this post was submitted on 27 Mar 2024
49 points (93.0% liked)

Apple

17497 readers
100 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago
MODERATORS
top 28 comments
sorted by: hot top controversial new old
[–] [email protected] 15 points 7 months ago* (last edited 7 months ago) (1 children)

That’s pretty interesting. I wonder if they had to change the package design to support this. I’d love to see the patent if anyone can dig it up.

Edit: the patent

https://patents.google.com/patent/US20230393837A1/en

[–] [email protected] 6 points 7 months ago (1 children)
[–] [email protected] 4 points 7 months ago
[–] [email protected] 14 points 7 months ago (3 children)

Crazy that this works. There are some really smart people in this world.

Also cool to see a company invest money into something like this simply for the impact to the customer experience.

[–] [email protected] 10 points 7 months ago (1 children)

The Apple Store experience was so different from what shopping for a computer used to be like. Knowledgeable, friendly staff, computers you can actually use instead of just playing screen savers, and training, repairs, and support at the same place. Not at all like going to a Best Buy or Circuit City.

[–] [email protected] 1 points 7 months ago

My experience has been them selling me products that don't work with my macbook(too old and they said it will work). In the last few years the quality of service has dropped. They claim to have fixed my macbooks multiple times but no parts have been changed and the issues are still present after the supposed repair. Previously (pre 2019) had excellent service from the 3 local stores. Since then it has been equal to best buy. They are no better or worse than any other in my experience, just another company trying to sell you products and get out of servicing them.

[–] [email protected] 5 points 7 months ago

The tech is pretty rudimentary. They just need to make sure that the iPhones have the NFC and qi coils near the edge of the box. Then they’re basically just updating boxed phones like you would update a mesh router node.

The best part about this is that it’s so damn simple. It’s one of those “why didn’t someone else think of this” things.

[–] [email protected] 4 points 7 months ago

Eh, it is a qI charger that turns on the phone, the phone is then programmed to connect to specific network and download the firmware, not that crazy.

I do like iPhones, but there is no need to go crazy about this

[–] [email protected] 4 points 7 months ago (1 children)

Apple are much much smarter than me, so I'm sure have mitigated against this, but this feels like a securirty nightmare waiting to happen:

Bad guy gets hold of the technology, works out an exploit to send unofficial update and then "patches" a containership full of iPhones.

[–] [email protected] 7 points 7 months ago (2 children)

Trusted certificate exchange negates that scenario.

[–] [email protected] 4 points 7 months ago (2 children)

I’m sure it’s fool-proof and no state-level actor will ever find a way around it

[–] [email protected] 5 points 7 months ago

It’s basically the same as updating the iPhone over usb. There has not been a chance to have the iPhone run a modified iOS update in over 10 years now iirc.

It is not like people have not tried.

[–] [email protected] 2 points 7 months ago (1 children)

Why would they attempt to go through unsold iPhones? They can simply force Apple to push updates to all existing iPhones.

[–] [email protected] -2 points 7 months ago (1 children)

If I’m (say) the UK intelligence service and I want to spy on (rolls dice) a group of people in Switzerland- it much easier for me to intercept their packages and patch them in transit then having to talk to Apple.

[–] [email protected] 1 points 7 months ago (1 children)

I disagree. If the packages aren't routed through UK, you'd have to work with other countries secret service, distribution companies, and you have much more legal troubles to consider.

[–] [email protected] -1 points 7 months ago (1 children)

Because clearly a secret service of one country could never infiltrate FedEx’s distribution depot in another.

[–] [email protected] 1 points 7 months ago (1 children)

Because the secret service of one country acting in another country where they don't have jurisdiction is an international political crisis that could lead to war. Don't play dumb.

One means a country forcing a company acting inside that country to do something. The other means one country having to ask another country to be allowed to force a company acting inside the other country to do something. See where one is much easier?

[–] [email protected] 0 points 7 months ago* (last edited 7 months ago) (1 children)

Don’t play dumb.

The irony is strong in this one. But if you really want to believe that intelligent agencies don’t work covertly overseas, I’ll leave you to it.

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago)

I didn't say that, not sure what you're arguing against?

The idea that it's in any way easier to monitor for your targets ordering new phones, then covertly moving personnel into that specific shipping facility, having them find the package, open it, flash it, close it and sending it back on its way while hoping they don't install a new software update, compared to going to a company and saying "deploy this update to that phone" makes absolutely no sense, but you do you.

[–] [email protected] 0 points 7 months ago (1 children)

I like iPhones, but this is just reckless, it is only a matter of time untill an exploit is found to bypass the certificate check.

For the time being the system is secure, but claiming 100% security based on a certificate checking routine is just dumb.

Look at the PS3, for years it was thought to be unhackable, then exploits were found to bypass the security.

Now, obviously this is unlikely to happen at stores selling new devices as the access to them will be limited, but you can't just claim absolute security.

Will this feature be turned off when the phone is activated? What if it is forgotten about, or deemed unneeded? I could absolutely see a bad guy setting up a system to trigger the update mode, which probably will have lower security since Apple will only expect the devices to activate the system in a store.

What could the bad guy do with the phone in that mode? Probably quite a bit more than the user wants.

[–] [email protected] 2 points 7 months ago (1 children)

Good that you pointed that out, I am sure Apple has not thought about that obvious threat vector. /s

[–] [email protected] 0 points 7 months ago (1 children)

I am sure they have, as an IT guy I just dislike broad statements about how security is not an issue because of X.

[–] [email protected] 1 points 7 months ago (1 children)

Says you, who made a broad statement how this is reckless without knowing more details about it.

[–] [email protected] 0 points 7 months ago

Simply stating an oppinion based on a decade of experience.