I think you got it backwards. The main reason is to exclude 3rd party repairs and extra security is a side effect that can be used as justification. Follow the money.
IMO there is way more money, like orders of magnitude more, to be made from successfully branding the iPhone as the most secure and private smartphone, compared to the repairs market.
They can already do that without harming repairs. As if replacing the hardware with physical access and giving the phone back to you to tap you is an attack people are actually afraid of... (and if they were, e.g. targeted by state actors or whatever, they could just get a specialized phone, not a mass market one).
They already have non-E2E-encrypted iCloud backups where they give access to the Feds and others.
The same argument could be made for any security hardening. Why bother with MFA, biometrics etc when the chances of being compromised are statistically very low. The reason is that it does happen and on a scale that's hard to quantify.
We have examples in Australia of ordinary citizens being targeted by China for promoting Hong Kong or showing support for Uyghur Muslims. And evidence has come to light that their phones and cloud accounts were hacked and friends/families targeted.
So for me personally I will take security hardening any day over saving a few bucks to go to a cheap screen repairer.
>The same argument could be made for any security hardening. Why bother with MFA, biometrics etc when the chances of being compromised are statistically very low.
No, the chances there are statistically very big. Because a thief might get your phone, and then can exploit access to it without MFA, biometrics, etc, and stole your bank account, data, etc.
But the chances of people (a) getting your phone, (b) replacing the camera module and compromising the OS, (c) giving your phone back without you noticing, to get your data, are statistically tiny.
And we've somehow managed for 15 years of smartphones without those mitigations...
>And evidence has come to light that their phones and cloud accounts were hacked and friends/families targeted.
Where they hacked in the way we're talking about here? If not, how is this relevant?
Give me a break. A screen swap in a modern smartphone is not something you can do in a bar in the time it takes somebody to go the bathroom. You need tools like a heat gun to even get the things open which greatly greatly limits the scenarios where and when something like this could occur.
Yeah, sure. Let me put millions to compromise a supply chain and get access to what thousands of people are sending on their WhatsApp accounts /s.
There is a reason why any type of security analysis needs to depend on your treat model. Unless the target is worth it, it doesn't make sense to do what you described.
Instead, millions of people lose a option of doing their screen repairs for cheap. And of course, Apple will have access to more money as always. But sure, security...
What are you on about? All you'd need to do is find the place where your target is going and either bribe the teenager behind the counter or, depending on the value of the target, compromise the distributor from wherever the parts are coming. This is neither expensive nor difficult to do.
> All you'd need to do is find the place where your target is going and either bribe the teenager behind the counter or, depending on the value of the target, compromise the distributor from wherever the parts are coming. This is neither expensive nor difficult to do.
Sure you won't find strange that your smartphone disappear and appear later on, probably turned off (or at least asking for password) because I can't imagine someone doing this procedure with it powered on.
BTW, if you're really a so important target that your life depends on your phone not being tapped, you probably at this point would just throw away your phone and buying another, even if it is completely secure (that I am sure it iPhones isn't). I can imagine many other ways of compromising your privacy just by adding a small GPS tracker or something similar, and this way I don't even need to have access to the original hardware.
Now, of course only a small handful of people needs that amount of security. For most people, having hardware-level encryption of the data contents is fine, of course with trusted path with the bio-metric sensors so a just swap of parts doesn't give access to all its data. This level of security is available in any Android/iPhone. Anything else is just justification to allow Apples to earn even more money.
> If your argument is that insecure devices are ok for most people, you’ve already lost.
Quoting things out-of-context is really bad.
What I meant for that amount of security is the kinda of security where if you lose your device from your sight consider it already compromised. People that needs that amount of security will not be better with the Apple's new security theater.
Android devices are sufficient secure if they're up-to-date (this is not always true, sadly). iPhone devices are secure when they're up-to-date (more likely) and not suffering from the 0-day exploit of the week (that is happening more and more frequently). Arguably every iPhone user would be much better if Apple started to take software security more seriously, but they prefer to increase their profits by making screen repairs harder "in name of security".
Just to make it clear: you don't need to have "Apple certificated repair shops" replace the screen to have secure bio-metrics. The Google Pixel 6 shows this, you can change the screen, this will disable the bio-metrics until the device is re-calibrated (that doesn't need special hardware). Once re-calibrated the device will wipe itself, so there is no security issue here [1].
But even still, this is probably too much. 0-days seems to be so bountiful those days that buying a 0-day seems to be much cheaper than doing custom hardware, even when the hardware itself is not authenticated. Still, if you're gonna do it, do as Google at least.
As far as I know they didn't trash their reputation among normal end-users, as long as they don't know or care apple can pull shit like that all day while still raking in money from the "security-conscious" crowd.
Also as far as the NSA is concerned, surely it'd be easier if they have a single supply chain where they are guaranteed to be able to compromise every single iPhone?
Seems a lot easier than compromising some random repair shop.
