AndreyNikiforov
commented
1 year ago There is no special code that handles ADP on icloudpd side. If you have web access enabled, I assume icloudpd should just work, because it emulated web browser.
Open Sponge-bink opened 1 year ago
AndreyNikiforov
commented
1 year ago There is no special code that handles ADP on icloudpd side. If you have web access enabled, I assume icloudpd should just work, because it emulated web browser.
boredazfcuk
commented
1 year ago Interesting read about how icloud.com works when ADP is enabled:
https://support.apple.com/en-gb/guide/security/sec973254c5f/web
Sponge-bink
commented
1 year ago If you have web access enabled, I assume
icloudpdshould just work
It needs to send a request to one of my trusted devices to grant the access which I believe icloudpd is not capable of:
genfersee
commented
1 year ago I have the same error...
Try 'icloudpd -h' for help.
Error: No such option: -B... with or without iCloud web access enabled.
boredazfcuk
commented
1 year ago It needs to send a request to one of my trusted devices to grant the access which I believe
icloudpdis not capable of.
The request wouldn't be sent from the device that accesses the icloud.com website though, would it? Like, if I borrow my mate's laptop and log in to iCloud.com, his laptop isn't going to know what/where to send that request to. The request will be sent from icloud.com to your trusted device, then you need to approve it.
It would already be too late by that point. icloudpd will have bailed because the website wasn't appearing as it expects. I'd guess that launching icloudpd a second time probably isn't going to work either, as icloudpd doesn't save session information from a previous run. This means it would repeat the login process, Apple may see it as a new request and re-trigger the approval notification.
I think icloudpd would need to be changed so that it could re-use the session information from previous runs. I think I've seen this in the cookie, at least that's what I presume X-APPLE-DS-WEB-SESSION-TOKEN is for as I've only ever seen it valid for a month,
Another option would be for icloudpd to just check for that message in your screenshot and just wait until it goes away (when you've authorised the request) before proceeding with the download.
Sponge-bink
commented
1 year ago I should add that this request wasn't triggered until I click the photos icon on iCloud.com. These images were just to showcase what it would look like. icloudpd doesn't trigger OR handle this currently.
boredazfcuk
commented
1 year ago I should add that this request wasn't triggered until I click the photos icon on iCloud.com.
Ah OK. icloudpd would need tweaking to click on this link automatically then to wait for the WebUI to appear. Maybe controlled by an additional command line parameter like --adp or something.
ido2
commented
12 months ago Why isn't this a major issue? Why aren't most people using ADP by now?
+1 for higher priority.
boredazfcuk
commented
12 months ago Why isn't this a major issue? Why aren't most people using ADP by now?
I don't want ADP on my device because it means I will have to authorise icloudpd 4 times per day. What I need is a utility which reliably backs up my photos and only requires interaction with it once every few months. icloudpd does exactly that job.
I guess that's why there's no appetite for for ADP. If there was, somebody would have submitted a PR for it.
ido2
commented
12 months ago I beg to differ, ADP, among other reasons, was developed and released to the public by Apple due to a huge privacy -aware user base. That said, maybe that user base doesn't overlap with the ones using this application on a daily/backup use-case, due to the reasons you have mentioned. Then again, I'm just interested in offloading pics every once and a while, so don't care about the bulky authentication process. So would be happy if implemented :)
Sponge-bink
commented
12 months ago Then again, I'm just interested in offloading pics every once and a while, so don't care about the bulky authentication process.
Same here! I turned on ADP mainly because I can finally backup my messages and the whole iOS device knowing it's end-to-end encrypted.
boredazfcuk
commented
12 months ago I beg to differ, ADP, among other reasons, was developed and released to the public by Apple due to a huge privacy -aware user base.
That said, maybe that user base doesn't overlap with the ones using this application on a daily/backup use-case, due to the reasons you have mentioned.
There's been nearly 1.5 million pulls of my icloudpd container and the number of people requesting ADP support is probably in single digits. I'm pretty sure there's not a huge overlap.
Sponge-bink
commented
12 months ago There's been nearly 1.5 million pulls of my icloudpd container and the number of people requesting ADP support is probably in single digits.
I'm more curious about how many of those 1.5 million pulls were actually made after ADP becoming available to the public. (And dare I add, it's not yet available to all users around the world.) I'm betting that's a lot less appealing number than 1.5 million.
I'm pretty sure there's not a huge overlap.
I genuinely couldn't think of a reason why a person who knows that iCloud Photos need to be backed up, did their research, ended up here with a tool that has no GUI at all, whose the easiest installation requires you to download an executable that has no permission to execute and fails macOS's gate keeper, would be less or even equally interested than the average in a major privacy feature in years for the service protecting those photos ultimately better.
Even if there isn't, that is just the status quo. People using iPhones to take pictures and storing them in iCloud, people want to have a piece of mind that those precious pictures are safe, people care about privacy and want to be responsible for their own data, and the ADP feature, those people/things are not going away in the foreseeable future.
boredazfcuk
commented
12 months ago I'm more curious about how many of those 1.5 million pulls were actually made after ADP becoming available to the public. (And dare I add, it's not yet available to all users around the world.) I'm betting that's a lot less appealing number than 1.5 million.
Around 200k just in September... ADP is 10 months old.
I genuinely couldn't think of a reason why a person who knows that iCloud Photos need to be backed up, did their research, ended up here with a tool that has no GUI at all, whose the easiest installation requires you to download an executable that has no permission to execute and fails macOS's gate keeper, would be less or even equally interested than the average in a major privacy feature in years for the service protecting those photos ultimately better.
You can't think of a reason coz you don't really know what you're on about. My container can be installed, configured and downloading photos within minutes. People have even created YouTube tutorials on how to set it up. The biggest user base isn't people running Windows/Macs, it's people with home NAS devices like QNAP/Synology/Unraid/TrueNAS. They want to set up their NAS to download their photos and forget about it for months at a time, Some people have even complained that their multifactor cookie expiring after 90-days is too frequent.
Even if there isn't, that is just the status quo. People using iPhones to take pictures and storing them in iCloud, people want to have a piece of mind that those precious pictures are safe, people care about privacy and want to be responsible for their own data, and the ADP feature, those people/things are not going away in the foreseeable future.
The Venn diagram of people who care about security, and people who trust GitHub project owners with their iCloud credentials, looks like this:
AndreyNikiforov
commented
10 months ago Accounts with APD are not supported. Sounds like ADP may allow temporal web access and that might be used by icloudpd if support is implemented. Needs R&D work, so changing from bug to enhancement.
ido2
commented
10 months ago FYI, ADP works in https://github.com/steilerDev/icloud-photos-sync/issues/202 and https://github.com/foxt/icloud.js
plplplpl3
commented
7 months ago any chance to update with adp working?:))))
Secnotica
commented
5 months ago Would be lovely.
a-w-1806
commented
1 month ago Plus one for this. Some Apple users I know do not use ADP because they have at least one very old device under their account so that they just cannot turn ADP on. But for me, I turned on ADP immediately after the feature was released. Would be great if ADP is supported in this library.
SnoozeySleepy
commented
1 month ago Another vote to support ADP.
machsix
commented
1 month ago I didn't enable ADP but still encountered the error. Then I realized it occurred because I didn't enable "Access iCloud Data on the Web"
Summary
Can I download iCloud photos with Advanced Data Protection enabled? I have Access iCloud Data on the Web enabled and can download iCloud photos from my browser.
Context
I'm using the Python package. This is what it gives me:
Note that I did not include a -B option in the command, it looked like this:
And the program seemed to have started itself again and told me the second time that have used an unsupported option -B while I didn't.