Follow

New Macbooks and Imacs will brick themselves if they think they're being repaired by an independent technician
boingboing.net/2018/10/04/welc

@doctorow This is a straight up violation of the Magnuson-Moss Warranty Act

@matt @doctorow Apple is above the law, they don't give a shit

@matt @doctorow it's their solution to prevent hardware tampering by attackers / state actors. This is a huge step forward in security. However, they should be required to offer a free service to easily and quickly validate/approve the repair if it's done by third party.

These headlines are bullshit and you know it.

I for one welcome this with open arms. Fuck the NSA.

@feld @matt @doctorow maybe a more low tech solution like a slip of paper with the unlock codes might be a good idea, doesn't rely on running some server in perpetuity.

Not sure if it is quite bullshit headline if Apple is also fighting right to repair.

@feld @matt @doctorow "new macbooks now slightly more resistant to the evil maid and similar attacks" doesn't generate the proper outrage
@feld @matt @doctorow but of course, to be expected from people who actively campaigned to have the linux desktop security lag 10 years behind the rest of the world by ideologically sabotaging uefi and secureboot...
@matt @doctorow @pony UEFI is a tire fire. We can do better. We've done better. It was called Sun OpenBoot.

@feld @matt @doctorow @pony
Did OpenBoot have an analogue to SecureBoot? A way to have a chain of trust from boot through to the OS?

@dar13 @pony @doctorow @matt I can't speak to that. I will have to do some research. SUN was ahead in a lot of areas, but unsure if this was something on their radar yet.
@pony @matt @doctorow secureboot was sabotaged by Microsoft unless you're referring to something else
@feld @matt @doctorow yes and no... they hijacked it for themselves quite hard, but whatever the eff people did during that times (and are doing to this day) set us back a lot

@feld @matt @doctorow
Surely the US govt. can't compel Apple to provide unlock codes for any interdiction it desires and surely China doesn't have all the T2 IP and documentation it requires to generate its own and surely Israel doesn't already have an active exploit. It is a nation state countermeasure and not vendor lock-in feature.

@doctorow
Yet another reason I'll never spend money on any apple product.

@doctorow I'm guessing the story behind that is to make interdiction attacks harder (cf. the recent Bloomberg headlines about China modifying server boards with backdoor chips) but it also just so happens to hurt legitimate reasons to swap hardware :blobcoffee:

@doctorow

I like this and hate this all at the same time. It means someone cannot make unwanted changes to my computer without me knowing it . It also means that I need to take my device into Apple to get it unlocked should I choose to make hardware changes on my own.

As long as the unlock process is straightforward then I do not see the big issue except for parts of the world where Apple stores do not exist.

@doctorow that sounds totaly dystopian... but it kind of closes an attack surface. And if you have enough monney to by apple hardware you are probably rich enough to use the apple-repair-service, or just by a new device.

@doctorow Somebody needs to leak that "Apple Service Toolkit 2" utility. For the common good.

@doctorow This is why I will only use Free Software and Hackintoshes from now on (I like OS X too much and am unwilling to change my keyboard muscle memory)

Sign in to participate in the conversation
La Quadrature du Net - Mastodon - Media Fédéré

Bienvenue dans le media fédéré de la Quadrature du Net association de défense des libertés. Les inscriptions sont ouvertes et libres.
Tout compte créé ici pourra a priori discuter avec l'ensemble des autres instances de Mastodon de la fédération, et sera visible sur les autres instances.
Nous maintiendrons cette instance sur le long terme.