vs sucks on being repaired / and has lot's of apple only lock in.

  8. SPECTRE flaw impact? by 140Mandak262Jamuna · · Score: 1
    At its core SPECTRE flaw allows any process in a machine to access and read memory of any other process. Technically two processes served by the same physical server in the cloud can read each other's memory. Users will find it very difficult to control the server they will be hosted in, they may not be able to target any particular "enemy".

    But, Cloud server has total control over ALL the processes. Amazon, Azure and Google would be able to read the memory of ALL the processes they host. Usually there is no adversarial relationship between Google, Apple and the proverbial tool and die manufacturer in Kansas.

    But... for Amazon, being able to read the processes used by someone in the supply chain of Walmart or CVS would be very valuable. One could argue it would be foolish for Amazon to violate the trust of its Cloud service users, it could even be very difficult and impossible to pull it off and even impossible to hide... But still this is enough to demand Walmart or CVS or Giant or Home Depot to demand none of their vendors host anything on Amazon cloud. This might provide a way for these companies to collude against Amazon without drawing the attention of FTC.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    1. Re:SPECTRE flaw impact? by PhunkySchtuff · · Score: 1

      I can't see something like Spectre being an issue for the data hosted on 3rd party services. It's all stored as blobs of encrypted data. The keys to decrypt the data are stored on Apple-owned infrastructure, as are all the bits of metadata that determines what the data is for. Nowhere on AWS, Azure or Google Cloud are the keys to the encrypted data stored, just chunks of what would look like pure random noise to anyone else but Apple.
      Apple may use these third-party services but it doesn't mean that they have to trust them with the security of their customer's data.

      --
      Specialist Mac support for creative pros, Melbourne
    2. Re:SPECTRE flaw impact? by 140Mandak262Jamuna · · Score: 1
      Apple storing data there is not the issue.

      People don't just store data in the cloud. They process them there. The process has unencrypted plain data in memory.

      For example Diebold runs a full supply chain inventory managemen forecast run every night. Based on orders of various models with various options in hand, promised delivery schedules, expected upgrades etc etc. When it was running it in house, using Baan, using test data it took 3 hours. When they rolled it into production, using actual data, it did not scale linearly, to 12 hours predicted run time. It went way over 48 hours, O(N^2) not O(N).

      I think they eventually retired Baan, almost everyone did, Boeing was the last hold out I think, and moved to SAP. If they move to cloud, the data in the disk might be encrypted, the communications might be encrypted, but the process running has the entire order book in plain text in memory.

      --
      sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    3. Re:SPECTRE flaw impact? by PhunkySchtuff · · Score: 1

      Yes, the difference being is that in Apple's case the computers with the keys and the metadata - the only systems that can make sense of the encrypted blobs stored with Google et al. are all 100% under Apple's control. They're not on shared hosting, they're not VPSs in someone else's datacenter. They hold the keys to the kingdom and they're owned and operated by Apple.
      The only things that are stored on Google (and AWS and Azure) are encrypted blobs of data. These blobs are likely wrapped in a TLS session when travelling between the cloud storage and Apple's servers as well, but even if anyone were to pwn the Google instance, or intercept the data in flight, all they'd have is a lot of bytes that look like random data.

      --
      Specialist Mac support for creative pros, Melbourne
  9. Re:they don't have any server hardware and if they by Junta · · Score: 1

    They do, however, buy third party servers for their infrastructure, including parts of iCloud hosting.

    I would have also expected Apple to have more in-house cloud hosting, as *generally* when you get to very large scale, it becomes cheaper to own it rather than to rent it in absolute terms. From a capital expense versus operational expense, there is still a set of companies that are very averse to having capital, but Apple doesn't strike me as being in a position where they should have to fret about having too much capital.

    --
    XML is like violence. If it doesn't solve the problem, use more.
  10. one thing is for sure by Anonymous Coward · · Score: 0

    Azure as hell would not want any personal item stored on any friggin cloud.

  11. No one is Jack of All Trades by foxalopex · · Score: 2

    At the end of the day no one company is a jack of all trades. If Google has a solid / reliable data storage infrastructure that can be had for a good price then why not? IBM at one point for example nearly self-destructed because they were a monolithic company who insisted that you had to only use their own products (Token Ring, Lotus Notes) even thou they had their massive downsides. Eventually the company broke up into micro-companies under the same name and were allowed to buy the most cost effective products instead of IBM only. I'm sure some folks at Google for example use Windows products despite it being from a competitor (Microsoft).

    1. Re:No one is Jack of All Trades by swillden · · Score: 1

      I'm sure some folks at Google for example use Windows products despite it being from a competitor (Microsoft).

      Very, very few. OTOH, MacBooks are everywhere.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  12. Unlimited photo storage! by martinX · · Score: 1

    So unlimited photo storage and complete cloud backups for everything from my iPhone can't be too far away.

    --
    When they came for the communists, I said "He's next door. Take him away. Goddam commies."
  13. Re:they don't have any server hardware and if they by tlhIngan · · Score: 1

    They do, however, buy third party servers for their infrastructure, including parts of iCloud hosting.

    I would have also expected Apple to have more in-house cloud hosting, as *generally* when you get to very large scale, it becomes cheaper to own it rather than to rent it in absolute terms. From a capital expense versus operational expense, there is still a set of companies that are very averse to having capital, but Apple doesn't strike me as being in a position where they should have to fret about having too much capital.

    Perhaps Apple is offshoring the data because Google, Amazon and Microsoft have distributed data centers. The phone and other metadata is small and can hit Apple directly, but backup data is large and if it all came from Apple's few data centers, people in Asia and other places might have a long wait, whereas by using Google/Amazon/Microsoft, they have a mini-CDN set up so your large amount of data can come from a nearby server.

    It would not surprise me if Apple used the same thing to cache iOS and macOS updates worldwide - iOS update day has been known to generate so much traffic it beats Netflix, so Apple is using them as a simple CDN. (And I believe since the files are signed anyways, Apple uses HTTP so intermediary cache servers will cache the file as well)

  14. News flash - Slashdot is on AWS now too by Anonymous Coward · · Score: 0

    Quite surprised there's been ZERO mention of Slashdot's outage last week? Entire site was down for a few hours, came back up and now on AWS. This would be the first major change I've ever seen at least since OSDN. It's also the reason Slashdot itself has been slow as snot.

    Point is companies lie about where they store your data. There are a _lot_ of companies that are nothing more then front end caching or outright redirects to AWS / Azure. It's quite sickening. They are guaranteeing your data will have to reside in the US since those providers don't operate data centers in all countries. Not even AWS has one in Canada.

  15. Re:they don't have any server hardware and if they by Junta · · Score: 1

    My point is that Apple is of sufficient scale that they already have international distributed data centers. Given they already feel the need to have such a footprint, the incremental cost to do it in-house versus outsourcing for most companies in that position would be lesser than renting the capacity.

    I do know of a couple of companies that look at the cost and kick themselves, seeing that their up front decision to cloud host ended up being more costly than in-house, but so would be the cost of migrating, so they are stuck paying higher amounts on an ongoing basis.

    Apple has a quarterly profit that exceeds most companies annual revenue at this point, so they have the cash flow to overcome such hurdles, unless their internal IT is just hopeless, they should be able to do a lot to seek the lowest overall cost. By the same token, Apple is on such unbelievably solid ground that they don't need to go by the 'assets are a bigger liability than expense, even if having to spend more money' philosophy that other companies are often stuck with.

    --
    XML is like violence. If it doesn't solve the problem, use more.
  16. Obligatory by Anonymous Coward · · Score: 0

    https://xkcd.com/908/

  17. I was right. APPLE has nothng of their own.. by Anonymous Coward · · Score: 0

    I WAS right, Apple CANNOT SURVIVE ON ITS OWN..
    Apple just just that a Conception.
    They have nothing,
    They are nothing,
    Worthless piece of shit..

  18. Apple Announcement by Anonymous Coward · · Score: 0

    With Today's revelations coming fourth today, we realize how confusing this must be to the average Apple Product consumer.
    With that said,
    "We in the larger community have come to the realization that Apple, it's products, thinking, and distribution are in a short group of words "FUCKING LAME." We are threw with being Mind-fucked, blowing our hard earned money on your "bullshit." So much money made, and so little real invention."
    The I fone exx is a complete pile of shit, so bad Samsung is ramping down production of critical components. Yes Samsung, their number one competitor. All they are doing is looking for relevance AT ANY PRICE. With YOUR MONEY.
    Fucking dirt-bags, Ya keep walking into those Beautiful, magical, COSTLY windows at hed-Quarters.
    bottom line is.
    With out their competitors APPLE would be nothing!
    With out their competitors, Intel, Microsoft, AMD, Qualcomm, Samsung, Panasonic, SMC, SK Hynix would all be doing fine, as they are all PRODUCERS, INNOVATORS, and Distributors they dont need to rely "like a parasite" on others for survival..