 Yeah, Adam you want to take us to our first question. Yeah, we got we got Kathy who has a great question about iCloud encryption This is one we were alluding to earlier She says I was a long-time listener of the Maccast and started listening to MGG when Adam moved over Well, thank you for coming along. I love the show. Although I do miss Adams Apple news summary Well, maybe we can do something about that eventually My question is related to cloud backups specifically iCloud. I am more aligned with Adam's philosophy of multiple backups Good. However, I Restrict cloud backups to non personal information in other words I have no off-site backup for my financial documents according to Apple's website No one else can access your end-to-end encrypted data Not even Apple and this data remains secure in the case of a data breach in the cloud my concern is that Should this policy change or should there be a technical glitch all my financial documents would be Exposed I was considering compressing my financial docs into a tar file and encrypting that before pushing to iCloud My thoughts are at least my files would not be exposed if iCloud policies or conditions should change So the question is do you see any technical issues with doing this any encryption method? Recommendations thanks for your help and suggestions Kathy That's a great question and I'm happy that Kathy followed you over here Adam. This is amazing So I think the logic is sound on this right if you want to Store something on someone else's server and be certain that they would never be able to get at that data Then encrypting that data before you ever put it on their server With with a key that only you have and you know that only you have Makes perfect sense and certainly you could use tar I mean that's the that's the nerdy way to go and there's we love that here Right, but you could use tar to do that and that would work fine But I think an easier way and one that requires less Recurring maintenance because you'd have to be like either you'd have to either script this or you'd have to tar up the file Every time you wanted to you know, you've made an update to it instead of doing all that Make an encrypted disk image you use that use disk utility. You can do that you make it encrypted give it a password Save that encrypted image in a folder that's automatically synced to iCloud Inside that encrypted disk image you put all of your financial files when you want to edit one of your files You open up the disk image typing in your key to unencrypted and then just manipulate the files on the drive like you normally would and as you do that the drive will update and the drive will sync to iCloud and It would be worth testing this to make sure that you know It it's okay because syncing a disk image could be weird, but that's where I would start I would experiment with that and See how it goes. I don't know. There's a discord suggestions already, too Okay, the proton drive is suggested by Kiwi Graham and Tennessee Papa suggests cryptometer to encrypt all your data to the cloud even on iCloud Not familiar with either one of those but yeah Yeah, yeah, I was I was gonna come in on Dave's response because that's exactly what I've been doing for years I have an encrypted disk image. I just call it secure documents. It's in my documents folder which syncs and Even better than having to enter your password if you save that password to your Keychain it will just mount like you can just mount that drive and not have to Enter a password every time you could also automate mounting of that volume Yes, I just do it what I'm gonna do that the other thing is that I keep in there So I not only documents, but I use for I use paper lists for putting in all of scanning in all my Like documents, so I don't have to keep them in file folders or whatever and I organize everything in that Great application from now. I'm gonna forget the name of the company but I've been using that for years and I store my Paper list library because it uses a library file kind of like I photo or whatever in that encrypted disk image as well So all those documents are encrypted in there and then go up to iCloud But I wanted to comment also on the iCloud encryption stuff like we were talking about earlier so iCloud has something called advanced data protection and When you turn that on basically everything that goes to iCloud almost everything iCloud mail is is an exception So you need to be aware of that but almost everything is then end to end encrypted And the keys are stored and attached to your devices locally So when Apple says they cannot decrypt or read those files if you're using advanced In data protection then they will not be able to do that because they don't have access to you They literally don't have the keys They cannot do anything and so when you set that up you also want to probably set up the feature like I did this with My wife you can set up, you know the ability for her if something happens to me to take over my devices and my keys you can Create backup keys that you can put in a you know storage with safe storage location like Bank box or whatever sure yeah Yeah, and there's a list on there that shows you the differences between having this on and not having this on So it'll show you what services are just encrypted in transit where Apple has the keys And then what ones when you turn this on or flipped over so there's there's a oh, is this how to turn it on I? Found I found an article about how to turn it on and some of that stuff. Yeah, I had some links in the note There's a great you the advanced data Protection and there is a table that shows you everything and pretty much once you turn on advanced data encryption Everything is in encrypted. I think other than iCloud mail Got it got it and that's still encrypted in transit and on Apple service But I think in that case the keys are still stored with Apple so with Apple that would make sense Yeah, exactly, and I think that's mainly so you they can you know You can read your emails and stuff when you're logging into iCloud. Yep. Yeah. Yeah, this yeah this chart that they have is great Yeah, the iCloud mail they talk. Oh, it's looks like you have mail calendars and contacts are stored with Apple Then again, I think that's so they can do iCloud Functionality yeah, but yeah, that's yeah, there's just a column You're right for key storage and other than those three everything else is the keys are on your trusted devices You have to you can't have a device. I think everything needs to be on iOs 13 or newer yeah, yeah to turn this on because I have I have a bunch of Old iPads that I use for like on stage or to use with a mixer or whatever because they don't need to be the latest Ingredients to work so fine. Yeah, but because I have those on my Apple ID I have not been able to enable this yet and you have to add there's a bunch of requirements You have to have two factor you have to have you know, but I think Apple's pretty much forced that across the board these days And it would be hard in a way with past keys and stuff