Daisuke Wakabayashi, writing for the Wall Street Journal:

Apple is working to bolster its encryption so that it won’t be able to decode user information stored in iCloud, according to people familiar with the matter.

But Apple executives are wrestling with how to strengthen iCloud encryption without inconveniencing users.

And:

If a user forgets a password, for example, and Apple doesn’t have the keys, the user might lose access to photos and other important data. If Apple keeps a copy of the key, the copy be “can be compromised or the service can be compelled to turn it over,” said Window Snyder, a former Apple security and privacy manager who is now chief security officer at Fastly, a content-delivery network.

And:

An Apple spokeswoman pointed to comments by Craig Federighi, the company’s senior vice president of software engineering, in a March 6 opinion piece in the Washington Post. “Security is an endless race–one that you can lead but never decisively win,” Mr. Federighi wrote. “Yesterday’s best defenses cannot fend off the attacks of today or tomorrow.”

Security vs convenience. Why is that middle ground an issue when it comes to iCloud but not to iPhone?

Is it that Apple is moving towards a similar uncompromising commitment to privacy in iCloud, but they just haven’t gotten there yet? Or is there a difference between the approaches required for iPhone and iCloud?