General > General Technical Chat
Ah, here we go again with the “eco” phone nonsense.
Fixed_Until_Broken:
--- Quote from: tooki on October 14, 2021, 09:51:38 am ---
--- Quote from: Fixed_Until_Broken on October 13, 2021, 11:58:21 pm ---Yes, People moan and complain about apple because they make repair harder in the name of "security". An example of such would be locking you out of the bootloader. But this amazing "security" has been defeated by tools like checkm8. They also serialize parts in the name of "security" but this is the same type of "security" that the TSA offers. It's known as a security circus or security theatre. basically, no real security is added by serializing the screen, battery, or camera. If I can make a device that can spy on you I can make a device that can spoof a serial number. serializing parts is not securing anything at all. BTW don't believe me there are tools on the market for cloning apple serial numbers right now.
You are yet to make a valid point. keep reaching.
Please do not bash 3rd party repair when you clearly do not understand one bit of what you are talking about. You are slandering the hard work of many businesses with more baseless claims. It is outright egregious to claim 3rd party repair will compromise your device.
"Any fool can speculate, most of them do"... The quote is actually "Any fool can criticize, condemn and complain-and most fools do" by the way
--- End quote ---
I don’t think the hardware and firmware security is even distantly pointless, as you suggest it is. No, it’s not perfect. But it has served to keep iOS FAR more secure as a platform for a typical user. It’s impossible to know exactly how much it’s prevented, but I don’t think it’s farfetched to believe that without it, there would be a lot more malware, ransomware, etc. Not to mention that I think it’s a good thing that law enforcement doesn’t have ready access. Yeah, it eventually gets broken, but rarely right away.
And some things, like biometric security, really, really need to be done on secure hardware. Doing those on unsecured hardware is reckless.
What I do believe, however, is that Apple should become more open about providing original parts to whoever needs them.
--- End quote ---
I did not say hardware and firmware security is pointless I said serialization is pointless because it's easily spoofed. It is a security circus. If you're just going to say send a message across a normal protocol like SPI and just respond back an unencrypted string of numbers that is not security. It's a joke to defeat that but it's ruining 3rd party repair. Plenty of word-class security firms and government agencies agree that giving 3rd party repair access to parts and tools does not compromise security.
The argument against what I just said is also the argument against the serialization of parts. " But you would have to physical access to the device to sniff the datalines..." Yeah, and you need physical access to the device to swap the part out with this hypothetical spy chip. If you want to end-to-end encrypt the communication from the battery to the CPU then I will believe you it's about security but just adding a serial number is a joke. This fear-mongering is insane.
let's take a hypothetical that I am making something malicious. I want to make a battery that will catch on fire every time the user leaves it plugged overnight. So a remove the BMS in this battery and make my own bms, program it with the phone serial number that I got from the old BMS and now with the phone asks for the charge state just 98%-0% and then when they charge it to let it keep charging past 100% until it starts a fire.... your serial number did nothing to stop this. obviously glossed over a lot to make this happen but serialization won't stop someone who actually wants to attack you.
Edit: encrypting the thumbprint scanner and serializing the screen, battery and microphone are two completely different things. I am talking about unencrypted serial numbers. do not try to put words in my mouth about biometric security.
Halcyon:
--- Quote from: tooki on October 14, 2021, 09:42:46 am ---That may be so for their paid hosted services, but you can’t pay your way out of Google tracking you around the internet to show ads.
--- End quote ---
You absolutely can.
If you think Apple is somewhat more "trustworthy" than Google, you're sadly mistaken.
james_s:
I trust Apple more than Google simply because Apple is not an advertising company and does not depend on harvesting marketable data. That is not to say I particularly trust either one though, or any other company. The primary reason I chose an iPhone is it was the only decent small smartphone I could find. Also I like imessage better than SMS because I can text my friends in Canada for free.
daqq:
--- Quote from: eti on October 13, 2021, 07:21:07 pm ---I trust Apple - they have a vibe of decency about them
--- End quote ---
:-DD :-DD :-DD
tooki:
--- Quote from: Halcyon on October 15, 2021, 03:30:22 am ---
--- Quote from: tooki on October 14, 2021, 09:42:46 am ---That may be so for their paid hosted services, but you can’t pay your way out of Google tracking you around the internet to show ads.
--- End quote ---
You absolutely can.
If you think Apple is somewhat more "trustworthy" than Google, you're sadly mistaken.
--- End quote ---
Sorry, but you’re dead wrong.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version