Amazon’s cloud service dominates the Internet so thoroughly that it’s scarcely worth noting new customers. Unless, that is, the customer in question is … Apple. [Updated: see below.]
Tucked away in a Monday New York Times piece on the online-storage price wars lies this brief but interesting nugget (AWS is Amazon Web Services—i.e., Amazon’s cloud):
Apple’s iCloud storage service and other parts of Apple, along with operations at several large banks, run inside A.W.S., say people familiar with the service who spoke on the condition they not be named so they could sustain relations with the powerful cloud company.
You have to love the Timesian sourcing on that one, by the way, which at 24 words comes in five words longer than the actual information attributed to said people. Not to mention the possibly intentional ambiguity of which “powerful cloud company” these unnamed folks so desperately want to sustain relations with. (Both Amazon and Apple would qualify, depending on how literally you want to read this sentence.)
In any event, this revelation is intriguing in a couple of respects. It’s certainly not the first time Apple has used an outside company to provide Web services—see, for instance, Akamai, which delivers software, music and video downloaded from Apple’s website and the iTunes store.
But Apple is usually obsessed with micromanaging every aspect of its technology and services. So some of its users might be surprised to learn that they’re storing their backups and other personal data not on Apple servers, but on ones rented from Amazon. It’s not totally clear that anyone should care about that, but you never know.
Of course, iCloud is also in the midst of a big transition, as it preps new consumer-storage services as part of Mac OS X Yosemite and its CloudKit service designed to provide cloud storage for iOS apps. And Apple has been building out data centers at a furious pace, with the latest one slated to start up sometime this year in Prineville, Ore. (My former colleague Taylor Hatmaker snapped some photos of the construction for ReadWrite last year.)
So possibly Apple is just short on server capacity until Prineville spins up. Though it’s understandable why the company might not want to advertise its apparent dependence on Amazon at the moment, as the news runs slantwise to Apple’s notable—and heavily marketed—environmental push to run all its data centers on renewable power. (Amazon’s cloud scored 3 Fs and a D in the latest Greenpeace report on data-center energy use thanks to heavy reliance on power from coal, nuclear and natural gas.)
Apple’s PR team didn’t get back to me when I asked them about the company’s use of Amazon’s cloud. But the company didn’t exactly deny the NYT report:
Amazon would not comment on confidential customer agreements. An Apple spokesman noted that Apple had its own data centers in four locations jn the United States and said that “the vast majority” of data in services like iTunes, Maps and the App Store ran on its own computers. Apple uses other facilities as well, he said.
Update, Wednesday, Aug. 27, 9:46am: Turns out Apple has previously acknowledged that iCloud stores user data in encrypted form on outside cloud services such as Amazon’s S3 and Microsoft Azure. See, for instance, page 23 of Apple’s February 2014 iOS Security white paper (PDF), where it notes that iCloud stores user files this way:
Each file is broken into chunks and encrypted by iCloud using AES-128 and a key derived from each chunk’s contents that utilizes SHA-256. The keys, and the file’s metadata, are stored by Apple in the user’s iCloud account. The encrypted chunks of the file are stored, without any user-identifying information, using third-party storage services, such as Amazon S3 and Windows Azure.
The white paper suggests, but does not say explicitly, that iOS-device backups and passwords stored in iCloud Keychain may also be stored on third-party services. The paragraph above is from the introductory section on iCloud security. In that same section, the paper states, “The service is agnostic about what is being stored and handles all files the same way.”
This is exactly the sort of information you might expect an ordinary PR department to pass along to reporters who check in to ensure they’ve writing accurate information about a company. But no one has ever accused Apple of running an ordinary PR department.