[Nathan2055]

Okay so here's the argument I've heard: if arbitrary replacements of the lid sensor were possible, it would be feasible to create a tampered sensor that failed to detect the MacBook closing, thus preventing it from entering sleep mode.

This could then be combined with some software on the machine to turn a MacBook into a difficult to detect recording device, bypassing protections such as the microphone and camera privacy alerts, since the MacBook would be closed but not sleeping.

Additionally, since the auto-locking is also tied to triggering sleep mode, it would be possible to gain access to a powered off device, switch the sensors, wait for the user to attempt to sleep mode the device, and then steal it back, completely unlocked with full access to the drive.

Are these absolutely ridiculous, James Bond-tier threat assessments? Yes, absolutely. But they're both totally feasible (and not too far off from exploits I've heard about in real life), and both are completely negated by simply serializing the lid sensor.

Should Apple include an option, buried in recoveryOS behind authentication and disk unlock steps like the option to allow downgrades and allow kernel extensions, that enables arbitrary and "unauthorized" hardware replacements like this? Yes, they really should. If implemented correctly, it would not harm the security profile of the system while still preventing the aforementioned exploits.

There are good security reasons for a lot of what Apple does. They just tend to push a little too far beyond mitigating those security issues into doing things which start to qualify as vendor lock-in.

I really wish people would start to recognize where the line should be drawn, rather than organizing into "security of the walled garden" versus "freedom of choice" groups whenever these things get brought up. You can have both! The dichotomy itself is a fiction perpetuated to defend the status quo.

[ryandrake]

The line should be drawn by the owner of the device.

As the user and owner of the product, I should be the sole decider about my own security posture, not some company who doesn’t know my use case or needs.

It’s crazy how we’ve managed to normalize the manufacturer making these kinds of blanket decisions on our behalf.

[clickety_clack]

Yes it’s wild. Imagine if we decided that people can’t be relied on to install good locks for their doors, so we gave the government responsibility for locking and unlocking your door every time you wanted to leave your house.

A lid sensor is just so peripheral. Where do the vendor lock-ins end?

[kube-system]

Apple is a vendor, not a government.

A more accurate analogy, is like a lock installed on your door by a locksmith that uses proprietary parts available only through locksmiths. Which is exactly how a lot of locks work.

Proprietary technology exists in a lot of places, Apple didn't invent this.

[autoexec]

> Apple is a vendor, not a government.

Apple is worse than a government. They have more money and reach than many governments and unlike many government officials, the public doesn't have the power to vote the heads of apple out of office or vote for who they want as a replacement.

Apple didn't invent proprietary technology, but they leverage the shit out of it in consumer hostile ways just to take even more money from people.

[kube-system]

Governments have a monopoly on the use of force, and they exercise it to compel their citizens to do things whether or not they want to. For example, I have to pay taxes, and if I don't, they will use force against me.

Your relationship with Apple is very different. If you don't like Apple, you can just simply not buy or use their products. You have a choice and they have no way of compelling you otherwise.

[ryandrake]

The inability to use force doesn't make corporate power any less powerful--it only makes it a different kind of power. Yes, BigTech cannot arrest me or throw me in jail, but that doesn't mean that they don't wield other kinds of enormous power over my day-to-day life.

And unlike my (technically democratically elected government), corporations do not have to answer to the people they exert their power over.

[ryandrake]

Yea, that's a much better analogy. We don't want the lock vendor to decide how and when we lock our doors and how we fix them when they break. We don't want our stove vendor to decide what food we're allowed to cook, how many burners can be running at once, and what parts we use to repair it. We don't want our car manufacturer to decide where we can drive our car and who repairs it.

Yet, somehow, when it comes to technology products, we accept the manufacturer butting in to tell us how not to use them, and how not to repair them.

[kube-system]

My stove, my car, and my locks are all opinionated in their design and use proprietary parts. None of them were designed to my personal requirements. Many of the products that I buy do in fact, not work exactly how I want them to, nor do they facilitate my desire to change them.

I can't name a single product in my house that uses any sort of open hardware design, except for the things, I've 3D printed or built myself.

[clickety_clack]

A better analogue then would be that the developer who built your house insists on a specific type of lock.

There’s a whole repairability movement going on to maintain access to third party replacement parts for cars and appliances. This is a recent design choice that is being enforced by manufacturers. Historically, people have been able to repair everything they owned. Locking everything down is bad for consumers.

[Configure0251]

I quite like this analogy, I hope I can remember it for the appropriate moment.

[floatrock]

I dislike Apple's lock-in tactics, but I dislike gross fear-mongering exaggerations even more.

How'd we get to tyrannical government oversight from shitty corporate control? Sorry, I think I slipped on that slippery slope.

The better analogy would be "door lock vendor requires you to buy their door frame to make their door lock work with the security guarantees you chose to buy into."

Government should stay out of our private lives, but this kind of jumpy fear-mongering is what makes people lose focus, and when people are run by fear that's when the real psychopaths start taking advantage. Your fear mongering is creating the very government tyranny you're mongering about.

[jbs789]

You mean like a prison?

[tpmoney]

> As the user and owner of the product, I should be the sole decider about my own security posture, not some company who doesn’t know my use case or needs.

It's not so cut and dry though. The "user" and the "owner" of a product are not always the same person, but hardware security impacts the "user" more than the "owner".

[vlovich123]

How does Apple know the owner of the product has authorized the HW change?

There’s a secondary argument you could make here whereby because the replacements must be valid Apple parts that have uniform behavior and tolerances, the strength of the secondary market is stronger and Apple products have a stronger resale value as a result, because you’re not going to encounter a MacBook with an arbitrary part replaced that you as the second-hand buyer know nothing about (this is why the secondary market for cars doesn’t work without the ability to lookup the car history by VIN).

[userbinator]

Apple doesn't need to know. Once it's sold Apple is no longer the owner.

[kube-system]

And when Apple designed their products, they get to decide how to design it.

You can do whatever you want with your computer. But nobody has to design it the way you like it.

[aurareturn]

What happens when you indirectly cause the machine to fail by installing some shout 3rd party part? Are you still going to claim warranty? Walk into an Apple Store to ask for help?

[userbinator]

We have the https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warranty... to rely on.

[aurareturn]

Huh? Explain more.

[fastball]

What about a work computer? You're not the owner, but presumably you appreciate when can feel that your work computer is still secure.

[userbinator]

If it's owned by the company then I don't care what they do since that's no longer my responsibility.

[doubled112]

That car comparison doesn't work here. You can't be sure about the true history of a car, only what was reported.

When I replace a wheel bearing assembly in my driveway, you still can't see that by looking up my VIN. Nobody knows except myself and the person I bought the parts from.

Was it a dealer part? An OEM part? A poor quality replacement? Can't tell without looking.

This might actually support Apple's side of the argument, although I do not. I don't think we need some Carfax equivalent for MacBooks.

[chongli]

This might actually support Apple's side of the argument, although I do not. I don't think we need some Carfax equivalent for MacBooks.

In some ways, Apple's scheme is better than Carfax. In other ways, it's worse.

It's worse because you can't get access to the repair history of a device.

It's better because you can actually have a reasonable degree of confidence that no "driveway repairs" have taken place since Apple's scheme is not known to be broken.

[ryandrake]

I think we should stop using "driveway repairs" as a derogative term. There's nothing wrong with a car owner repairing their own car. Years ago, that was a very usual, normal thing to do. I replaced my own wheel bearings in my garage, and have been driving on them for 5 years. It's not that difficult, and doing it yourself doesn't make your car unsafe or defective.

Kind of scary how "repairing your own things yourself" has fallen so far out of fashion. We should be applauding and encouraging people to build these kind of skills, not insulting them.

[doubled112]

I would have thought most people here are doing much more complicated work all day.

All four bearings are part of an assembly that bolts in. 8 or 12 bolts depending on position. I'm lucky that I don't even need a press.

The wheel comes off (5 bolts), the brakes come off (2 bolts), the axle/hub bolt comes out (1 bolt), and then on the front there are four bolts holding the assembly to the car. On the rear, nothing holds it on except that hub bolt.

Use a torque wrench to get them to spec. The kits came with new bolts. The axle bolts go on tight tight.

[buzzerbetrayed]

This is my biggest complaint with the strict "my device, my rules" people.

I want Apple to lock down my device to customization, repairs, etc..

I know I am never going to install an app through means other than the app store, even if I could. I know I'm never going to repair my device through anyone other than Apple, even if I could. I want to know that my device will be a $1,000 paperweight to anyone who steals it.

I want to pay Apple to ensure there are no "driveway repairs".

A number of years ago I accidentally ended up with a second hand iPhone with a shitty "fake" screen repair. I had no way of knowing it wasn't an Apple screen. But it fucked me over as soon as it started failing a couple months after I bought it.

I get tired of the people demanding that a company, with willing, paying customers, isn't allowed to protect their customers because they want something the company doesn't offer. Fuck right off with that shit and buy from a company that does offer that.

[bluescrn]

Apple aren’t aiming to protect buyers of pre-owned devices.

If they could get away with it, they’d likely prevent resale entirely.

[worthless-trash]

I feel your'e just mad because your expectations of buying a second hand phone were not met.

[N19PEDL2]

It wouldn't be difficult for Apple to add a page in the device settings that shows whether the device contains any non-genuine components.

[amrocha]

Does your grandma decide her own “security posture”? Does she even know what that means?

[smaudet]

Your grandma is not the target of state level spy rings...

The noise made about security is absolutely ridiculous.

[swiftcoder]

She is however the target of pretty much every financial scam on the planet, many of which rely on convincing folks to hand over the keys to their (digital) castle...

[eviks]

Which financial scams involve such attacks, so is there a single scam that this measure would prevent?

[swiftcoder]

I'm not aware of any that this particular sensor would mitigate. I think the idea that security is only for people targeted by nation-states is not a realistic view of the modern world (and, moreover, if we decide that normal people don't need enhanced security measures, it becomes trivial to identify dissidents by the fact that they implement security measures).

[amrocha]

State hacking tech leaks to average hackers and scammers over time. Scammers today are using nation state tech from a decade ago.

[lupusreal]

My dude, an Indian is going to call your Apple-using grandmother and tell her that he works for "the Microsoft" and he needs her to give him all her banking details, or go to a bitcoin ATM, or buy a stack of $500 gift cards, and she's going to do it.

The sensor in her macbook lid does not matter! Get real.

[amrocha]

Who are you to decide what matters and what doesn’t?

If you were a journalist reporting on russia or the UAE it would certainly matter.

Not to mention that it’s not that hard to imagine an AI tool being paired with 24/7 surveillance that reports back private information it hears.

It’s also not hard to imagine your average hackers getting their hands on a tool like that after a couple years of governments deploying it.

[lupusreal]

You're wack. Do you think a locked down laptop lid sensor will stop them from spiking your tea with polonium, or shooting you with a ricin BB, or breaking into your home when you're asleep and jabbing a needle into your neck while holding a pillow over your face, or kidnapping you and breaking your bones with a sledge hammer until they've gotten their rocks off?

This laptop lid threat is fantasy. Get fucking real.

[deadfoxygrandpa]

both my grandmothers are dead

[amrocha]

What’s the point of this comment?

[defrost]

It answers the question you asked.

Another answer, mine, is that one grandmother flew bombers, jets, spitfires, etc. in WWII and ran a post war international logistics company after that. The other did "stuff" with math.

ie. Both capable of understanding a security posture.

How about your grannies?

You might want to ask well formed questions in future, on a site such as HN the set of all grandmothers is hardly homogeneous.

[jbs789]

You do get to decide (buy another product with a different value proposition).

[isaacremuant]

It's not that crazy when people seem to cheer for a nanny state at every turn. Specially if said nanny state bombards them with propaganda about all the dangers they'll face if they just don't "comply".

1984 references may have seen farfetched but after the suppression of rights using covid as an excuse people have little to no recourse to claim control back. Apple was always famous for their walled garden and tight control, but we have Google becoming like apple (can't install things in your device unless you go to them with your private details), ID to track your movements because "protect the children" (effectively blocking news even), chat control (very similar to installing a camera in your home and recording all your conversations).

Corps and governments are relying on each other to strengthen their control and it's not a surprise.

[bri3d]

Keeping a victim device unlocked when the lock state is responsible for encryption key state is a totally legitimate risk.

With that being said, I don’t think Apple see this specific part as a security critical component, because the calibration is not cryptographic and just sets some end point data. Apple are usually pretty good about using cryptography where they see real security boundaries.

[echelon]

Don't invent reasons for Apple to continue to have a stranglehold over their monopoly of critical computing infrastructure.

Companies as big as Apple and Google that provide such immensely important platforms and devices should have their hands tied by every major government's regulatory bodies to keep the hardware open for innovation without taxation and control.

We've gone from open computing to serfdom in the last 20 years, and it's only getting worse as these companies pile on trillions after trillions of nation state equivalent market cap.

[astrange]

The government regulators also have an interest in knowing the laptops they buy for eg the NSA have authenticated parts to avoid supply chain attacks.

If you're selling cell phones you already spend plenty of time satisfying regulators and vendors from all over the world. The cell phone companies aren't the ones with power here. (In general tech people have no political power because none of them have any social skills.)

[cwillu]

Because the NSA is buying used laptops?

[swiftcoder]

Supply chain attacks don't generally target the second hand market. Much more effective to upstream your attack to the vendor Apple buys parts from in China, and compromise every MacBook in one fell swoop

[astrange]

That's too discoverable to work. Supply chain attacks are by state actors who can interrupt specifically your order on its way to you and silently replace parts in it.

[arcticbull]

It doesn't need to be encrypted if it's one-time programmable. The calibration data is likely written into efuses which are physically burned and cannot be reset.

[bri3d]

The sensor and its data stream would need to be authenticated, though.

[arcticbull]

For the mic cut-off? My understanding is that it outputs an electrical signal that's routed to the audio codec that literally prevents the audio from getting to system memory in the same way a physical switch would. It autonomously, at an electrical level, disconnects the mic without OS or software intervention. As it cannot be programmed again, you would have to crack open the laptop and modify the PCB to override it.

[bri3d]

Oh, I understand now - you're right, OTP sensor data does protect against a real threat model I hadn't considered before:

* A remote attacker gains whatever privilege lets them get to the sensor SPI. * Without OTP calibration, the attacker could reprogram the sensor silently to report a different endstop, keeping the machine awake and the hard-cuts active. * With OTP calibration, this is closed.

So perhaps it is more security-related than I initially thought.

I was more considering the counterfeit part / supply chain / evil maid scenario, where the fact that Apple's sensors are OTP is meaningless (since a replacement sensor doesn't need to be, plus, you could just put a microcontroller pretending to be a sensor in there since there's no actual protection).

Thanks, you made me think again and figure it out!

[KurSix]

A properly gated, user-authorized override in recoveryOS or similar would give advanced users and third-party repair shops a legitimate path without blowing up the security model

[raxxorraxor]

Then Apply tying the angle sensor to microphone status is a security issue. I would read that as a cheap excuse to be honest.

[hayleox]

If repair shops can buy the $130 calibration machine, presumably the super spy in this story (who for some reason couldn't steal the data while they were replacing the lid sensor, nor can they steal the data when the laptop's in use, but somehow can steal the data when it's idle with the lid down) can also get a calibration machine, and then deliberately set the zero point incorrectly.

[naikrovek]

Yes.

“Sure, you can borrow my laptop. It’s fine. Take it home. I promise not to spy on you while the lid is closed. I promise not to record aaaaaany audio or anything! And I definitely won’t hear any conversation that contains information that I’ll use to stalk you later!”

There are a million ways that some nefarious person could spy on another, but at least this isn’t one of them.

And I am a very suspicious person, thanks to some eye opening experiences that I’ve had. When someone says that they want to do something that not a lot of people want to do, I immediately wonder how they will use that against myself or someone else. Because that has happened multiple times to me.

I also hate that I am suspicious of people who want to at least have the opportunity to fully own their devices; something that is perfectly reasonable to want, but I am. What would that additional ability do for them? What will they be capable of doing that they can’t do now? How and when will they use it to get what they want out of someone? Or out of me?

If you don’t think like this, I really envy you. For the longest time, every teacher, every supervisor, every commander, every non-familial authority figure I had until I was probably 35, used and manipulated me for the purpose of advancing themselves. Every single one. The ones in the military didn’t even attempt to hide it.

I’m so scarred because of people convincing me to help them screw me over that I no longer trust anyone who is concerned about things like laptop lid angle sensors. Because who are you trying to screw over and why does that angle sensor stand in your way?

[AnonHP]

> When someone says that they want to do something that not a lot of people want to do, I immediately wonder how they will use that against myself or someone else. Because that has happened multiple times to me.

I’m intrigued. Would you be comfortable sharing some of these real experiences here (with sensitive details fudged/removed)?

[naikrovek]

I'd rather not. They're very foggy memories now, and the ones that aren't are all attempted sexual abuse. Conmen are everywhere, and they will say things in the nicest most innocuous ways possible to sway you to do things for them. They'll do it over time, and they will very gradually ramp things up. "this is just a small change from that, what's the matter" ugh. people suck.

[KurSix]

I think it's possible to advocate for device ownership and repair rights without having malicious intent

[naikrovek]

that is correct. my specific history pushes me in the direction where i suspect malevolence, though. yours might not. but let me tell you; people are absolutely capable of the worst things you can imagine, and if those people require your cooperation they will try the carrot long before they try the stick.

[commandersaki]

I mean nobody expected pager bombs, but here we are.

[saurik]

If you have access to my laptop long and deep enough to replace the hinge sensor with a fake one that prevents the lid from closing as a way to turn it into a recording device -- which of course would also require installing software on it -- instead of just putting a tiny microphone into it (or my bag), you are simultaneously a genius and dumb. And if you really are going to that level of effort, hoping that I don't notice my laptop failing to go to sleep when I close it so you might be able to steal it is crazy when you can 100% just modify the hardware in the keyboard to log my password.

Hell: what you really should do is swap my entire laptop with a fake one that merely shows me my login screen (which you can trivially clone off of mine as it happily shows it to you when you open it ;P) and asks for my password, at which point you use a cellular modem to ship it back to you. That would be infinitely easier to pull off and is effectively game over for me because, when the laptop unlocks and I don't have any of my data (bonus points if I am left staring at a gif of Nedry laughing, though if you showed an Apple logo of death you'd buy yourself multiple days of me assuming it simply broke), it will be too late: you'll have my password and can unlock my laptop legitimately.

> There are good security reasons for a lot of what Apple does.

So, no: these are clearly just excuses, sometimes used to ply users externally (such as yourself) and sometimes used to ply their own engineers internally (such as wherever you heard this), but these mitigations are simply so ridiculously besides the point of what they are supposedly actually securing that you simply can't take them seriously if you put more than a few minutes of thought into how they work... either the people peddling them are incompetent or malicious, and, even if you choose to believe the former over the latter, it doesn't make the shitty end result for the owner feel any better.

[moshib]

I can imagine a different attack vector: A malicious actor doing laptop repairs can absolutely replace the hinge sensor and install software on it. They could draw in people by offering cheaper prices, then steal their info or use it to setup more complex scams.

The counterpoint to this is that car body shops can also plant recording devices in your car. This is true, but the signal-to-noise ratio in terms of stealing valuable data is much lower. I don't have data to back this up, but I assume way more people use their laptops for online purchases and accessing their bank account than doing the same with phone calls in the car.

[ajsnigrutin]

A repair worker can install software on it without replacing the sensor. Also add a tiny mic without installing the software. Or both.

I mean.. someone could replace your cars breakpads with pieces of wood or plastic, which would seemingly brake on the repair shop parking lot but fail horribly (burn and worse) when you needed them after. Somehow we still let people replace brake pads without having to program in the serial numbers.. for now.

[Shorel]

Your laptop can be compromised during a trip to a foreign state, by state actors.

Travelling back you would notice a microphone, and would notice nothing on the laptop.

[knowaveragejoe]

> This could then be combined with some software on the machine to turn a MacBook into a difficult to detect recording device, bypassing protections such as the microphone and camera privacy alerts, since the MacBook would be closed but not sleeping.

Isn't this already possible if the MB is connected to a power source like a portable battery?

[throwaway314155]

Isn't there software that does exactly this? Called caffeine, I believe?

[classichasclass]

ITYM "caffeinate"

  DESCRIPTION
     caffeinate creates assertions to alter system sleep behavior.  If no
     assertion flags are specified, caffeinate creates an assertion to prevent
     idle sleep.  If a utility is specified, caffeinate creates the assertions
     on the utility's behalf, and those assertions will persist for the
     duration of the utility's execution. Otherwise, caffeinate creates the
     assertions directly, and those assertions will persist until caffeinate
     exits.

[vlovich123]

Installing software generally requires user permission. Replacing Hw can be done surreptitiously. At least that’s the strongman variant of the security argument.

[wpm]

`caffeinate` is installed by default on macOS.

[nicman23]

those are over-complicated bollocks. there are easier and less detectable software only ways to do all that.

[arcticbull]

If you were to come up with one, I suspect you'd have a solid bug bounty waiting for you.

[nicman23]

you just set the pc to not sleep on screen down? it is literally a feature

[arcticbull]

As far as I know the mic is still shut off when the machine is set to clamshell mode. That's the point. You cannot use the mic when the lid is closed. It's a hardware cut-off, you cannot configure it in software. Hence my comment about the bug bounty.

[aae42]

$5 USB mic?

[arcticbull]

If the point is to hide the recording that's not a great way. Especially when many corporate IT solutions monitor USB device connections.

[Spooky23]

How you can characterize this type of threat as a “James Bond” fantasy in 2025 is breathtaking.

The Federal government is forensically collecting phones during routine border crossings to see if you reposted Fat JD Vance memes. That’s publicly disclosed and well know.

I have no trouble believing that potential enemies of the state like the governor of California and his cabinet are bugged. If I were a person like that, I’d try to take supply chain countermeasures.

[Lammy]

If we're talking Bond-tier assessments then Apple already sell a covert microphone: AirTags. They “have no microphone” according to product specs, but they do have a huge speaker, and a speaker and microphone are the same thing like a generator and motor are the same thing: https://in.bgu.ac.il/en/Pages/news/eaves_dropping.aspx

[Kirby64]

Just because a speaker can technically operate as a microphone doesn’t mean that AirTags would be capable of this. The speaker driver definitely doesn’t have any recording capability. The only reason the 3.5mm jack mentioned in your article is capable of this is because the jack has functionality to allow analog recording for mic/line in cases. No dedicated speaker driver would have this because it would be worthless and costly.

[ungreased0675]

There’s a fairly large jump between having a microphone and being able to be used as a surveillance device.