zlacker

[parent] [thread] 8 comments
1. circui+(OP)[view] [source] 2023-06-06 16:15:32
“I think at one point they were making it virtually impossible to replace components because they were serial locked.”

They are very much still doing that

replies(1): >>hedora+qB
2. hedora+qB[view] [source] 2023-06-06 18:50:22
>>circui+(OP)
In fairness, most instances of them doing that actually significantly increase the cost of evil maid hardware tampering attacks.

If I could, I'd configure grub or whatever to serial-lock my Linux install to my desktop hardware (and keep a recovery key that would unlock it at another location).

replies(2): >>circui+EM >>rollca+8A2
◧◩
3. circui+EM[view] [source] [discussion] 2023-06-06 19:39:41
>>hedora+qB
The issue is that Apple isn’t giving anyone access to the tools to pair the parts, unless you give them all the information in advance, buy them at possibly inflated prices through their self repair program if they’re even available, and then have Apple remotely approve it afterwards (and this process only really works for individuals, 3rd party repair is more important as most people don’t have the skill)
replies(1): >>hedora+gy3
◧◩
4. rollca+8A2[view] [source] [discussion] 2023-06-07 10:12:57
>>hedora+qB
> If I could, I'd configure grub or whatever to serial-lock my Linux install to my desktop hardware (and keep a recovery key that would unlock it at another location).

This is the general idea behind TPM/Secure Boot, but as you present it, it just sounds like a headache for performing system recovery, at no obvious benefit for security.

What's your threat model? In the 99.(9)% case it's a crook snatching the laptop, wiping the HD, and selling the whole thing and/or the parts. Evil maid is a real threat, but only practical (in terms of sophistication/cost vs benefit) for high-value targets, like C-levels, devs holding company secret keys, etc.

replies(1): >>hedora+Nv3
◧◩◪
5. hedora+Nv3[view] [source] [discussion] 2023-06-07 15:56:17
>>rollca+8A2
I don't really care if the desktop gets snatched. I'm more worried about old tax returns, the credentials stored in its password manager, etc. Breaking in twice (once to install a bump in the wire key logger, and once to walk away with the machine) would lead to at least 10x more payout for a burglar.

Also, ignoring what it is worth to the attacker, having to roll over all my credentials, freeze accounts, etc, etc, because my desktop was stolen would cost way more of my time than buying a new desktop (happily, the drive is encrypted).

replies(1): >>rollca+vU7
◧◩◪
6. hedora+gy3[view] [source] [discussion] 2023-06-07 16:05:30
>>circui+EM
If I was running a third-party unauthorized repair shop, then I'd care. However, I just don't see why I should care, as a customer. Also, I have trouble wrapping my head around the standpoint that people want to pay the Apple "it always sort of works" tax, then spend lots of extra time trying to save $50 on a repair.

When I mess around with hobby hardware, it's esoteric stuff, not readily-available laptops that are being built by the millions. For that, sometimes you need a volt-ohm meter, or diagnostic rigs.

Every few years I even bring some piece of a Linux box to a repair shop, to narrow down some fault.

However, Macs are all identical, so repairs boil down to "yank component, throw in the recycling shredder box, and (if you just replaced the mainboard) restore from iCloud Backup". Apple hardware switched over to being livestock, not pets a long time ago, so I'm not seeing the point in spending lots of effort on custom repairs (vs. replacing + recycling the bad components).

replies(1): >>circui+7Z4
◧◩◪◨
7. circui+7Z4[view] [source] [discussion] 2023-06-07 21:58:45
>>hedora+gy3
Because as a customer you should have the choice to get a repair from whoever you want. Even if you only go to Apple, competition will force their prices down somewhat.

"pay the Apple"

It's not just Apple doing this

"then spend lots of extra time trying to save $50 on a repair."

What if you're trying to save precious data? Apple don't make much effort to do data recovery because they don't care; you can fund 3rd party repairers who absolutely do. What if you got the device second hand? What if it's not $50, but $1000+? I've seen a video where Apple tells a journalist they have to buy a new Mac, and a 3rd party repair shop fixes it for free because it was such a small issue that Apple didn't even check for. https://www.youtube.com/watch?v=o2_SZ4tfLns

"Macs are all identical, so repairs boil down"

This is the problem; Apple is pairing parts to devices, so if you use a 100% genuine part from a new device it still won't work

replies(1): >>hedora+dC5
◧◩◪◨⬒
8. hedora+dC5[view] [source] [discussion] 2023-06-08 03:00:19
>>circui+7Z4
> What if you're trying to save precious data? Apple don't make much effort to do data recovery because they don't care; you can fund 3rd party repairers who absolutely do

I keep backups, both in iCloud and elsewhere. Apple makes it a headache to avoid doing this, and they apparently finally added proper E2E encryption support.

I guess I think of Apple computers more like generic corporate fleet vehicles, and Linux boxes more like classic cars.

I really don’t think anyone cares if a ford dealer irreparably destroys 1% of the bottom trim white F-150s they maintain, and also forbids the people that bought the service contract from opening the hood.

None of that applies to a mustang shelby, but that’s a different part of the market.

Maybe some people really like their macs / phones, and don’t just use them like interchangeable boring tools.

◧◩◪◨
9. rollca+vU7[view] [source] [discussion] 2023-06-08 17:23:40
>>hedora+Nv3
Sounds like paranoia.
[go to top]