this post was submitted on 27 Mar 2024
50 points (93.1% liked)

Apple

17482 readers
47 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
50
Here's What Apple Retail's New Machine to Update iPhones in the Box Looks Like (www.macrumors.com)
submitted 7 months ago by [email protected] to c/[email protected]
28 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 7 months ago (1 children)

I like iPhones, but this is just reckless, it is only a matter of time untill an exploit is found to bypass the certificate check.

For the time being the system is secure, but claiming 100% security based on a certificate checking routine is just dumb.

Look at the PS3, for years it was thought to be unhackable, then exploits were found to bypass the security.

Now, obviously this is unlikely to happen at stores selling new devices as the access to them will be limited, but you can't just claim absolute security.

Will this feature be turned off when the phone is activated? What if it is forgotten about, or deemed unneeded? I could absolutely see a bad guy setting up a system to trigger the update mode, which probably will have lower security since Apple will only expect the devices to activate the system in a store.

What could the bad guy do with the phone in that mode? Probably quite a bit more than the user wants.

[–] [email protected] 2 points 7 months ago (1 children)

Good that you pointed that out, I am sure Apple has not thought about that obvious threat vector. /s

[–] [email protected] 0 points 7 months ago (1 children)

I am sure they have, as an IT guy I just dislike broad statements about how security is not an issue because of X.

[–] [email protected] 1 points 7 months ago (1 children)

Says you, who made a broad statement how this is reckless without knowing more details about it.

[–] [email protected] 0 points 7 months ago

Simply stating an oppinion based on a decade of experience.