-
Notifications
You must be signed in to change notification settings - Fork 520
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ADP] Is Advanced Data Protection Supported? #687
Comments
There is no special code that handles ADP on |
Interesting read about how icloud.com works when ADP is enabled: https://support.apple.com/en-gb/guide/security/sec973254c5f/web |
I have the same error...
... with or without iCloud web access enabled. |
The request wouldn't be sent from the device that accesses the icloud.com website though, would it? Like, if I borrow my mate's laptop and log in to iCloud.com, his laptop isn't going to know what/where to send that request to. The request will be sent from icloud.com to your trusted device, then you need to approve it. It would already be too late by that point. icloudpd will have bailed because the website wasn't appearing as it expects. I'd guess that launching icloudpd a second time probably isn't going to work either, as icloudpd doesn't save session information from a previous run. This means it would repeat the login process, Apple may see it as a new request and re-trigger the approval notification. I think icloudpd would need to be changed so that it could re-use the session information from previous runs. I think I've seen this in the cookie, at least that's what I presume X-APPLE-DS-WEB-SESSION-TOKEN is for as I've only ever seen it valid for a month, Another option would be for icloudpd to just check for that message in your screenshot and just wait until it goes away (when you've authorised the request) before proceeding with the download. |
Ah OK. icloudpd would need tweaking to click on this link automatically then to wait for the WebUI to appear. Maybe controlled by an additional command line parameter like --adp or something. |
Why isn't this a major issue? Why aren't most people using ADP by now? +1 for higher priority. |
I don't want ADP on my device because it means I will have to authorise icloudpd 4 times per day. What I need is a utility which reliably backs up my photos and only requires interaction with it once every few months. icloudpd does exactly that job. I guess that's why there's no appetite for for ADP. If there was, somebody would have submitted a PR for it. |
I beg to differ, ADP, among other reasons, was developed and released to the public by Apple due to a huge privacy -aware user base. |
Same here! I turned on ADP mainly because I can finally backup my messages and the whole iOS device knowing it's end-to-end encrypted. |
There's been nearly 1.5 million pulls of my icloudpd container and the number of people requesting ADP support is probably in single digits. I'm pretty sure there's not a huge overlap. |
I'm more curious about how many of those 1.5 million pulls were actually made after ADP becoming available to the public. (And dare I add, it's not yet available to all users around the world.) I'm betting that's a lot less appealing number than 1.5 million.
I genuinely couldn't think of a reason why a person who knows that iCloud Photos need to be backed up, did their research, ended up here with a tool that has no GUI at all, whose the easiest installation requires you to download an executable that has no permission to execute and fails macOS's gate keeper, would be less or even equally interested than the average in a major privacy feature in years for the service protecting those photos ultimately better. Even if there isn't, that is just the status quo. People using iPhones to take pictures and storing them in iCloud, people want to have a piece of mind that those precious pictures are safe, people care about privacy and want to be responsible for their own data, and the ADP feature, those people/things are not going away in the foreseeable future. |
Around 200k just in September... ADP is 10 months old.
You can't think of a reason coz you don't really know what you're on about. My container can be installed, configured and downloading photos within minutes. People have even created YouTube tutorials on how to set it up. The biggest user base isn't people running Windows/Macs, it's people with home NAS devices like QNAP/Synology/Unraid/TrueNAS. They want to set up their NAS to download their photos and forget about it for months at a time, Some people have even complained that their multifactor cookie expiring after 90-days is too frequent.
The Venn diagram of people who care about security, and people who trust GitHub project owners with their iCloud credentials, looks like this: O O |
Accounts with APD are not supported. Sounds like ADP may allow temporal web access and that might be used by |
FYI, ADP works in steilerDev/icloud-photos-sync#202 and https://github.com/foxt/icloud.js |
any chance to update with adp working?:)))) |
Would be lovely. |
Summary
Can I download iCloud photos with Advanced Data Protection enabled? I have Access iCloud Data on the Web enabled and can download iCloud photos from my browser.
Context
I'm using the Python package. This is what it gives me:
Note that I did not include a -B option in the command, it looked like this:
And the program seemed to have started itself again and told me the second time that have used an unsupported option -B while I didn't.
The text was updated successfully, but these errors were encountered: