> A practice contrary to the principle of the anti-waste law
> In France, serialization is theoretically prohibited, according to Alexandre Isaac. Since the entry into force of the anti-waste law in November 2021, the consumer code mentions that "any technique, including software, by which a marketer aims to make it impossible to repair or recondition a device or to limit the restoration of all the functionalities of such a device outside its approved circuits is prohibited”.
I think it's possible and it would be a good thing. Although I wonder...I use a slightly older brother printer (prob. 4-5 years old) with 3rd-party cartridges without problems. Is it different with other printers?
So hypothetically if I get an app into iPhone app store, that is later removed by Apple for "duplicating functionality of the OS" (obviously, incomplete), would the inability to sideload the app from a web site be a violation of this law?
Any technique with makes it impossible to repair or recondition by definition also makes it more difficult to pwn. See https://news.ycombinator.com/item?id=35954422 for one example.
You can also buy fake iphones today which are near indistinguishable from the real thing unless you have a deep knowledge into the product, you can have a look on youtube.
Preventing repairs did not help them on that aspect.
I did read the article, no it's not a genuine piece of hardware, they changed the microcontroller.
And by the way, it's also possible to do the same exact thing in an iPhone right now, somebody could totally hook up a microcontroller with a microphone straight to the battery.
If you want to go all the way, you can also replace the whole device straight with a fake iphone and record everything.
> I did read the article, no it's not a genuine piece of hardware, they changed the microcontroller.
They took the genuine piece and swapped some stuff out and modified firmware, not just made a straight up fake. That's why it was hard to detect, it was a completely genuine device on the face of it.
> And by the way, it's also possible to do the same exact thing in an iPhone right now, somebody could totally hook up a microcontroller with a microphone straight to the battery.
Yes. But that is tricky (not much free space in the body to add something new) and can probably be detected visually. However if somebody swapped an existing part like a camera for a fake camera that acts like a camera but also spies on you then it would be tricky to visually see, but the phone would warn you.
> They took the genuine piece and swapped some stuff out and modified firmware, not just made a straight up fake. That's why it was hard to detect, it was a completely genuine device on the face of it.
They could have also made a complete fake as well instead of a partial fake just by keeping the plastic enclosure, this device isn't exactly complicated.
> Yes. But that is tricky (not much free space in the body to add something new) and can probably be detected visually. However if somebody swapped an existing part like a camera for a fake camera that acts like a camera but also spies on you then it would be tricky to visually see, but the phone would warn you.
That's kind of a ridiculous threat model anyway, those targeted attacks are just going to hack the iPhone and stream the camera in software whenever they want with some custom payload.
> They could have also made a complete fake as well instead of a partial fake just by keeping the plastic enclosure, this device isn't exactly complicated.
In case of this device, sure. But it would be much more costly and error-prone, build your own PCBs etc. But in case of iPhone we don't worry about them building fakes from scratch, because those would be easy to tell on the spot. We worry about a genuine phone with fake parts.
> That's kind of a ridiculous threat model anyway, those targeted attacks are just going to hack the iPhone and stream the camera in software whenever they want with some custom payload.
As it is now these phones are not so easy to hack without user proactively installing malware and many of them would survive only until the next OS update or security response payload. A hardware attack is more compelling.
> But in case of iPhone we don't worry about them building fakes from scratch, because those would be easy to tell on the spot.
I suggest having a look to Youtube. Some fake iPhones are so good that unless you have a deep knowledge of the product, you can be fooled. I certainly would be fooled.
> As it is now these phones are not so easy to hack without user proactively installing malware and many of them would survive only until the next OS update or security response payload. A hardware attack is more compelling.
I'm confident those state actors have the payloads ready whenever they want to use it on high value targets, this is kind of naive. Pegasus NSO could be a public example of that.
You are not valuable enough to require such an exploit but that's a thing right now.
By "did not help", you meant "did not completely 100% solve the problem", right? In the same way that seat belts do not help traffic fatalities because there are still traffic fatalities?
No, I meant that it did not solve any issue in this area at all, fake iPhone are as easily available as other fake brands. It's 0% affecting fake products which have their own separate supply chain anyways.
Again, the existence of X does not mean that all efforts to reduce the incidence of X were completely useless and therefore should not have been undertaken.
Fake iphones don't and won't use any genuine parts. So locking said genuine parts achieves absolutely nothing against fakes, so yes that does means that if that's the goal, it's pointless.
It's not about fake iphones. It's about taking a real iphone and swapping a part for non-genuine one that does something you don't expect (or find out)
It's telling that you see this as a trial. Nobody else does; there is no defense or prosecution or any of that.
The reason Apple prompts for genuine parts is to devalue the stolen phone market. If repair shops could put in any old camera, there would be a lot more incentive to sell stolen phones to repair shops, therefore more incentive to steal phones, therefore more stolen phones.
Apple's a giant company. I have no emotional connection to them. But most of what we're talking about here makes sense from a business and even customer-friendly perspective, or at least as a reasonable tradeoff between ease/expense of repair and likelihood of having your phone stolen or pwned.
There's going to be a trial about this so yeah those excuses do matter, that's going to be hard for them to get their point across being so anti-repair during so many years.
For stolen parts, they could lock the parts if the device is locked, that's a solution against theft to resell parts but again, that's not what's being done either. It's becoming pretty hard to justify their bad practices.
They already have cryptographic authentication for parts, they know it's a genuine part from a donor board, they just purposely reject it.
> Are those exclusive options? I don't know. Which one I think is more important? I don't know.
First they are indeed not exclusive options, locking parts when the phone is locked is a possible option.
And then we have to think what's the most common for most people, a dropped iPhone on the floor which needs a component change or somebody swapping touchid while you are sleeping. I have my own idea on that.
> They already have cryptographic authentication for parts
What if a genuine part is modified. I am not sure it is a solvable problem?
> First they are indeed not exclusive options, locking parts when the phone is locked is a possible option.
If that is technically possible I am all for it (but if I had to choose between no integrity protection and integrity protection that makes it harder to repair, I don't know what I would choose). However if you are a phone, how would you distinguish between a legitimate repair and malicious swapping out of parts? Sounds like incompleteness theorem would say you can't
> What if a genuine part is modified. I am not sure it is a solvable problem?
Same problem as it is now, nothing changes.
> However if you are a phone, how would you distinguish between a legitimate repair and malicious swapping out of parts? Sounds like incompleteness theorem would say you can't
If your threat model is malicious swapping parts, an iPhone isn't for you anyway, you need a device more secure than that.
And I doubt that applies to more than an handful of individuals, even targeted attacks themselves usually don't go this far and prefer to just exfiltrate the data by software.
> Now the phone warns you about a replaced part. Even if it is a genuine one.
Yes, and that's a broken behavior.
> This is a thread model of many people in many countries today. Sorry for stupid question but is there a usable phone that is more secure, seriously?
No it's not a threat model of many people. I'm not even aware of such an attack existing publicly, please link relevant media articles of past attempts, including on Android. Targeted attacks go for the software because it's easier and doesn't leave a trace.
> Sorry for stupid question but is there a usable phone that is more secure, seriously?
Publicly you have GrapheneOS, privately you have security firms providing secure systems for high profiles which are targets.
> I'm not even aware of such an attack existing publicly, please link relevant media articles of past attempts, including on Android. Targeted attacks go for the software because it's easier and doesn't leave a trace.
Absence of evidence != evidence of absence. It is technically doable and not that difficult, give a minute or two in private with someone's phone.
> Publicly you have GrapheneOS, privately you have security firms providing secure systems for high profiles which are targets.
Does GrapheneOS protect from part replacement?
Also I mean entire populations, such as prosecuted ethnic minorities or people with political views (cf Uighurs or HK freedom supporters). They also need to live a normal life by the way, where they can use the normal apps and not conspicuously juggle two phones all the time.
> Any technique with makes it impossible to repair or recondition by definition also makes it more difficult to pwn.
If you can touch it, you can pwn it. This is applicable to every piece of hardware ever existed, including the M2 Macs. Just because we don't have the (publicly available) tools (yet) doesn't mean that they can't be pwned.
More difficult? Yes. So difficult that currently thrown away Macs with Activation Lock on are solid e-waste? Yes. But don't expect it to stay so forever.
I remember how Apple had been turning magnets in the iPad covers so that reversed polarity prevented them from being compatible with iPad of previous generation despite having exact same form factor and size. Such a pro consumer corpo. :)
I don't mean to be the devil's advocate, but I'm pretty sure that disabling Face ID when replacing the camera with a generic one is primarily a measure to thwart potential hardware-based attacks...
There are simple ways to allow hardware changes without losing security. One straightforward idea: Once the phone is unlocked (e.g. by pin code) allow the user to authorize the new hardware.
This is effectively what Apple does already. The usual difficulties with asking users to make security choices don't really apply here: Physical changes to the hardware are requires, so security fatigue isn't as big a deal. Maybe you get some protection from wrench attacks by not having the authority to pair new internal hardware, but that seems like a very specialized use case...
It's sad that that's not up to the user. maybe paternalistic comprising is what Apple's customers really want, but I'm convinced it's bad for the user and bad for society in the long run.
I think it's a natural consequence of miniaturization and other technology advancements. With today's technology you can hide a hardware backdoor inside a counterfeit version of a chip and the only way it could be detected would be to de-cap the chip and examine it under an electron microscope.
Hard disagree — there are plenty of things where human brains will take a shortcut no matter how smart the individual is. Security is especially a category where humans will fault, no matter what.
I'm not convinced that they need to. What threat model are you considering? In this case, the privilege that the user is granting the new hardware is the authority to unlock the phone.
Since the phone has to already be unlocked for this privilege to be granted, it can't be used to bypass authentication.
The hardware is already installed by this point, so if it's 'spying' it can do that. The user's choice has no impact on the hardware's ability to record and/or deliver information.
At best, the replacement hardware would be able to unlock the phone for the attacker at some later time. However, the cost of getting this customized unlocking device into the phone seems high given that the attacker needs physical access to the device to embed the hardware in the first place, and then again at a later time to get into the device.
For example, my dad used to use Androids. Without fail, he would get malware on them, he simply could not resist bypassing the security prompt to click on something he wanted to click on. Or maybe he does not understand English, or the concept of malware enough to properly heed the security warning pop up.
With iPhone, it’s not possible, so there is no worry, and no malware. Same with the hardware changes. People like my dad, or my wife, or even me who have very little interest in technology simply want to trust their device. And this device is literally the key to their life, their financials, their personal data.
All I know is my life has been made much easier by slinging Apple devices at people in my family that they simply do not have a way to mess up.
The topic seems have changed to sideloading here, for that they can bury the setting somewhere or require connecting a PC over USB (but hopefully without involving Apple’s servers or requiring a Mac) to enable it if that’s really their motivation
But their main motivation is likely control and profit more than safety
I don't think this is quite that simple, because one user's authority could potential trump everyone else's in a company or group, once a vulnerable device infiltrates the system. Having trusted authorities works well when everyone has to rely on the security of the device. Once you can bypass that authority you effectively have a cheap MITM attack.
You are describing a different class of attacks. If the company owns the device, they should be free to (try to) lock it down all they want. OP is about Apple locking down devices that someone else ostensibly owns.
Why? If this is really an attack-vector a company considers, it could streamline hardware-repairs into their internal processes.
If the device is enrolled in a corporate MDM, the confirmation of HW-changes could be delegated from the user to the admin, with the device working in "degraded" mode (i.e. no FaceID) until the admin approves the Repair.
Even more, large companies could contract with specific repair-companies to authorize them for their company devices and their repairs are synced into the corporate processes.
This would create a paradigm-shift in that market as repair-volume suddenly becomes more predictable ("I'll repair phones when they come in" --> "my company is the exclusive repair-center for a footprint of 10k corporate devices"), repair-companies will commit to certain performance, then drive smaller-volume contracts and individual repairs to offset the cost of such guaranteed turnaround-times, and so on...
Insisting on approved camera avoids making it easier for bad actors to stealthily capture's a victim's biometrics and then use a third party "camera" to replay that information and unlock the victim's phone without them being present.
Arguably if you anticipate someone targeting you who is capable of attacks this sophisticated, you are very far outside the norm and should probably have an entirely different relationship with your devices than most people.
"Couldn't just", might be, probably not. Face-ID is a pretty complex and very highly integrated system. The dot pattern can't be changed, because each dot in the pattern (~100 dots or so) is actually a VCSEL laser. The large constellation (>30k dots) is created by a diffractive beamsplitter. The sensor is probably custom, so I'd wager the CMOS IR sensor is actually physically the thing that's paired to the Secure Enclave. I doubt there's just an unencrypted MIPI link running from some random 1/6" OmniVision sensor to the CPU.
Because the camera represents the analog hole. If you can replace the camera, you can hook the phone up to a computer and feed it pictures of faces instead, until the phone unlocks.
If you find that attack vector so scary, I'm sorry to inform you that it is already possible to prop up an iphone against a pizza box and have it stare at a screen showing a feed of pictures.
Admittedly you might have to put the iphone on its side so you can get the charging cable in there, which means you might have to figure out how to rotate the pictures too.
> I'm pretty sure that disabling Face ID when replacing the camera with a generic one is primarily a measure to thwart potential hardware-based attacks.
I'm pretty sure it's not. The number of people which would be targeted by this is too small to justify the additional costs. The vast majority of people which would be targeted by this are pretty much screwed anyhow since the adversary already has physical access. It's much more likely a brand protection scheme to ensure there are fewer items out there with sub-par hardware.
If apple thinks it's an issue make it clear before letting me activate it that they no longer guarantee any safety (which they don't anyway, that's the joke, you already signed that way in the user agreement).
My ISP will provide me with a router and full support. If I change the settings or flash firmware they will no longer support it. However, if I let them restore the factory firmware and config they will again support it.
It's not hard and apple's motive here is clearly maximize stock value, nothing else.
I'm not sure I buy it. The sensor itself in the camera doesn't do mutual authentication with other components. If you have enough interest / access to mess with the hardware permanently, you'll be able to feed whatever image you want to the original camera chip.
The number of people who could be targets of an attack of such sophistication is so vanishingly small, that it seems irrelevant compared to the number of people who need repair work on their phones.
In this case I don't think the OP was attempting to use whataboutism for the purposes of distracting away from Apple, or explaining away Apple's behavior. It was more of a "and-also-whataboutism" to bring Renault under the same scrutiny.
I am 100% sure that more 2nd-3rd user iphones are circulating in active use than the lineage os downloads summed together ever. Like, it’s not really a thing for the general populace.
Last official update from galaxy s4: Android 5.0.1 in 2015 [1]
Last official update to iPhone 5s: iOS 12.5.7 in 2023 [2]
I’m well aware that you’re speaking of custom roms, but insinuating that this is solving ewaste issues is disingenuous at best. No ewaste is fixed by us nerds flashing custom roms through adb incantations in out of support hardware.
And despite all of that, I can still use the Galaxy S4 (or even the Galaxy S3 if you really cared, specs are a bit low but it still works) as a daily driver with a modern Android version whereas the iPhone 5 or the iPhone 4 can only end up in the bin, there's nothing to be done about it.
Maybe that's a lesson to learn that we should require open bootloaders and more open systems to reduce ewaste. If Android devices were more opened, this amazing effort to save devices could be even better. As we go forward, more and more older devices will simply be good enough if you could just install software updates onto it.
And as of "nerds", I may point out that the general public doesn't reinstall their windows either and just go to a repair shop.
You technical can yes but Iphones of that age are as good as bricks in my opinion though, the browser isn't updated and is terrible and you can't install any normal app anymore.
I honestly don’t get this sentiment, and why Apple is targeted for these — this is objectively the one category where Apple is unlike every other phone manufacturer. How many people walk around with 8 years old any Android phones? I bet that number is insanely small, yet I see it everyday in case of iphones, which manage to get 2 or even 3 owners in their lifetime.
Look at the resell value of any other phone, it basically drops to zero the moment you open the box, while even older iphones get sold for very fair prices. And getting that many years out of a phone is absolutely stellar.
Perhaps, but their policies and support for old hardware far exceeds anything you see in the Android world. But you point out THIS "shitty company" while not throwing your gaze towards all the other "shitty companies" like Samsung, or Google, or Sony, or Microsoft. Could it be that your disdain for the type of people that buy Apple products just rings through? The tried and true "them" vs "me" attitude.
Personally, I just let strangers like what they want to like. WTF do I care if they like this phone instead of this other phone.
It literally does - their devices easily reach 8-10 years of active usage, and we are talking about something that is used more than your shoes per day, actively charged-discharged each day, thrown around/fallen down, etc. Like that’s a great lifetime however we look at it, and it might need one or two battery replacements max for that.
The entire point is that yes, all of them are doing it and Apple isn't this golden savior among them that some make them out to be. They trump everyone else in certain aspects like longevity of software updates and privacy, doesn't mean they don't partake in costumer-hostile actions nor does it mean we should excuse those.
My girlfriend's phone is stollen and last location is in China. I'm sure they are selling the parts and the motherboard is useless. If those parts wouldn't work with other phones this theft would be less incentivized.
Serial lock is a good thing if the owner had the option to unlock their phone's parts on Apple's website to be usable for repairs etc.
Scraping stolen goods for parts doesn't happen because it can be done. It is viable because manufacturers make access to spare parts artificially difficult or expensive.
Locking a device to serial is adding insult to injury when companies like Apple decide to campaign against Right to Repair. It must be said that Apple made strides towards making repairing phones easier, but as long as counterfeit or stolen parts remain economically viable, this kind of market will exist.
> but as long as counterfeit or stolen parts remain economically viable, this kind of market will exist.
The point of serialization is precisely to make stolen parts unviable economically, so you’ve painted yourself into a bit of a corner there.
> It is viable because manufacturers make access to spare parts artificially difficult or expensive.
After paying a shop to repair an iPhone with a generic screen, I believe genuine parts cost more because they are better, not due to artificial scarcity. Not only were the colors off, the battery life was less with the new screen.
> The point of serialization is precisely to make stolen parts unviable economically, so you’ve painted yourself into a bit of a corner there.
If every single spare-part can also be ordered new and the sum of usable components from a stolen iPhone totals to ~60USD (excluding the mainboard because it is marked as stolen and fused), it's no longer economically viable to steal an iPhone, send it to another country, disassemble it for parts, test the parts and resell them.
As of today, some parts cannot be purchased by third parties at all, so grey-market sourcing is a viable economy.
> After paying a shop to repair an iPhone with a generic screen, I believe genuine parts cost more because they are better, not due to artificial scarcity. Not only were the colors off, the battery life was less with the new screen.
In the pre-Apple world this was already solved: Manufacturers printed their logo on the spare-part, so buyers knew when they get a genuine part or not. 3rd parties are still allowed to produce parts, but faking the logo qualifies as counterfeit --> If you want an original part, ask for an original part and pay the premium
> The point of serialization is precisely to make stolen parts unviable economically, so you’ve painted yourself into a bit of a corner there.
Assuming this kind of lock is unbreakable and all the parts in the phone are locked, you mean, which is a big assumption in the long run. A side effect is that you can't reuse parts from a bricked phone in another, which increases waste without actually addressing the problem which is access to spare parts.
> I believe genuine parts cost more because they are better, not due to artificial scarcity
Price is not the only restriction, but also the number of parts you can order, having to send back the damaged one (which prevents stocking on spare parts for the future) and the exclusion of third party repair shops. In any case I acknowledged that what apple did is indeed a good step, but the repair system can be improved.
Why not give the owner the option to lock the parts instead? I bet a lot of people don't even consider potential reuse when they intentionally discard their phone.
Hypothetically speaking, if one had substantial data obtained through an atypical usage method that backed the hypothesis a manufacturer “soured the milk” on a widely used technology to pave the way for its removal, what would one do with such information, provided one desired to avoid imperial entanglements?
Rossmann mentioned using a user configurable password or encryption key to prevent theft. What did he mean? Did he mean to use a password or key to protect serialization information? But this would still require serialization of parts, which is what the regulators in France are against.
I’m all for protecting a users’ right to repair, but I’d also like to disincentivize thieves from stealing my phone for parts. Both are important to me. Rossmann seems to think that Apple is just greedy and that the solution is simple, but I don’t see a viable solution in his video.
Can someone with a better grasp on this subject enlighten me? Or did I just fall for clickbait?
The lack of backwards compatibility of older Mac hardware with newer MacOS operating systems and software effectively forces you to replace a perfectly functional computer if you need to upgrade the software.
Such considerations must incorporate public safety/crime considerations as well. Smartphones are often the most expensive thing we have on our person and became a huge target for thieves. Locking/bricking went a long way towards reducing this, and then limiting the value of resale parts did again.
Honestly I wish they would serial lock every single part of the phone possible. And then unlock them when you detach your apple account from it. Put up a message that says "This display is owned by another apple account" and refuse to function until it's removed or you contact the owner to have it unlinked.
Unless Apple is dealing with thefts at the factories before they make it in to a phone.
Technically they could do this already, it could just cause some bad publicity when people who got their phone 3rd party repaired wake up with a message that their screen is stolen.
We need systems, processes, and technologies which ensures the authenticity (provenance) of a supply chain.
Art, food, electronics, materials, clothing, malware, root kits, ad nauseam.
I've been reading about counterfeit, black market, and gray market goods for decades. Do not want.
If I pay $1,000 for a Gucci handbag, I want an authentic $1,000 Gucci handbag. (I have zero issue with knockoffs clearly labeled as knockoffs.)
Anti-consumer, anti-labor, anti-customer, anti-fairuse and pro-monopoly bullshit regiments like DRM, DMCA, inability to repair, and price gouging are orthogonal issues. We can have provenance without these shackles if we choose to reign in corporate power.
As for Apple in particular, they're not the worst, and have been getting better. Their phones and laptops are the most reliable and are becoming easier to repair (design and logistics). The terms of their Apple Care have gotten more generous (forgiving).
Spitballing, I'd say Apple is ~1/3rd of the way towards a healthy cradle-to-grave product lifecycle. They can and should do much better with 3rd party repairs. Like making authentic parts available at cost. Certifying repairs shops. Certifying technicians. Etc.
Source: I was a tech at an Apple Dealer as a kid. Our leads were trained and certified. Our parts were all authentic. My notions are based on experience, not some utopian fantasy.
If the device becomes unusable because it is marked as stolen, disassembling it for parts should not be economic.
One way to do this is spend MORE money to make sure every single part of the device is waste and MUST go to a landfill.
Another way would be to do the opposite, and make the spare-parts readily available for everyone to make the sum of parts less valuable.
The mainboard is already unusable because it's flagged as stolen, the rest of the parts should not be worth more than 60-70USD. But because some of the parts cannot be purchased at all, they are currently worth alot more
That’s not a good reason to do this. If you really wanted to do it that much you could just modify the real parts and that isn’t really a thing that happens anyway. What’s a far bigger concern is giving one company complete control over whether you can repair your own phone or not, creating a monopoly where they can charge whatever they want, and they might not even do it at all because they’d prefer you to buy a new one. This is actually happening to the average person, these theoretical attacks that serialisation doesn’t really protect against aren’t
Maybe you don't hear about it because it works and so no one attempts it
By the way long ago I got a screen repaired at an unofficial place, on an old iphone, and camera started working incorrectly (focusing issues etc). I kinda suspect they swapped the camera for a different one, if the phone warned me immediately that would have been cool. I heard many similar stories by the way.
> A practice contrary to the principle of the anti-waste law
> In France, serialization is theoretically prohibited, according to Alexandre Isaac. Since the entry into force of the anti-waste law in November 2021, the consumer code mentions that "any technique, including software, by which a marketer aims to make it impossible to repair or recondition a device or to limit the restoration of all the functionalities of such a device outside its approved circuits is prohibited”.