Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple vs. the Right To Repair (bloombergview.com)

Posted by timothy on from the but-it's-intuitive dept.

retroworks writes: Bloomberg columnist Adam Minter takes on Apple's "Error 53 Code" and the precedents being challenged by the Right To Repair movement. Apple claims that bricking the phone if it's repaired by a non-Apple certified repair shop protects you from tampering with, say, the fingerprint scanner. But the column documents how the number of "certified" repair shops is under attack. If you can't open it, do you really own it?

59 of 381 comments (clear)

  1. It really is about security, not repair by Anonymous Coward · · Score: 5, Insightful

    But then again, anyone could have told you that including biometric security on a smartphone was just inviting this kind of hardware signing.

    Where outside of China are you going to find the components and the equipment to repair any of these electronics, anyway? Everything's microsoldered to a circuit board the size of a credit card, and the tiniest slip of your all-too-human hands and you've ruined a trace on a different circuit.

    1. Re:It really is about security, not repair by mrex · · Score: 4, Insightful

      If you could replace the touch ID sensor with any old thing, then they'd publish about "SECURITY FLAWS IN TOUCH ID ARCHITECTURE DISCOVERED" instead.

    2. Re:It really is about security, not repair by mrchaotica · · Score: 4, Insightful

      It shouldn't even matter! The CPU should be doing the authentication anyway, with the sensor simply sending the bitmap (or whatever) to it. Having the sensor be a "trusted" part of the authentication system is just as stupid as requiring a "trusted" keyboard for putting in passwords would be.*

      (* Yeah, yeah, keyloggers -- but don't even try arguing that angle, because anybody who cared about that wouldn't have chosen to have their phone repaired with un-vetted parts in the first place.)

      --

      "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

    3. Re:It really is about security, not repair by sjames · · Score: 4, Insightful

      OTOH, instead of locking up the whole phone, they could just have it refuse to accept the fingerprint ID and let you continue to use other authentication methods.

    4. Re:It really is about security, not repair by Maritz · · Score: 4, Insightful

      Plus as I understand it, PIN entry is required for setting up TouchID, which strongly suggests that falling back to PIN when TouchID has a problem would be completely reasonable. Apple obviously disagree and instead prefer to brick the phone, whether that is a commendable position in terms of security or a cynical way of selling another phone depends on what you think about Apple I suppose. Personally I'd say it's overzealous...

      --
      I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
    5. Re:It really is about security, not repair by david_thornley · · Score: 2

      Why should the CPU be doing the authentication? Spreading authentication in various pieces of hardware is useful for security. If only the CPU does security, all it takes is one CPU vulnerability in the wrong place and the bad guys are in.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
    6. Re:It really is about security, not repair by 93+Escort+Wagon · · Score: 2

      But then again, anyone could have told you that including biometric security on a smartphone was just inviting this kind of hardware signing.

      Where outside of China are you going to find the components and the equipment to repair any of these electronics, anyway? Everything's microsoldered to a circuit board the size of a credit card, and the tiniest slip of your all-too-human hands and you've ruined a trace on a different circuit.

      The summary does a bad job attempting to conflate the "Error 53" problem and the "do you really own it" question - however...

      At least some reports state these were Apple-certified shops. I've taken my Macs into these sorts of places before - they have access to genuine Apple components, same as the actual Apple Stores. Heck, a few years back I had an overbooked Apple Store Genius refer me to one of these Apple-certified shops! So they should be able to repair pretty much anything that can be repaired in-house at an Apple Store.

      The problem is, the news reports are vague. Are these Apple-certified shops that have done the repair? Are the parts certified? If the answer to either of these is "no", then I can understand Apple disabling the TouchID component of the affected phones. But, bricking the phones? Phones that, post repair, were working just fine until they got updated to iOS 9? It seems to me that's 1) a dick move, and 2) a lawsuit waiting to happen.

      I'd like to believe this is actually the result of a bug, and that it'll get sorted out in a more reasonable manner in the next several months. But, at the moment, it looks as if Apple has shot itself in the foot again, PR-wise.

      --
      #DeleteChrome
    7. Re:It really is about security, not repair by tlhIngan · · Score: 5, Informative

      It shouldn't even matter! The CPU should be doing the authentication anyway, with the sensor simply sending the bitmap (or whatever) to it. Having the sensor be a "trusted" part of the authentication system is just as stupid as requiring a "trusted" keyboard for putting in passwords would be.*

      That IS what is happening.

      But the CPU and sensor are paired up because you don't want to send the sensor data unencrypted across the bus where it's then subject to spoofing attacks. It may seem silly, but it's already been proven on Android phones where a good majority of the sensors do NOT protect the sensor data they send the CPU.

      The CPU gets this data and decrypts it. However, to prevent access from user-level software or even kernel level (via privilege escalation techniques - the kernel is just an untrustworthy), the CPU enters a special trusted secure mode which is completely inaccessible to the kernel and userland software. Here your image data is processed, analyzed and a final determination done when the data is compared against the secure memory storage area (secure enclave - which because it is only accessible in secure mode is completely inaccessible to normal software).

      The problem happens when you replace the sensor which breaks the pairing and encryption keys. Now you have to decide what to do.

      A basic software engineer will say "we'll just re-pair the sensors". Which is great, until you realize you just created a security hole - what if what you just attached wasn't a sensor, but something more sophisticated? Perhaps it's something that pretends it's a sensor, but is really an attack device.

      Said attack device can try to feed specially doctored bitmaps to the secure enclave and do power monitoring and other things to try to divulge secret encryption keys used to access main storage or other things. Or perhaps feed in invalid images meant to crash the CPU in secure mode in such a way as to be able to run arbitrary code.

      Since this mode is superior to kernel mode, it will be completely invisible to the main OS and can spy on everything (think Intel Management Engine, or System Management Mode (SMM) on x86 - the software runs independently of the OS).

      So re-pairing the sensor is a bad idea unless you're in a controlled situation.

      Instead, Apple aborts the complete OS with error 53 - the sensor pairing data is mismatched, and the system is no longer trustable. To protect user data, it would be preferable to simply erase the encryption keys so user data cannot be compromised (think of it this way - the people who can carry out the attack would likely be state actors). Because while 99.999% of the time, the sensor will just be another sensor, who's to tell it isn't a sensor designed to hack the system and spy on its user with the ultimate spyware?

      This is one of those security balances that has to be worked out - do you try to protect user data against state sponsored attacks that have been proven to occur, or do you try to give the user the ability to fix it, at the risk of completely compromising your security?

      Apple chose the former - if the sensor isn't trustable, then the secure enclave is no longer trustable - malware could easily be running and private user data could be sniffed and uploaded for later analysis. So instead, when Apple detects the phone's software may have been compromised, they shut down with error 53.

      Once the secure enclave is compromised, all bets are off. And Apple cannot tell if the TouchID sensor was replaced because the user changed it, or if was changed because the NSA needed to spy.

    8. Re:It really is about security, not repair by mrex · · Score: 2

      I can only speculate, but this might be the more secure choice due to the way that the Touch ID module authenticates directly to the "Secure Enclave", but with the hardware signature verification taking place between the Touch ID module and the CPU. Total speculation though, I don't know the nitty gritty details of the security architecture. I'm disinclined to believe this is all just conspiratorial malice, however.

    9. Re:It really is about security, not repair by MrKrillls · · Score: 3, Insightful

      Exactly. Disable the fingerprint reader and demand a PIN.

      Bricking the phone is evil. Driving people to factory authorized repair doesn't cut it for me. Especially if that involves bricking phones. People are too dependent upon phones for apple to take it upon themselves to decide it is best to brick someone's phone on scant evidence of actual malfeasance. It is wrong. It is wrong minded. It is thoughtless. And it is selfish on apple's part.

      --
      Don't step on the baby.
    10. Re: It really is about security, not repair by hidden · · Score: 3, Insightful

      Disabling touch ID on a phone with a non- genuine sensor would be fine. People would just have to use their PIN instead. But that's not what apple has chosen to do. Instead they've chosen to entirely nuke the device, with no warning. That's not a reasonable behaviour for a consumer security measure.

    11. Re:It really is about security, not repair by kheldan · · Score: 2

      I've been working in electronics for 35 years and know far better than you of what you speak, and I can tell you right now that nobody really is repairing the PCB in a phone, nor should they. Only the passive components and the smallest of the integrated circuits are even remotely replaceable on PCBs that small and that densely packed, the rest require a several-thousand-dollar rework station that requires special training and skills to use, and even then it's a risky proposition to R&R BGA-packaged devices, assuming those are even the problem. What they should be doing is selling replacement (new or factory refurbished) PCBs for their devices, so 3rd-party repair companies can repair customer devices. But they'll never do it, because it's not as profitable as telling people to just buy a new phone. Really, for all the good it does anyone, the entire inside of the phone may as well be just one solid block of epoxy, totally inaccessible, and when it dies, you toss it in the e-waste bin and forget about it; that's what Apple and many other companies want you to do, just buy a new one. Doesn't mean that isn't bullshit, but that's what makes them the most money so that's what they want to do. If automobile manufacturers weren't constrained by laws preventing it, they'd do pretty much the same thing: make vehicle engines completely unrepairable (except for the most basic maintenance), and make you buy a new one every few years (as if we're not close to that now anyway). Anyway, with electronics, that's pretty much the way things are going to be, in part because of the component density necessary to make such small devices, and in part because manufacturers want to make as much money as possible. If they were forced to make them more 'open', they'd probably respond by raising the price.

      --
      Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
    12. Re:It really is about security, not repair by Gr8Apes · · Score: 2, Insightful

      That is a well written response. The real answer is "if you want to use your touch ID and it needs repair, it must be repaired by an Apple approved shop". Otherwise, turn off Touch ID and work without it. The OS gives you no other options.

      Considering that Touch ID does more than merely let you in your phone (Apple Pay) this stance seems 100% reasonable. Apple might have a warning on the phone or a prominent agreement that if you enable TouchID/ApplePay, you understand that turning on TouchID can only be done with Apple certified TouchID parts, and no unapproved 3rd party repairs can have been done. (They may already have this, I don't recall reading it personally)

      --
      The cesspool just got a check and balance.
    13. Re:It really is about security, not repair by Anonymous Coward · · Score: 5, Insightful

      But since it doesn't throw the error when the repair is done but months later when an update is applied kinda makes all of this pointless. I could swap the sensor and access all the data I want the way it works now if I was trying to do so and this "security" measure would not stop me since it doesn't kick in at the time of the swap out. The way it stands now its really only enforcing "apple only" repairs and not any form of security.

    14. Re:It really is about security, not repair by BronsCon · · Score: 5, Interesting

      Falling back to PIN is how I unlock my wife's iPhone 6s Plus when she asks me to change songs or reply to a message on her behalf while she's driving. There's no reason, absolutely none at all, why the Error 53 can't simply be a logged condition that disables the fingerprint reader; Apple should also be able to fix it by pairing the phone and fingerprint scanner.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    15. Re:It really is about security, not repair by sjames · · Score: 2

      If Apple pay would have accepted anything other than the fingerprint in the first place, then there is no back door added by simply refusing to acknowledge the un-paired sensor.

      If not, then disable Apple Pay on those phones but don't brick them.

    16. Re: It really is about security, not repair by mrex · · Score: 2

      It depends on what risks are associated with allowing a device to operate with a non-genuine or missing touch sensor. If, and this is speculative, but if it poses a risk to the secure storage of the "Secure Enclave", then it seems reasonable from my "fail secure" mentality.

    17. Re:It really is about security, not repair by spire3661 · · Score: 3, Insightful

      And as we see, it may be useful for security, but it ruins usability (via making repairs harder than they have to be). Apple has no excuse here. They HAVE to allow 3rd party parts, just like the automakers had to eventually be forced to.,

      --
      Good-bye
    18. Re:It really is about security, not repair by solidraven · · Score: 3

      Fingerprint sensors are dead easy to bypass though. Unless you wear gloves your phone's case contains the unlock information... So intelligence agencies will still get in easily. Bogus argument. Quite frankly there is no reason to encrypt the sensor data on a board level, the moment they had sufficient access to take a desoldering station to your phone it's already past the point of trustworthy. Then again they'd just force your finger on the sensor... And if you want a sneak attack, just bug the screen driver and capacitive touch IC instead... (easier and far more valuable data).

    19. Re:It really is about security, not repair by BronsCon · · Score: 2

      But the CPU and sensor are paired up because you don't want to send the sensor data unencrypted across the bus where it's then subject to spoofing attacks.

      Wrong. Supposedly, the fingerprint data is stored in the secure enclave and can not be retrieved. The sensor and secure enclave are paired (the secure enclave and CPU likely are, as well), at least according to Apple, and the match decision of made by the secure enclave.

      Now that that's been cleared up, there is no reason to brick the device if the sensor fails to authenticate itself; just don't talk to the sensor anymore. Shut down its power and data lines and turn it into a dumb button like it was on the iPhone 5 and earlier; PIN still works.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    20. Re:It really is about security, not repair by AmiMoJo · · Score: 2

      If Apple can pair the sensor to the CPU, an attacker can pair their own hardware to it as well.

      There are numerous ways Apple could allow replacement of the sensor and remain just as secure. For example, allowing the user to pair the new sensor but requiring that all existing encryption keys be wiped in the process. That way it couldn't be used to access existing data on the phone, and while new data would be at theoretical risk that would at least be up to the user. A simple message on the display is all that is required.

      They could even just disable the sensor but allow the phone to carry on working otherwise. You know, not brick it because one non-essential part failed. Unfortunately this is only likely to get worse - 3rd party tyres bricking cars will be next, because safety.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    21. Re:It really is about security, not repair by BronsCon · · Score: 2

      The fingerprint scanner no longer working should tell the user that much, no need to brick the phone to do it. And it would be immediate, not weeks or months later when a system update is installed, like Error 53.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    22. Re:It really is about security, not repair by AmiMoJo · · Score: 2

      If you can replace the touch sensor you can certainly intercept signals from the touch screen, which are not encrypted (they are analogue) and capture the user's PIN code anyway.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    23. Re:It really is about security, not repair by BronsCon · · Score: 3, Insightful

      Yup, because a sensor that is disabled (power and data pins) when it fails to authenticate itself can totally prod at the rest of the system.

      And if Apple's engineering is that weak, they deserve the criticism. If the secure enclave is truly write-only as Apple claims, if communication between the fingerprint reader and the secure enclave is encrypted as Apple claims, if a rolling secondary key is used as Apple claims, if the match decision is made within the secure enclave (as would be necessary if it is write-only)... see where I'm going with this?

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    24. Re:It really is about security, not repair by rjstanford · · Score: 2

      What's to stop them from keeping the data encrypted, not allowing access, and just using a second account (call it a guest account like on a PC) that has no access to the stored and encrypted data but does allow then to use a second profile until it can be replaced with a proper sensor?

      Technically nothing, but security is a really touchy area. The more code that you have that says, "Well, we think there's been a breach, but let's be super-clever instead of just shutting down," the easier it is for someone to escalate and gain privileges, which in this case includes the ability to generate Apple Pay tokens at will.

      --
      You're special forces then? That's great! I just love your olympics!
    25. Re:It really is about security, not repair by spire3661 · · Score: 3, Insightful

      Usability includes the sum total of the life of the device, including 3rd party repairs. Security is always a compromise between usability and integrity. Apple fell too far on the security side and hampered usability. For the record, i read your comment on my ipad, the only axe i have to grind is making sure we maintain a 'right to repair', which includes 3rd party parts.

      --
      Good-bye
    26. Re:It really is about security, not repair by BronsCon · · Score: 2

      Indeed, the claim is that the fingerprint hash is stored in the secure enclave and can not be read from it. It's actually pretty damn smart, honestly; enclave gets placed into storage mode and is fed a fingerprint hash, which it stores; then, enclave receives a hash in comparison mode and only has to answer "yes" or "no" as to whether it's a match. As for Apple Pay, the secure enclave stores a token generated by the card issuer and uses that token to generate authorization responses for given transactions. In that way, data that is written to the secure enclave never need be read from it, so it's perfectly reasonable to not be able to read from it; erasing is simply a matter of overwriting with zeroes.

      That said, for the security vulnerability that Apple wants us to think they're protecting us from to actually exist, the secure enclave itself must be flawed or Apple must be lying about how it works. In either case, Apple is lying about something.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    27. Re:It really is about security, not repair by omnichad · · Score: 2

      In an emergency, you don't unlock your phone - you just dial an emergency number.

    28. Re:It really is about security, not repair by Ol+Olsoc · · Score: 2

      Why don't you just add one finger to her list? My partner and I each have one finger that unlocks the other's phone. My passcode is well over 10 digits, and it would be a pain for her to remember it in an emergency.

      My wife shows me one finger all the time.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  2. If you can't open it, do you really own it? by bulled · · Score: 3, Insightful

    No, but this is the trade off people make when buying devices like the iphone/ipod. Clearly people value having the fashionable/trendy/"Just Works*" that Apple provide over being able to fix something that is broken. Until that trade off tilts harder against the consumer it will continue to be made.

    * - For some values of "Just Works"

    1. Re: If you can't open it, do you really own it? by h4x0t · · Score: 3, Funny

      Apple store genius: Can I help you?
      Any sensible human: No you cannot.

  3. Popup by bondsbw · · Score: 4, Insightful

    "Would you like to use this new fingerprint scanner? [Yes] [No]"

    Yes -> "Please enter your password."

    See that wasn't so hard.

    --
    All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
    1. Re:Popup by Anonymous Coward · · Score: 2, Interesting

      Customer: "Hi, my home button stopped working, could you fit a new one for me please?"

      ShadyRepairShopAssistant: "Sure, that will be $50, also I'll need you to unlock your phone for me"

      Customer: "No problem, here you go" ... later ...

      ShadyRepairShopAssistant: "Lol, we totally got that guy to unlock his phone so we could clone it, install compromised security hardware etc."

  4. Property by Anonymous Coward · · Score: 5, Insightful

    Property for peasants is so last century.
    Welcome to the 21st century, where property is only for corporations, copyright is eternal and everything is under license.

  5. EULAs ... by gstoddart · · Score: 5, Interesting

    We pretty much lost this fight when judges upheld the right of corporations to make EULAs binding, including the ability of corporations to change them as they see fit.

    Combine this with the DMCA, and the rest of the copyright/IP bullshit, and, no, you don't own it any more ... you have the right to use it according to their terms, but in no way do you own it in terms of being able to take it apart, modify it, fix it, repair it, or otherwise do anything they haven't licensed you to do.

    This is the direction corporations want to go, and they've been getting lawmakers to enable them.

    You, the consumer? You have no rights other than what they've chosen to give you.

    Until we see lawmakers shift the other way (and they're heavily influenced by lobbying and campaign contributions), you can expect with shit like the TPP and everything else, you'll see less and less "rights" to the products you think you own.

    Welcome to the awesome future, in which the corporations hold all the cards.

    --
    Lost at C:>. Found at C.
  6. Your government is untrusted with your data. by tlambert · · Score: 4, Insightful

    Your government is untrusted with your data.

    But escaping that is "fashionably trendy".

    Got it.

    1. Re: Your government is untrusted with your data. by TheReaperD · · Score: 3, Interesting

      99.99% of customers, Apple or other, could care less about government intrusion into your devices. Here on /. it seems otherwise because we're not a fair sampling of the general population. This is nothing more than a poor excuse to force people to only repair with Apple, at a highly inflated price, or buy a new device. For the few that really care about keeping our data away from the government, smartphones should never be an option in their current form. They're a tracking and security nightmare.

      --
      "Be particularly skeptical when presented with evidence confirming what you already believe." -
  7. If I can't fix the FPU in my Pentium III... by tlambert · · Score: 3, Interesting

    If I can't fix the FPU in my Pentium III... do I really own it?

    1. Re:If I can't fix the FPU in my Pentium III... by drinkypoo · · Score: 5, Insightful

      Are there any tamper-proofing features in the P3 that would prevent you from doing this? Or is your inability simply due to your not having the right tools, not that anyone does?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  8. I hate Apple but they're right by technomom · · Score: 2, Insightful

    Think of it this way. Do you own your Visa card and your tamper-proof Driver's license? Sure, but if you screw around with the chip in either of them, then you shouldn't expect that they'll work anymore. Older New York State driver's licenses turn black when you try to peel off the laminate.

    So you can own stuff but if they have security built in for identification or monetary protection, I think it is reasonable for it to be rendered useless if tampered with.

    1. Re: I hate Apple but they're right by Anonymous Coward · · Score: 5, Informative

      No, you do not own the VISA nor the driver's license. They are not your property.

    2. Re:I hate Apple but they're right by Anonymous Coward · · Score: 5, Informative

      Have you read the text on the card, or in the cardholder's agreement you signed on to when you choose to keep and use the card? I believe not, because you'd have come across the text "The card provided is the property of [company] and must be returned or destroyed upon our request." It is literally one of the few things you think you own that you actually don't.

      Have you read your statutes regarding your driver's license? I also believe not, because you'd note that most all governments retain the right to revoke the license (at which point, again, return the license or destroy it) and, in fact, in some places, possession of the license after that is illegal (sometimes effectively making you a criminal without your knowledge if they cancel it due to parking tickets while you're driving). The province I live in just fixed that issue last year allowing you to retain your invalid license card on the understanding it is no longer legal for any purpose other than identification. Still, to ensure there's value to the identification, the license is designed to show tampering. Again, one of the few things that it seems like is yours, but by the classical definition of property, really isn't.

    3. Re:I hate Apple but they're right by SvnLyrBrto · · Score: 2

      Also, what not many people are considering is the fact that there may be a third party in play here: the credit card industry. No one knows the exact details of Apple's contracts with the credit card providers. But ApplePay transactions are processed as qualified card-present transactions and get the lowest transaction fee that the industry offers. (Walmart is especially butt-hurt about, and has complained publicly. That's why they're so ardently supporting CurrentC.) To get that concession, Apple would have had to go above and beyond the usual security region and possibly even agree to absorb some of the cost of fraud, should ApplePay be compromised. This whole issue could be part of that same security regime. That's speculation, of course. But I've had to deal with PCI compliance before, and it does seem to logically follow.

      It's not devices that self-destruct when their security systems are tampered with are unknown, or even uncommon. Ever had to carry one of those key fobs for 2-factor login authentication? I thought so. And I also agree that this is a good idea. The amount of personal information in my iPhone is staggering, and even with the security measures that *ARE* in place, it still concerns me. It's not just the credit cards in ApplePay. My 1password vault is also on there. And that would be even worse a breach than the credit cards.

      If anything, I wish Apple were making the iPhone more secure. Passcode vs. fingerprints should not be an either-or choice, but should be configurable as true 2-factor. And I'd also like a code that immediately wipes the phone, instead of just waiting for the requisite number of failed attempts. (At least you can reduce this number with a custom profile.) What'd be even better is to set an alternate fingerprint to launch that wipe.

      --
      Imagine all the people...
    4. Re: I hate Apple but they're right by wowbagger999 · · Score: 2

      And what has this in any sense to do with hardware you buy, or don't you own your car either? You know, comparing apples and oranges.

  9. Re:Of course not by stealth_finger · · Score: 3, Insightful

    If you can't open it, do you really own it?

    Mere common sense tells us that that the answer is NO. If a person sells you a product, yet retains the right to forcibly dictate how you use that product, then you haven't bought anything at all, but rather leased it.

    Especially if they reserve the right to brick it irrecoverably because you had the gall to try and get repaired by someone other than them.

    --
    Wanna buy a shirt?
    https://www.redbubble.com/people/stealthfinger/shop?asc=u
  10. No, it's really about vendor lockin by Anonymous Coward · · Score: 2, Insightful

    No, it's 100% about vendor lock in. Stop shilling.

    1. Re:No, it's really about vendor lockin by silas_moeckel · · Score: 2

      If you think relying solely on fingerprint will stop law enforcement from getting into your phone? They will force you to put your finger on the reader. Something you are is not a protected thing something you know may be.

      --
      No sir I dont like it.
  11. Typical obfuscation journalism by SensitiveMale · · Score: 3, Interesting

    From what I understand and I could be wrong, but this issue isn't repairing an iPhone. I don't see how there is a problem replacing a screen or battery. It's when a shop replaces some part that is within the Apple Pay environment. Apple could have a point that using third party hardware can compromise security.

  12. Apple's planned obsolescence profit strategy by JoeyRox · · Score: 3, Insightful

    Think of it as a three-legged stool. The first leg is to mete out feature and function improvements so that each new model has just enough goodness to entice an upgrade. The second leg is to release iOS updates that run so slowly on existing models that users are forced to upgrade just to restore the relative performance they used to get on their current phones. The third leg is to charge exorbitant prices for authorized repairs while making it impossible for third-parties to provide affordable repair services.

    This strategy is designed to gently encourage and then forcibly coerce users to keep upgrading their phones.

    1. Re:Apple's planned obsolescence profit strategy by david_thornley · · Score: 3, Informative

      Apple wants to keep making better phones. They normally succeed (although I'm not a fan of the size of the 6 and 6S). Apple keeps upgrading the software on their phones more than pretty much anyone else, but usually when a phone gets old it's a trade-off whether to run an OS designed for a much more capable phone or fall behind on the software. I read the reviews first. Third, nobody's stopping you from getting repairs of the non-security-sensitive components.

      The thing is that Apple works hard to make iPhones secure, and since Apple doesn't sell many different models you don't get an option to buy a less secure one.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
  13. Buy apple and get what you deserve by stealth_finger · · Score: 2, Informative
    If you get your phone bricked for having the absolute audacity to take to phone

    For example, an unauthorized or faulty screen replacement

    . Who authorised the failure dickheads? They should be made to replace every single device they bricked with no reason or warning. Maybe this is how they plan on getting over their stagnation in sales, make all the dumb fucks who bought one in the first place buy another one just because. And you know most will because they can't be without their idevice.

    --
    Wanna buy a shirt?
    https://www.redbubble.com/people/stealthfinger/shop?asc=u
  14. Right to Repair? by mveloso · · Score: 2

    I'm not sure there's a right to repair, but it was always convenient that I could repair hardware. As things go more solid-state and have tighter tolerances the repairability obviously goes down...and security adds another level of issues on top of all that.

    I think it's prudent for Apple to lock down hardware, especially given the world we live in. It would be nice, though, that instead of locking everything down the OS could run in a reduced state. Of course, for some components that would be impossible - like if the screen got replaced you'd be screwed. How do you tell the user that "the screen is unauthorized - do you want to use it anyway?" if the screen has been compromised and could tap on anything?

    As a first-gen feature, I'm not surprised that the 53 lock was all-or-nothing. Hopefully future revisions will be more granular in their disabling.

  15. Profound misunderstanding of what ownership means by Brannon · · Score: 4, Interesting

    Ownership means you have every right to tamper with something. It DOES NOT mean that you have any guarantees that the hardware will continue to work if you do so. It never has, EVER, in the history of mankind, EVER meant that.

    Microwaves and other electronics will frequently have tamper avoidance measures built into them for safety reasons--does that mean you don't own your microwave? An emissions control system might disable a car or generator if it discovers it's been tampered with, does that mean you don't own your car?

    A biometric sensor may be tamper-proofed for security reasons (which is exactly what happened here)--doesn't mean that you don't own it.

  16. Separate issues by sjbe · · Score: 4, Insightful

    Where outside of China are you going to find the components and the equipment to repair any of these electronics, anyway?

    Umm, you can buy things from China. If you need proof of this please visit your local Walmart.

    Everything's microsoldered to a circuit board the size of a credit card, and the tiniest slip of your all-too-human hands and you've ruined a trace on a different circuit.

    The practicality of actually doing a repair or modification is not relevant to whether or not one should have the right to attempt the repair or modification. Those are separate issues.

  17. Why, oh why??? by eeyore · · Score: 2

    If you don't people messing around with "their" phones - license them, don't sell them.

  18. Re:stop buying overpriced overhyped apple trash by Archangel+Michael · · Score: 3, Insightful

    I've known plenty of people who have had both, switched, and switched back. Both ways.

    People want what they want, and there is a choice. Apple or Android are both perfectly fine as consumer choices for everyday people. Some people prefer (gasp!) Apple, others prefer (gasp!) Android even after trying the other. I know, really hard to understand how anyone can like either, considering how awesome Windows Phone (or whatever it is called today) is!

    IMHO the biggest limitation to what a phone can do, is the user using it.

    --
    Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
  19. Re:Profound misunderstanding of what ownership mea by Grishnakh · · Score: 2

    An emissions control system might disable a car or generator if it discovers it's been tampered with, does that mean you don't own your car?

    No, but for good reasons there have been various laws to prevent carmakers from forcing consumers to use their dealerships for service, such as the Magnusson-Moss Warranty Act of 1975 (which prevents carmakers from voiding your warranty if you don't use their OEM parts and dealership service, unless they can prove that you caused the problem that way), and also the Massachusetts "Right to Repair" law which requires carmakers to provide the same information to independent shops as they do to their dealers, and which is binding in all 50 states.

    Also, citation needed on disabling a car. I've never heard of that. Tampering with emissions control on a car usually yields a "check engine" light and an OBDII code, which makes it impossible for you to pass emissions checks if you have to do that in your state/region. It doesn't "brick" your car. Cars always come with "limp-home" modes because the bad press of having a car that refuses to work for some silly reason is going to kill sales for that automaker: no one (except maybe an Apple cultist) wants a car that refuses to drive for some dumb reason, as people depend on their cars for transportation. Even when something is seriously wrong with the engine, cars will attempt to "limp home" because it's better than being stuck somewhere dangerous.

    Microwaves and other electronics will frequently have tamper avoidance measures built into them for safety reasons

    What are you talking about here? I've taken my microwave apart, it's pretty easy. If you're talking about "tamper-resistant" screws, don't make me laugh. You can get some screwdriver bits at Harbor Freight for a few dollars to open these, or you can just find another screwdriver that you can manage to jam in there and turn it with.

  20. Lies by dkman · · Score: 3, Insightful

    If they wanted what they claim they wanted then they could simply show a warning that "certified parts were detected" or a "tamper detected" every time the phone boots, or more annoyingly every time it wakes.
    What they really want is for you to come suck from their teat any time you need help with their device so they can enjoy the cash flow and laugh all the way to the bank with their 18 billion in profits.

    --
    I refuse to sign
  21. Fixed a mistake in the article by Khashishi · · Score: 4, Insightful

    How can I avoid Error 53?
    Don't buy Apple