Technology

The initial setup of macOS offers disk encryption by default, but also prompts the user to upload the FileVault recovery keys to iCloud. It’s more transparent than Windows, which, if I recall correctly, just silently encrypts the disk and uploads the key to Microsoft servers.

iCloud’s Advanced Data Protection (ADP) feature, which enables E2E encryption, does protect these recovery keys, but I would worry about them being copied elsewhere or retained in unprotected backups after ADP is enabled.

One would probably want to regenerate the FileVault encryption keys after enabling ADP and potentially fully disable uploading the recovery keys to iCloud.

Similarly, it is possible to disable uploading of the BitLocker decryption key in Windows with the Pro and Enterprise versions.

Personally, I doubt most users would use disk encryption if they had to keep track of the disk recovery keys on their own, so this provides meaningful protection against exfiltration of sensitive information if an adversary were to have brief physical access to the device or were to steal it, but it does no good at all for protecting against Microsoft, someone with deep access to Microsoft’s systems, or legal requests to Microsoft.

The same goes for Apple users who don’t have ADP enabled for their iCloud accounts or who have enabled ADP without later regenerating their FileVault keys. (I don’t think one can be reasonably sure that there will be no traces of the cleartext FileVault recovery key on Apple’s servers after ADP is enabled for iCloud.)

Ultimately, so many users should better engage a culture of privacy and security, think seriously about their threat models, and think about what would happen if one where to get access to their sensitive information.