• bamboo@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          6 months ago

          Could you be more specific on what you’re talking about? I found the “Apple Platform Security” document, is that what you mean?

          • vzq@lemmy.blahaj.zone
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            6 months ago

            Yes, that’s the successor document. You can also use the old iPhone 4 era iOS security guide, the file system details are not a fast moving target. The addition of the Secure Enclave changes things a bit.

            Anyway, the idea is that data only hits disk encrypted with a per-file key that is stored with the directory information. When you delete a file, the key is obliterated, rendering the deleted data unrecoverable from block storage. The explanation proffered by the journalist that data isn’t really deleted when you delete it from disk, doesn’t hold. Because it is. Or at least the key to it.

            A more likely explanation is spare copies either in the cloud or on the device not getting cleaned up. But deleted files on iOS are proper gone.

            • bamboo@lemm.ee
              link
              fedilink
              arrow-up
              1
              ·
              6 months ago

              APFS’s per-file keys are super cool, I didn’t realize they were doing that. But do we know if the photos app is actually using the filesystem for storage? I don’t think photos show up in the files app, for instance.

              • vzq@lemmy.blahaj.zone
                link
                fedilink
                arrow-up
                2
                ·
                6 months ago

                They are on the file system in /private/var/mobile/Media, and no, they are not accessible using the file app. Apple, what can you do ;)