Follow

Bootlickers: We don't need , et. al. would never stop us from repairing our devices!

Apple: boingboing.net/2018/10/04/welc

Let's be clear about this. The sequence of events goes thus.

1. Consumer _purchases_ $1000+ computer.

2. Consumer's device has hardware problem

3. Consumer takes device they own to a technician

4. Device _permanently breaks itself without the consumer's consent_.

This is utterly unacceptable. When I say don't buy apple devices, this is what I mean. Do better.

@tindall I wonder how long it will take for some group to make malware that tricks the computer into thinking that it has been repaired and brick itself.

@tindall the first step to right to repair has got to be explaining this outrage to people. If you told them their cars will lock up and refuse to work if they swap filters at a lube shop instead of the dealership, people would be up in arms.

@tindall there's a lot of bootlicker "just take it to the apple shop lmao" horseshit that ignores the fact not every city (or COUNTRY) has an apple shop, the fact this enables them to charge whatever they want, to discontinue service when a new model comes out, and even *completely refuse service of current-generation devices* as they've already shown they'll do

@emi And, it lets them cover up fuckups like the whole LG 5K display debacle

@feld Design me a threat model where I trust Apple's supply chain, but not my physical security.
@feld Sure. Fine. And maybe you're worth that. That's fine. But I would rather be able to fix my devices and experiment with weird tech, than defend against the NSA. Having this be an unavoidable default isn't security, it's DRM. If you need that level of security, it should be at the buyer level, not the vendor level.

Accepting different levels of risk, types of environments, and levels of risk acceptance is IMPORTANT.
@feld I agree, except for the fact that this is entirely not a threat model that Apple's target market has.

@feld @silverwizard None of the people whose Apple devices I support on the daily are part of that group, and I think you know that most Apple users aren't.

@feld @silverwizard No, and this seems like arguing in bad faith. HTTPS is beneficial to almost all users and has few drawbacks. Where the drawbacks outweigh the benefits, obviously it shouldn't be used.

Some users care more about being able to repair their expensive equipment than defending against nation state actors.

Some care more about security than repairability.

Why not sell different products to each market?

@feld I agree, except for the fact that this is entirely not a threat model that Apple's target market has.

@feld @silverwizard I'm not you, and neither are most people. What makes it hard to have this as an option, rather than a requirement?

The answer is that Apple makes more money this way.

@feld @kaniini @silverwizard that assumption wasn't made; TPM was brought up as an example of a physical security control that can be bypassed by modifying other components.

@feld @kaniini @silverwizard None of this is the point.

The point is, Apple is implementing security measures which are a benefit for few and impose undue and unwanted restrictions on the rest, and I don't see a reason not to sell different products without and without this stuff other than to force consumers who don't have that threat model into their expensive and shady repair process.

@feld @kaniini @silverwizard I don't care. This move hurts their customers and hurts my friends and people I work with, and Apple has been continuously making choices that do that over the last 5 years.

My job has been getting harder because of their business decisions, and so have my client's jobs and lives. Apple tech is getting more expensive with no commensurate increase in features they need.

That's unacceptable.

@feld @kaniini @tindall @silverwizard that's not really the same though, it's not a vendor lock-in. and there isn't really a need to make your cellphone repair something that requires a license. sure, your battery can explode and radio can do nasty stuff, but like...

@feld @silverwizard @kaniini It's not some conspiracy theory. There are people I work with who have been denied repairs by Apple and got their shit fixed by third parties. If that's not an option anyone, people in that situation will lose data and be forced to buy new machines. How is that a good thing?

@feld @kaniini @silverwizard That's not the point. Why is it acceptable for people to lose data that is present on an undamaged SSD, enciphered with keys present on an undamaged SE processor, just because the company that made the thing doesn't want to fix a water damaged video controller and the data was acquired that day and hadn't been backed up yet?

@feld So it's either badly thought out security policy, which hurts consumers. Or it might be monopolism. Or it might be a dislike of getting back devices that have been fucked up by bad repairs. But all of this is bad for customers.
@kaniini @feld @tindall @silverwizard couldn't they just make laptops that are just like old computers, basically a (couple of) processor(s) with an ISA, memory and periferals. No BS. After that the users can make whatever they like.
@feld @kaniini @tindall @silverwizard TPM is a standard, not a particular chip or anything, and you know how apple likes standards. I guess it's feasible someone can break it using a pretty sophisticated hw tampering/side channel attacks/lot of time/something similar & combination of it, but to just casually imply it's not even worth bothering using it is... ok.
@kaniini @feld @tindall @silverwizard it's reasonably a part of the "service" you buy from apple. while i agree there should be an open alternative that doesn't delegate all that shit to apple, last time i checked... there isn't any.

@kaniini @pony @feld @silverwizard This is bullshit anyway. If it was a service they'd have to actually repair people's devices when they bring them in.

@kaniini @feld @tindall @silverwizard so what, the security is part of it either way. also, "your device cannot be repaired unless you can find that printout/whatever you created during an obscure part of the initial setup" is about as amazing as "your device can only be repaired in an authorized store"
@a_breakin_glass @silverwizard @tindall @feld @kaniini no, but it's highly impractical for individual customers. i'm kind of wondering why wouldn't they offer this to enterprise, where some do value their data and security quite highly, but apple is no microsoft, they hate doing it (and given lack of any competition with this, they get away with this)

@pony @a_breakin_glass @silverwizard @feld @kaniini it's really not. I have customers who have their whole device lifecycle managed by me. I have all their keys (enciphered with a passphrase I don't know) and they can get them from me at any time, but they generally don't need them unless they need a repair.

@pony @kaniini @feld @silverwizard @a_breakin_glass ..... but it's far better than having it bricked no matter what. It's a good compromise between convenience and security for these people. Apple is taking that choice away and I think that's bad.

@tindall @a_breakin_glass @silverwizard @feld @kaniini now i kinda agree apple likes to do this because they want to control the second-hand and parts market, which better lets them dictate the price, but realistically, it's not hard to imagine the cost and complexity of a customized system would be hard to justify even if apple really wanted

@pony

But, again, this is not the point. The point is that everyone I know who is deeply embedded in the Apple ecosystem is now beholden to Apple's historically fickle repair policies _no matter what_.

The college students I support don't need defense from the NSA. They need reliable computers that do the jobs they need done and can be purchased once and used until they are actually obsolete, and that includes repairs, which Apple often refuses to provide.

@pony @kaniini @feld @silverwizard It's really not the same. I can back up my key. I can't back up Apple.

@feld @pony @kaniini @silverwizard I don't agree. Neither do my customers, who have had success with this in the past. Why is it good for Apple to take that choice away?

Sign in to participate in the conversation
Cybrespace

cybrespace: the social hub of the information superhighway

jack in to the mastodon fediverse today and surf the dataflow through our cybrepunk, slightly glitchy web portal