If you look back at the history of Apple you'll find they've always been authoritarian control-freaks, ever since the original Macintosh. This is merely another step in the same direction.
The article even says that the repair shops have already found ways around it, so whatever element of "security" it provides is clearly extremely low. It only exists as a (low) bar against third-party repair, with "security" as an excuse.
As the saying goes "those who give up freedom for security..." etc.
The workaround requires physically moving the original chip to new phone screen. Assuming that chip is where the important Face ID stuff happens, this ensures the important component hasn’t been tampered with and would thwart the NSA hardware intercept attacks op mentioned. Can anyone confirm this chip is also where the Face ID profiles are stored/enforced?
That said, I’m still doubtful this is entirely for security. What’s frustrating with Apple is that their moves to secure their hardware at every level also have the effect of tightening their stranglehold on the ecosystem. Unclear what the core motivation is.
So a marginally sophisticated player motivated by say stealing someone's content can still do it relatively easy, but if my 14-yr-old breaks her screen, we're SOL. You don't actually think this would even slow down the NSA do you? It's about Apple locking out independent repair businesses.
Would this stop the NSA? No way. But assuming this component is critical for Face ID security, then yes I do think it would slow down the NSA. And it's probably moot since well-funded state actors have access to RCE 0-days anyway.
But raising the cost of an attack might put it out of reach for lower-level actors. For example, there's a small industry of stalkerware [0] out there where the attacker is someone close to the victim. Like with a couple going through a divorce. This measure might make it infeasible for a stalker to compromise a victim's phone by replacing the Face ID chip with a hacked one.
Is security the only reason Apple's doing this? Not a chance. But I also don't think this is 100% useless security theatre. The better way to combat this is to fight against the false dichotomy Apple presents. They act like there's no middle ground between security and user control.
Rather than say all these security measures are useless, we can acknowledge that they have some value but present an alternative solution. I'm sure there are many options but here's a simple one: Don't put the secure Face ID chip on the replaceable screen! Put it somewhere else in the phone next to all the other secure hardware chips.
If I understand this correctly, this leaves the options of either keeping the existing chip that knows your face but isn’t backdoored, or replacing it with one that is backdoored but doesn’t know your face.
If so, I think it would slow down the NSA. They would have to figure out how to add a new face to an existing chip and, ideally, keep that hidden from the phone’s owner.
The chip establishes an authenticated, encrypted channel for faceID sensor information.
The goal is to prevent someone from silently replacing the camera module with a new device that is no longer capturing local/live data.
Since the ability to replace the camera is audited though, I would assume that this does lock out replacements of the FaceID module by unauthorized third parties, _unless_ there is also a process to do so via a full hardware/storage reset.
> Assuming that chip is where the important Face ID stuff happens, this ensures the important component hasn’t been tampered with and would thwart the NSA hardware intercept attacks op mentioned. Can anyone confirm this chip is also where the Face ID profiles are stored/enforced?
It can't be, otherwise Apples techs would not be able to replace it either. Even if it was, there wouldn't even be a reason to put it on the screen's ribbon cable. It could be integrated into the Apple-designed CPU, making the parts cheaper and more modular (i.e. easier to repair, even for Apple)
Right, the happy middle ground here would be to separate the security critical hardware from the fragile part which often needs replacement. It's unclear whether Apple repeatedly choose not to do this because of lack of incentive, lack of capability, or hostility towards repair.
i know so many inner city repair people, people of color who's business relies on fixing these phones. apple is effectively trying to dismantle these businesses by doing this type of tampering, i don't think it's right and it's effecting an already vulnerable segment of society.
Wow, that’s low. Not only are you needlessly bringing race into this, your comment comes across as deeply condescending to the very people you are purporting to support.
Except that the 'work around' does maintain security since it preserves the original FaceID chip assembly.
"The most sophisticated repair shops have found a workaround, but it’s not a quick, clever hack—it’s physically moving a soldered chip from the original screen onto the replacement. "
I'm not convinced by this - if you look at an iPhone 13's screen, it's entirely separate from the face ID hardware. https://i.imgur.com/D63HrIT.png (screenshot from [0])
On iPhones X through 12, if you kept the Face ID hardware and only changed the display, Face ID would continue to work. On the iPhone 13 series, if you keep the Face ID hardware and change the display, Face ID stops working.
The chip which people are removing seems to serve only to identify the display - nothing to do with the Face ID system. Apple has been using this chip for years to disable "true tone" display functionality when the screen was swapped (unless it was programmed by a proprietary tool, only available to first-party repair shops) - they're now also tying it disable Face ID.
You're wrong to say that the element of security it provides is low because, even with this workaround, you still don't have access to the data on the device. All this "workaround" does is keep the chain of trust from the original device. You'd still need to be able to unlock the device in order to get anything from it. It doesn't reset the FaceID information or bypass it in any way.
way to make a total strawman. that quote about freedom has nothing to do with digital security which enhances your privacy and the knowledge that your phone isn't compromised.
i'm all for right to repair and for apple to provide cheaper repairs and more authentic parts to resellers, but don't be obtuse about the reasoning.
the way around it, as i read, was to solder a chip to another board, which has some information authenticating the part and digital trust chain. anyway, i'm sure people like you just love to find reasons to hate apple, as it's grown to be a sort of cult rivaling the one that supports 'em
The article even says that the repair shops have already found ways around it, so whatever element of "security" it provides is clearly extremely low. It only exists as a (low) bar against third-party repair, with "security" as an excuse.
As the saying goes "those who give up freedom for security..." etc.