Any technique with makes it impossible to repair or recondition by definition also makes it more difficult to pwn. See https://news.ycombinator.com/item?id=35954422 for one example.
You can also buy fake iphones today which are near indistinguishable from the real thing unless you have a deep knowledge into the product, you can have a look on youtube.
Preventing repairs did not help them on that aspect.
I did read the article, no it's not a genuine piece of hardware, they changed the microcontroller.
And by the way, it's also possible to do the same exact thing in an iPhone right now, somebody could totally hook up a microcontroller with a microphone straight to the battery.
If you want to go all the way, you can also replace the whole device straight with a fake iphone and record everything.
> I did read the article, no it's not a genuine piece of hardware, they changed the microcontroller.
They took the genuine piece and swapped some stuff out and modified firmware, not just made a straight up fake. That's why it was hard to detect, it was a completely genuine device on the face of it.
> And by the way, it's also possible to do the same exact thing in an iPhone right now, somebody could totally hook up a microcontroller with a microphone straight to the battery.
Yes. But that is tricky (not much free space in the body to add something new) and can probably be detected visually. However if somebody swapped an existing part like a camera for a fake camera that acts like a camera but also spies on you then it would be tricky to visually see, but the phone would warn you.
> They took the genuine piece and swapped some stuff out and modified firmware, not just made a straight up fake. That's why it was hard to detect, it was a completely genuine device on the face of it.
They could have also made a complete fake as well instead of a partial fake just by keeping the plastic enclosure, this device isn't exactly complicated.
> Yes. But that is tricky (not much free space in the body to add something new) and can probably be detected visually. However if somebody swapped an existing part like a camera for a fake camera that acts like a camera but also spies on you then it would be tricky to visually see, but the phone would warn you.
That's kind of a ridiculous threat model anyway, those targeted attacks are just going to hack the iPhone and stream the camera in software whenever they want with some custom payload.
> They could have also made a complete fake as well instead of a partial fake just by keeping the plastic enclosure, this device isn't exactly complicated.
In case of this device, sure. But it would be much more costly and error-prone, build your own PCBs etc. But in case of iPhone we don't worry about them building fakes from scratch, because those would be easy to tell on the spot. We worry about a genuine phone with fake parts.
> That's kind of a ridiculous threat model anyway, those targeted attacks are just going to hack the iPhone and stream the camera in software whenever they want with some custom payload.
As it is now these phones are not so easy to hack without user proactively installing malware and many of them would survive only until the next OS update or security response payload. A hardware attack is more compelling.
By "did not help", you meant "did not completely 100% solve the problem", right? In the same way that seat belts do not help traffic fatalities because there are still traffic fatalities?
No, I meant that it did not solve any issue in this area at all, fake iPhone are as easily available as other fake brands. It's 0% affecting fake products which have their own separate supply chain anyways.
Again, the existence of X does not mean that all efforts to reduce the incidence of X were completely useless and therefore should not have been undertaken.
Fake iphones don't and won't use any genuine parts. So locking said genuine parts achieves absolutely nothing against fakes, so yes that does means that if that's the goal, it's pointless.
It's not about fake iphones. It's about taking a real iphone and swapping a part for non-genuine one that does something you don't expect (or find out)
> Any technique with makes it impossible to repair or recondition by definition also makes it more difficult to pwn.
If you can touch it, you can pwn it. This is applicable to every piece of hardware ever existed, including the M2 Macs. Just because we don't have the (publicly available) tools (yet) doesn't mean that they can't be pwned.
More difficult? Yes. So difficult that currently thrown away Macs with Activation Lock on are solid e-waste? Yes. But don't expect it to stay so forever.
You can also buy fake iphones today which are near indistinguishable from the real thing unless you have a deep knowledge into the product, you can have a look on youtube.
Preventing repairs did not help them on that aspect.