启用 iCloud 高级数据保护后,您的文件不会被删除。
4 分•作者: mnls•24 天前
我发现了一个关于 iCloud 高级数据保护 (ADP) 的令人担忧的问题,而 Apple 却没有披露:已删除的文件实际上从未从他们的服务器中移除。
测试:
我有一个 5 Mbit/秒 的上传连接。我将 6GB 的个人文件(音乐、视频、照片)复制到 iCloud Drive。它们在 15 分钟内“上传”完成——这在我当前的带宽下是不可能的。这些文件之前很久就已经上传过,并且此后被删除。
为了验证,我检查了活动监视器:自启动以来总共只发送了 3.42GB 的数据,包括网页浏览。6GB 的上传从未发生。
确认测试:
创建一个包含随机数据的 100MB 文件:dd if=/dev/urandom of=randomfile.dat bs=1m count=100
上传到 iCloud:耗时 2-3 分钟,活动监视器显示发送了 122MB(正确)
从 iCloud Drive 中删除该文件
从“最近删除”中“永久删除”,并从数据恢复中清空所有文件。
重新上传相同的文件:在 1 秒内完成
活动监视器:基本上没有发送任何数据
Apple 保留了加密块,即使在“永久删除”之后。
为期一个月的测试(进行中):
我保留了随机文件,并将尝试在 30 天后重新上传它,以查看 Apple 是否会按任何时间表清除数据,或者无限期地保留它。
为什么这很重要:
ADP 被宣传为让用户独家控制他们的数据
“删除”和“永久删除”选项暗示删除数据
上传进度条显示了针对重复数据删除操作的虚假“上传”状态
用户无法验证 Apple 保留了哪些数据。
要尝试永久删除,您必须禁用 ADP 网络访问
尚不清楚的是:
这是否适用于健康数据、密码和其他 ADP 保护的内容?
Apple 会保留“已删除”的加密块多长时间?
用户是否真的可以删除他们的数据?
我并不是说加密很弱——它可能很好。但 Apple 缺乏关于 ADP 数据保留和重复数据删除的透明度令人担忧。“永久删除”应该意味着永久删除。
还有其他人注意到这种行为吗?我将在完成 30 天的保留测试后更新这篇文章。
查看原文
I discovered something concerning about iCloud's Advanced Data Protection (ADP) that Apple doesn't disclose: deleted files are never actually removed from their servers.
The Test:
I have a 5 Mbit/sec upload connection. I copied 6GB of my personal files (music, videos, photos) to iCloud Drive. They "uploaded" in 15 minutes— which is impossible at my bandwidth. The files were previously uploaded a long ago and deleted since.
To verify, I checked Activity Monitor: only 3.42GB total data sent since boot, including web browsing. The 6GB upload never happened.<p>Confirmation Test:
Created a 100MB file with random data: dd if=/dev/urandom of=randomfile.dat bs=1m count=100
Uploaded to iCloud: took 2-3 minutes, Activity Monitor showed 122MB sent (correct)
Deleted the file from iCloud Drive
"Permanently deleted" from Recently Deleted and emptied any files from Data recovery.
Re-uploaded the identical file: completed in 1 second
Activity Monitor: essentially zero data sent<p>Apple kept the encrypted blocks even after "permanent deletion."<p>The month-long test (in progress):
I'm keeping the random file and will attempt to re-upload it after 30+ days to see if Apple purges data on any schedule, or retains it indefinitely.<p>Why this matters:
ADP is marketed as giving users exclusive control over their data
"Delete" and "Permanent Delete" options imply data removal
Upload progress bars show fake "uploading" status for deduplication operations
Users cannot verify what data Apple retains.
To attempt permanent deletion, you must disable ADP web access<p>What's unclear:
Does this apply to Health data, Passwords, and other ADP-protected content?
How long does Apple retain "deleted" encrypted blocks?
Can users ever truly remove their data?<p>I'm not claiming the encryption is weak—it's probably fine. But Apple's lack of transparency about data retention and deduplication with ADP is concerning. "Permanent delete" should mean permanent delete.
Has anyone else noticed this behavior? I'll update this post after completing the 30-day retention test.