My computer contains much more important information than my phone and there certainly isn’t any parts pairing BS there. I would never trust any biometric authentication alone for securing sensitive information. It’s good to use in addition to a secure password though.
Skrufimonki@lemmynsfw.com 9 months ago
Needed to add price gouging for parts into the bill
Outlawing Product Pairing
Proctor called the legislation “the best bill yet” because it goes a step further than other state’s right to repair laws by calling out and making illegal “product pairing,” in which onboard software makes it impossible to install parts that aren’t from the manufacturer.
Product pairing has become a favorite way for companies to make sure that products they sell are repaired only by them, and it’s not covered in any of the other state’s right to repair laws. Apple relies on product pairing extensively. iPhone owners, for instance, generally can’t replace any parts unless the phone can determine that the replacement is a genuine Apple replacement part. This led Apple, which has supported right to repair legislation in other states, to lobby against Oregon’s bill.
“We remain very concerned about the risk to consumers imposed by the broad parts-pairing restrictions in this bill,” Apple’s principal secure repair architect, John Perry, said in February at a legislative hearing.
“An iPhone contains its owner’s important personal data including financial, health, and location information, and this bill introduces the possibility that Apple would be required to allow unknown, non-secure third-party Face ID or Touch ID modules to unlock that personal information,” Apple said in a statement on March 4. “We will continue to support repair legislation, but strongly believe this bill does not offer the consumer protections Oregonians deserve.”
That’s all horse-hockey, of course, and basically a way for Apple to publicly support right to repair while denying it to its customers, as noted by iFixit,>
cmnybo@discuss.tchncs.de 9 months ago
JustinTheGM@ttrpg.network 9 months ago
Absolutely! Biometrics are at best a username, not a password.
jayandp@sh.itjust.works 9 months ago
“An iPhone contains its owner’s important personal data including financial, health, and location information, and this bill introduces the possibility that Apple would be required to allow unknown, non-secure third-party Face ID or Touch ID modules to unlock that personal information,” Apple said in a statement on March 4.
What BS. Sure, making sure every fingerprint sensor or whatever has a unique signature would allow you to lock a module to a device to prevent tampering and security bypass. But you should be able to just enter a password or recovery code in order to authorize a new part to be used with your device’s security, then it’ll be the customers responsibility to make sure that the part operates as it should. None of Apple’s business.
Feathercrown@lemmy.world 9 months ago
this bill introduces the possibility that Apple would be required
I’m sorry, are they under the impression that they still own the phone once you buy it?
Noodle07@lemmy.world 9 months ago
They are under the impression that they own you
anarchy79@lemmy.world 9 months ago
[deleted]Feathercrown@lemmy.world 9 months ago
No, are you under the impression that I was? ;)
CookieOfFortune@lemmy.world 9 months ago
They should at least allow some type of registration system for the parts if they don’t allow existing pairing implementations.
blurg@lemmy.world 9 months ago
A registration system where only registered parts are allowed, so no clean room (software engineering) third-party manufacturing? Every single part has to be registered with the original device manufacturer? This seems like a detour around right to repair.
Ottomateeverything@lemmy.world 9 months ago
This seems like a detour around right to repair.
That’s because it is. That’s all Apple does. Every time they get brought to court around shit, like the app store stuff in EU that just happened, they make it intentionally as difficult as could possibly be while still technically following the request. It’s malicious compliance at every step of the way even when they get caught. They’re so anti-consumer it’s not even funny.
douglasg14b@lemmy.world 9 months ago
One wheel as well is a notable example for me.
Personal EVS shouldn’t be completely unrepairable and unmodifiable. Just disconnecting the battery will brick it and you have to send it back to the manufacturer…
Usernameblankface@lemmy.world 9 months ago
[deleted]ChillPill@lemmy.world 9 months ago
Absolutely. Hugh Jefferies on youtube has done a number of videos over the years demonstrating this.
Ottomateeverything@lemmy.world 9 months ago
Yeah, it’s in the name is “security”. As if a third party camera or back cover is going to break into the OS, harvest super important user data, and then somehow find some way to transmit it back to headquarters.
You know, or they just want to make money off of selling parts at 200% profit instead of Apples 500%.
The idea that this is somehow a security risk is a giant steamy pile of bullshit to keep people buying their garbage.
cm0002@lemmy.world 9 months ago
There is a very small risk if you’re a high value person, like an important politician or something. But those same people are incredibly unlikely to have something repaired over just buying a new one, so yea bunch of horse shit lmao