When I got my iPhone, it uses a 4-digit passcode to protect its contents. Unsatisfied with this, I found the iPhone Configuration Utility (iPCU), which was the only way at that time to enable complex passcodes (passwords) on the phone. After creating a profile and uploading it to the phone using the iPCU, my backups were all forced to be encrypted.
Encrypted backups are not good for tinkering because you need to decrypt the files before you can edit them, and you need to re-encrypt them for it to be restored to the phone. I’m not sure about the encryption scheme, or which programs can access encrypted backups since the encryption happens on the phone.
I don’t remember seeing an option in the iPCU that says “Force iTunes encryption” or similar, so why was this happening? Recently when I was digging through the iPhone OS Enterprise Deployment Guide, I found an important note, under “Backing Up a Device with iTunes”, that reads “If the device being backed up has any encrypted profiles installed, iTunes requires the user to enable backup encryption.”
If you upload any profiles using iPCU, it’s convenient – it goes into the phone directly, but at the same time it also encrypts the configuration for the phone.
For my new iOS devices I simply signed it, and uploaded onto a web server and accessed it from the device. This prevents the backups from being forced to be encrypted, but at the same time it creates a chicken and egg problem – how does my device access the web server without the WiFi profile settings?
I’ll look into that another time.