But Apple must be able to still access all your encrypted data using your stored icloud password somehow right? Otherwise how are they able to show all your files in a web browser, from an arbitrary computer, after you've logged in
> When Advanced Data Protection is enabled, access to your data via iCloud.com is disabled by default. You have the option to turn on data access on iCloud.com, which allows the web browser that you're using and Apple to have temporary access to data-specific encryption keys provided by your device to decrypt and view your information.
What does temporarily opt in mean? Like everytime you want to use icloud on a browser, you use your devices to upload the key temporarily, then after you don't want to use icloud, apple deletes your key?
It hasn't been released yet, but I can see two scenarios -
A. Apple could create a tunnel from your browser to your devices, they could have key exchange via the web after you scan a QR code shown on your web browser with your iPhone, with some sort of "verify these words are the same" scheme.
B. Apple does the typical OTP/2fa scheme where you enter a x-digit code from your device, and in doing so your Device furnishes a key to Apple to be temporarily used to access your files from the web.
But in both of these scenarios, Apple compromising you via malicious javascript is ever-present, so you're right in that you'd be trusting Apple even more to not store your temporary key for too long or at the request of a NSL.
> Every time a service key is uploaded, it is encrypted using an ephemeral key bound to the web session that the user authorized, and a notification is displayed on the user’s device, showing the iCloud service whose data is temporarily being made available to Apple servers.
