We need to have a serious chat about iPhone repairability. We judged the phones of yesteryear by how easy they were to take apart—screws, glues, how hard it was…
If a lock is broken, then you might call a locksmith to fix or replace it. This is something that happens frequently and isn’t as absurd as you make it out to be.
I’m not saying it has to be absurd, but no one is acknowledging that the security risks are real, and requiring a lesser standard of security is a cost of legislating this stuff, which it is the editorial stance of ifixit to support
No, you can’t, because that isn’t a good analogy. Those two situations are not at all the same, but I’ll humor you.
The analogy you’re making is like saying only the company who makes doors is allowed to change the lock on your door, and they’re allowed to just stop offering the lock-changing service whenever they want. They also conveniently put a mechanism in so that whenever a third-party locksmith comes, your door falls apart. Your only option is to buy a new door, doorknob, frame, and hinge because your lock is worn out.
That’s a bad comparison because I wouldn’t let a random Internet stranger fix my phone either, but I would allow an actual locksmith to change my locks.
It absolutely could, if the processor trusts that the data coming from the faceid sensor is accurate, the faceid sensor can simply lie. You’re removing a layer of defense, which necessarily impacts security
I think he think the face id just says “yeah, that’s right, unlock” and the phone unlocks. So if you put in a custom one that always says “yeah unlock” it will just always unlock. As if the person putting in the thing couldn’t see the data on your storage anyway
Never owned an apple device, so I might be drastically off base here.
Is face id actually its own unit, including authentication storage?
If I were designing the iPhone, I’d just use a camera that relays the data to the CPU, and authentication happens there. If it operates like this, a more accurate comparison is I’d let a third party reputable locksmith change my locks, but I’ll set the key pins myself after.
So then you’ll let me change the locks on your front door to one I choose?
If a lock is broken, then you might call a locksmith to fix or replace it. This is something that happens frequently and isn’t as absurd as you make it out to be.
I’m not saying it has to be absurd, but no one is acknowledging that the security risks are real, and requiring a lesser standard of security is a cost of legislating this stuff, which it is the editorial stance of ifixit to support
The security risks aren’t real. They are simply trying to scare off people like you who will repeat nonsense over and over again.
Ok, so I can come change your locks then
No, you can’t, because that isn’t a good analogy. Those two situations are not at all the same, but I’ll humor you.
The analogy you’re making is like saying only the company who makes doors is allowed to change the lock on your door, and they’re allowed to just stop offering the lock-changing service whenever they want. They also conveniently put a mechanism in so that whenever a third-party locksmith comes, your door falls apart. Your only option is to buy a new door, doorknob, frame, and hinge because your lock is worn out.
Not how it works lmao
That’s a bad comparison because I wouldn’t let a random Internet stranger fix my phone either, but I would allow an actual locksmith to change my locks.
If you swap the faceid, you still need to unlock the phone with your passcode to re-enroll faceid.
I guess that’d be more like you changing the outside doorknob.
Removed by mod
It absolutely could, if the processor trusts that the data coming from the faceid sensor is accurate, the faceid sensor can simply lie. You’re removing a layer of defense, which necessarily impacts security
What’s the faceid sensor going to do, brute force a damn cryptographic collision with the cyphertext of your faceid?!
If you have even the first fucking clue, even in the broadest of strokes, I’d really be interested in hearing about how this would actually work.
I think he think the face id just says “yeah, that’s right, unlock” and the phone unlocks. So if you put in a custom one that always says “yeah unlock” it will just always unlock. As if the person putting in the thing couldn’t see the data on your storage anyway
Never owned an apple device, so I might be drastically off base here.
Is face id actually its own unit, including authentication storage?
If I were designing the iPhone, I’d just use a camera that relays the data to the CPU, and authentication happens there. If it operates like this, a more accurate comparison is I’d let a third party reputable locksmith change my locks, but I’ll set the key pins myself after.