This could be more innocent than it sounds. Computer data is never actually “deleted” until it’s overwritten with new 1s and 0s — operating systems simply cut off references to it.
This is emphatically not true on iPhones. If it’s surfacing deleted images, it’s a big deal.
I was going to reply with a long explanation, but since you were so emphatic about it I decided not to. You emphatically know more about it than us I guess?
But you say “on iPhones”, not on the cloud services they connect to.
Just sounds like a cloud sync error to me, boring but it happens. I don’t have any issues but I also have all cloud photo services disabled.
Some people claim they don’t have cloud sync enabled and also a lot of the photos were deleted several years ago… on different physical hardware hardware (but somehow carried forward through device transfers).
Yes, that’s the successor document. You can also use the old iPhone 4 era iOS security guide, the file system details are not a fast moving target. The addition of the Secure Enclave changes things a bit.
Anyway, the idea is that data only hits disk encrypted with a per-file key that is stored with the directory information. When you delete a file, the key is obliterated, rendering the deleted data unrecoverable from block storage. The explanation proffered by the journalist that data isn’t really deleted when you delete it from disk, doesn’t hold. Because it is. Or at least the key to it.
A more likely explanation is spare copies either in the cloud or on the device not getting cleaned up. But deleted files on iOS are proper gone.
APFS’s per-file keys are super cool, I didn’t realize they were doing that. But do we know if the photos app is actually using the filesystem for storage? I don’t think photos show up in the files app, for instance.
This is emphatically not true on iPhones. If it’s surfacing deleted images, it’s a big deal.
I was going to reply with a long explanation, but since you were so emphatic about it I decided not to. You emphatically know more about it than us I guess?
But you say “on iPhones”, not on the cloud services they connect to.
Just sounds like a cloud sync error to me, boring but it happens. I don’t have any issues but I also have all cloud photo services disabled.
Some people claim they don’t have cloud sync enabled and also a lot of the photos were deleted several years ago… on different physical hardware hardware (but somehow carried forward through device transfers).
What makes you think iPhones are any different?
The iOS security guide, for example?
It’s a fascinating document.
Could you be more specific on what you’re talking about? I found the “Apple Platform Security” document, is that what you mean?
Yes, that’s the successor document. You can also use the old iPhone 4 era iOS security guide, the file system details are not a fast moving target. The addition of the Secure Enclave changes things a bit.
Anyway, the idea is that data only hits disk encrypted with a per-file key that is stored with the directory information. When you delete a file, the key is obliterated, rendering the deleted data unrecoverable from block storage. The explanation proffered by the journalist that data isn’t really deleted when you delete it from disk, doesn’t hold. Because it is. Or at least the key to it.
A more likely explanation is spare copies either in the cloud or on the device not getting cleaned up. But deleted files on iOS are proper gone.
APFS’s per-file keys are super cool, I didn’t realize they were doing that. But do we know if the photos app is actually using the filesystem for storage? I don’t think photos show up in the files app, for instance.
They are on the file system in /private/var/mobile/Media, and no, they are not accessible using the file app. Apple, what can you do ;)