Surely if the FaceID module provides a key to decrypt the encrypted contents of the phone, if you swap a module then another module might be able to verify a face but not provide the correct key, and the phone remains locked? If, before you remove the module, you wiped the phone then of course no key is required..
Having a module which could be removed and replaced just say Yes or No would seem to be a very poor design. Also in that case, Apple could presumably authorise a new module, meaning they would retain the capability to break into any phone (which I understood they did not want)
That wouldn’t prevent the case of “the module is swapped for one that unlocks no matter what, and upon noticing the phone isn’t unlocking, the owner resets and sets up Face ID again” right?
Upon noticing the phone isn't unlocking and reading the big warning message that the Face ID module was replaced, which doesn't seem like a big threat vector to me.
I think it is because it’s not “the module is swapped for one that unlocks no matter what, and upon noticing the phone isn’t unlocking, the OWNER resets and sets up Face ID again”, but “the module is swapped for one that unlocks no matter what, and upon noticing the phone isn’t unlocking, the THIEF resets and lets the owner set up Face ID again”.
They’re also is the case of “Steal two phones, swap a few parts, reset the phones, and sell them second-hand”. Both phones will have 100% genuine parts.
> “the module is swapped for one that unlocks no matter what, and upon noticing the phone isn’t unlocking, the THIEF resets and lets the owner set up Face ID again”
The thief wouldn't have been able to reset Face ID, would they? Also it would make sense to warn a second time when you go to set up Face ID again.
If they reset the entire phone, uh, they could have handed you a different phone entirely. I don't see how part swapping is the problem here.
> They’re also is the case of “Steal two phones, swap a few parts, reset the phones, and sell them second-hand”. Both phones will have 100% genuine parts.
What role does the part swap have in this scenario? What stops me from simplifying it to "Steal two phones, reset the phones, and sell them second-hand."? Because if that simplification is valid, then this scenario has nothing to do with repairability.
Apple could still use keys to validate the module is genuine. Then you just need to trust Apple to not release compromised modules. They need to just stop pairing the individual modules to the phone.
I was under the impression that it was all stored in the iPhone's secure element, which is part of the main processor? But they're paired cryptographically - to ensure the data isn't faked. And I would think there is some calibration data. Maybe that's wrong though - are there any docs you can link?
>Can’t swap it else anyone can unlock your phone with a swapped FaceID module.
I think some very highly paid engineer at Apple could figure out this simple solution. "If the FaceId, Fingerprint Reader is compromised you fallback to the password, there should always be a password/PIN for special cases".
Just in case those engineers could not coem up with such ideas , Apple(and others) you can use my idea for free, I will donate it to you for the environment sake.
There is: Take it to Apple and pay to have it fixed by them ;) I dunno if Touch ID is on the list of things they let you do yourself these days, but if so you "only" have to use their kit, which also lets you verify the parts IIUC
Apple tends to overcharge for repairs and even if not it’s better to have competition. The kit isn’t really practical for most people or repair shops, it’s probably mostly a PR stunt
OK, some people downvoted this, so let me explain:
Overcharging: Apple tends to replace whole assemblies rather than individual parts, and don't do board-level repairs or anything. Apple staff are generally just following a procedure and aren't allowed to/aren't trained to solve problems in the best way. Here's an example of them charging for a whole motherboard replacement when the issue was a bent pin: https://www.youtube.com/watch?v=o2_SZ4tfLns
Some people might be OK with this, but not everyone; competition is important!
About the self/independent repair program: The self repair program allows you to order one part at a time and you have to have the device to do it. Realistically, almost no one will do it themselves, and will use a repair shop. The program is impractical for repair shops, because they can't stock parts in advance. The other option is the independent repair program, which effectively turns you into a shipping centre for Apple; it bars you from doing anything but the most basic repairs without sending it to sending things off to Apple and they will do random inspections on your store and fine you if you're actually offering good service like board level repair or using cheaper aftermarket parts. So it's likely that both are mostly just PR stunts to get ahead of regulation while also not making a significant change to their business
I was sarcastic dude, it is clear that Apple is anti independent repair, I should be able to sell my old broken phone for parts, those highly paid engineers should be able to figure it out if management gives them the task to do it.
Having a module which could be removed and replaced just say Yes or No would seem to be a very poor design. Also in that case, Apple could presumably authorise a new module, meaning they would retain the capability to break into any phone (which I understood they did not want)