I’m a Genius - Apple Self Repair

[James]

 

We ordered a bunch of Apple self-repair tools so today Linus will try to repair and iPhone screen while discussing the merits and pitfalls of Apple's foray into Right to Repair...

 

 

[Just that Mario]

700 USD for all of those tools is damn cheap. I was expecting at least a few thousand for all of that. They were some damn nice tools.

 

I don't get the random stance or claim that the fingerprint sensor/module has nothing to do with security. It quite literally does? If Linus wants to claim it has nothing to do with security, why doesn't he post source of this information? It's about same as saying replacing door lock on your front door has nothing to do with security and when someone replaces it for another door lock, your house is same secure as before.

I do not know exactly how the fingerprint scanner module works, but if I were to guess, then it also stores the fingerprint data in itself and/or does scanning and match verification. If anyone has any documentation on how it works, it'd be great.

 

As for parts requiring phone ID, I am perfectly fine with that. Prevents scalping and other shady BS people would start doing. This means everyone has equal chance and repairs are somewhat registered and legit. Sadly it does not stop repairmen from claiming to use genuine parts, charge for genuine parts, but use cheap Chinese marketplace origin aftermarket replacements.

Personally I never trust any repairmen, doesn't matter if it is cars or smart devices. Unless they come and do the job on the spot and I can verify what they are doing, no third-party is touching my cars or smart devices. Seen too much stupidity and I've come to conclusions majority are just chimps with access to tools.

[adam3914]

Where is the Mac address Screen replacement video mentioned in the video? 

[Bad5ector]

8 minutes ago, Just that Mario said:

If Linus wants to claim it has nothing to do with security, why doesn't he post source of this information?

I haven't had a chance to watch just yet, but I know that I have heard in the past some folks say that things like fingerprint and retina scanners aren't as secure because you can't "update" those types of authentication.

[Just that Mario]

3 minutes ago, Bad5ector said:

I haven't had a chance to watch just yet, but I know that I have heard in the past some folks say that things like fingerprint and retina scanners aren't as secure because you can't "update" those types of authentication.

I don't quite understand what you mean. Update as update to newer hardware in a DIY swap? Overall fingerprint, retina, etc scanners are usually for convenience, not as much as best of the best security. Depending on implementation they can be very secure, but mainly they are just a convenient access method.

[Bad5ector]

4 minutes ago, Just that Mario said:

I don't quite understand what you mean. Update as update to newer hardware in a DIY swap?

No No, like if you want to update your password, you can update your password to make it more complex. But you can't update your fingerprint or your eyeball to do the same. 

 

4 minutes ago, Just that Mario said:

Depending on implementation they can be very secure, but mainly they are just a convenient access method.

I'll see if I can dig up that Mythbusters video where they went to task on a like the "most secure" finger print scanner lock in the world. And in the end they were able to trick it with some pretty basic stuff.

[Ultraforce]

15 minutes ago, adam3914 said:

Where is the Mac address Screen replacement video mentioned in the video? 

My guess is it will be uploaded later

[sub68]

27 minutes ago, Just that Mario said:

I don't quite understand what you mean. Update as update to newer hardware in a DIY swap? Overall fingerprint, retina, etc scanners are usually for convenience, not as much as best of the best security. Depending on implementation they can be very secure, but mainly they are just a convenient access method.

during the hong kong protesting people used mostly passcode locks, as if the indivdual got paralized the govermeant couldnt get though the phone without the person being conscious.

[sub68]

50 minutes ago, Just that Mario said:

I don't get the random stance or claim that the fingerprint sensor/module has nothing to do with security. It quite literally does?

well the phone (main storage) stores the finger print. so why can't I replace said part is its just a sensor.

the finger print sensor doesnt store anything besides the logic board to say hey I aint going to work.

 

I watched the video with a iphone 6s that I replaced the parts from 3 different iphone 6s

[Zodiark1593]

The tools look quite excellent, though they appear to be rather specialized for specific models. If I were to start my own w shop, for example, would I be able to retrofit the tools to work with past and future iPhones?

[sub68]

1 minute ago, Zodiark1593 said:

The tools look quite excellent, though they appear to be rather specialized for specific models. If I were to start my own w shop, for example, would I be able to retrofit the tools to work with past and future iPhones?

I think its just the heating mat that changes.

[mariushm]

Of course it's not for users ... it's to counter right to repair and other things.

Now they can say users have options to repair their phones or rent the equipment to do their own repair to any politician that thinks of right to repair laws and have those laws fail.

They can also appear more green, saying less phones go in the trash because they can now be repaired..

[Just that Mario]

12 minutes ago, sub68 said:

well the phone (main storage) stores the finger print. so why can't I replace said part is its just a sensor.

the finger print sensor doesnt store anything besides the logic board to say hey I aint going to work.

 

I watched the video with a iphone 6s that I replaced the parts from 3 different iphone 6s

source?

[Blademaster91]

1 hour ago, Just that Mario said:

700 USD for all of those tools is damn cheap. I was expecting at least a few thousand for all of that. They were some damn nice tools.

The tools are probably cheap because the tools aren't for the average user, if you're renting the tools and buying the parts directly the cost is about the same as just taking your device into an apple store, which I think is on purpose as Apple wants to get legislators on their side for right to repair laws to fail.

1 hour ago, Just that Mario said:

I don't get the random stance or claim that the fingerprint sensor/module has nothing to do with security. It quite literally does? If Linus wants to claim it has nothing to do with security, why doesn't he post source of this information? It's about same as saying replacing door lock on your front door has nothing to do with security and when someone replaces it for another door lock, your house is same secure as before.

I do not know exactly how the fingerprint scanner module works, but if I were to guess, then it also stores the fingerprint data in itself and/or does scanning and match verification. If anyone has any documentation on how it works, it'd be great.

What does the sensor have to do with security? It is just a sensor, putting data on the sensor would be like a house door lock requiring information about your house in order to work.

1 hour ago, Just that Mario said:

As for parts requiring phone ID, I am perfectly fine with that. Prevents scalping and other shady BS people would start doing. This means everyone has equal chance and repairs are somewhat registered and legit. Sadly it does not stop repairmen from claiming to use genuine parts, charge for genuine parts, but use cheap Chinese marketplace origin aftermarket replacements.

The parts requiring info and needing to be authenticated from apple really only seems to be there to make the repair more complicated, getting most people to not even consider fixing their own phone, when you buy parts from Apple you have to provide the serial number anyway, and putting the parts in another phone or scalping them would be pointless as you wouldn't get full functionality by putting parts into a phone with a different serial number.

Also there would be much less of an issue with with repair shops selling cheap aftermarket parts if Apple would simply sell parts without needing to verify them.

1 hour ago, Just that Mario said:

Personally I never trust any repairmen, doesn't matter if it is cars or smart devices. Unless they come and do the job on the spot and I can verify what they are doing, no third-party is touching my cars or smart devices. Seen too much stupidity and I've come to conclusions majority are just chimps with access to tools.

Well good luck with that, as cars are becoming touch screen tablets with wheels and smart devices like refrigerators and washing machines are made to be replaced when the smart hardware in it breaks, companies want you to take in your car or device for repair, or make it difficult to the point of making it inconvenient for most people.

[TomChaai]

38 minutes ago, sub68 said:

well the phone (main storage) stores the finger print. so why can't I replace said part is its just a sensor.

the finger print sensor doesnt store anything besides the logic board to say hey I aint going to work.

 

I watched the video with a iphone 6s that I replaced the parts from 3 different iphone 6s

It is a sensor, but the data the sensor gather travels over a shared bus, that may be eavesdropped/spoofed or DMAed if the OS drivers are compromised.

What Apple implements is an encrypted connection from the sensor chip to the CPU secure enclave, making any bus eavesdropping or DMA attacks on the fingerprint sensor impossible.

However this does not automatically means the sensor-to-CPU pairing is necessary. Apple implemented a simple per-device shared secret for fingerprint data link encryption. Any attempts to replace the sensor will require re-writing of the shared secret, which if allowed to happen by DIY repair, makes attacks possible again by definition. So when they need to replace the sensor, the only secure way of doing so is to restrict the pairing using specialized tools in a controlled environment, for example, an AASP.

More complex shared secret management is obviously possible, just like smart cards, those things have been invented for a good few decades.

[sub68]

1 hour ago, Just that Mario said:

source?

working with them for awhile

[sub68]

41 minutes ago, TomChaai said:

It is a sensor, but the data the sensor gather travels over a shared bus, that may be eavesdropped/spoofed or DMAed if the OS drivers are compromised.

What Apple implements is an encrypted connection from the sensor chip to the CPU secure enclave, making any bus eavesdropping or DMA attacks on the fingerprint sensor impossible.

true

44 minutes ago, TomChaai said:

However this does not automatically means the sensor-to-CPU pairing is necessary. Apple implemented a simple per-device shared secret for fingerprint data link encryption. Any attempts to replace the sensor will require re-writing of the shared secret, which if allowed to happen by DIY repair, makes attacks possible again by definition. So when they need to replace the sensor, the only secure way of doing so is to restrict the pairing using specialized tools in a controlled environment, for example, an AASP.

I do agree that apple didnt have to do it that way and that it would have been nice to see in setting  you could re write that link

[dogwitch]

snazzy did a good video on this tools. some are solid(in terms of build) other are cheap and costly.

[darknessblade]

12:26 [forum] 14:10 [youtube]

 

This is actually a massive step back for Right to repair.

 

As apple will start to claim: But we provide parts, there is no need to tighten the rules regarding what the user CAN and CANNOT do with their device. [Like legislators forcing apple to give out parts for USB-C/lightning port repairs]

 

Its all to prevent and persuade legislators from forcing apple to allow users to use 3rd party parts or even OFFICIAL parts, that are not bought from apple, without getting blasted with dozens of errors

 

The fact that on IOS 14.4 Beta you can use OFFICIAL parts that are not native to the phone without issues is the only proof you need that this is nothing but a right-to-repair Façade just to  stop legislators from making stricter rules

 

[Imbadatnames]

Apples repair centre operates at a loss that’s why the prices are cheaper 
 

Banging the right to repair drum harder doesn’t make it a good concept. 

[hishnash]

On pricing you mention a third party screen costs $200 so it seems the price apple is charging is not at all that high.


As to if apple is charging you more than they should, the fact is authorised service providers are charged acactly the same for these parts (the company that is managing this of apple is the same company that ships/sells parts to all apple stores and authorised repair centres and they charge the same).

Apple have said multiple time publicly that the in-store repairs are a loss leader and even if the parts were free for apple in store repairs would be a loss leader just based on the rent and rates for the extremely costly retail space the choose to rent, flagship apple stores will have rents per m^2 that are astronomical the space needed to do these repairs is not going to cover the rental cost but I would also not be surprised at all if for apple retail even just based on parts and labour these repair jobs that happen inshore are a loss leader (ignoring rent).  I expect on the books apple retail stores write down the cost of parts just the same as authorised repair stores, and thus just the same as this program.    Screens are the most expensive part in your smartphone (by a large amount) just to product let along the massive R&D and IP licenses etc. 

[hishnash]

12 minutes ago, darknessblade said:

[Like legislators forcing apple to give out parts for USB-C/lightning port repairs]

The reason apple is not providing lighting ports is that apple does not do these reaipairs in there stores. The company apple I using for these parts is the logicaicts company that ships parts to all of apples stores and authorised repair centres would be very strange if the shipped lighting ports to individuals but not to stores. 

[hishnash]

14 minutes ago, darknessblade said:

The fact that on IOS 14.4 Beta you can use OFFICIAL parts that are not native to the phone without issues

You always could do this you would get a warning saying the part is not calibrated, the `software locks` apple have all they do is tell you the part is not calibrated and this is legit since the calibration profile on your SOC will be for the old part so will be wrong as calibration happens per part. 

[hishnash]

3 hours ago, Bad5ector said:

I haven't had a chance to watch just yet, but I know that I have heard in the past some folks say that things like fingerprint and retina scanners aren't as secure because you can't "update" those types of authentication.

apple have said they will support these in the future, I expect this is waiting on a new software calibration pathway. Currently when you finish the repair you need to call them up and a human on the other end opens a web browser and uses the web based calibration tools that apple use in store this is why it is limited to iPhone 12 and 13 since phones before this did not support pulling calibration info over the web they needed a physical cable connected to a Mac running the software. 

I expect apple are working on inlining these tools into the Apple Configurator app so that you don't need to call up a service rep when you finish the repair and so they can support older devices and other devices that do not support web based calibration profile loading (such as Macs). And no they cant just ship the software they use in stores. 

[hishnash]

3 hours ago, KeyedAndLocked said:

The parts are too expensive

Getting a authorised screen from them is about $30 more than buying a third party screen for eBay how is that to expensive? 

 

3 hours ago, KeyedAndLocked said:

the tools are generally not super necessary

They do not require you to rent or buy the tools you can just by the parts and do the repair without them. 

 

 

3 hours ago, KeyedAndLocked said:

nd worst of all you have to contact apple to "verify" the parts you got, from apple themselves!

This is so that the calibration info (colour response curves for screen, camera etc) can be loaded on to the SOC. iPhone 12 and 13 do this over the web and there is an internal web-ui that apple staff have were they can put in your serial number and update the calibration info file. The devices themselves (screens cameras etc do not store this info on the part as that would increase the part cost and be wasted silicon instead it is stored on apples servers and loaded onto the SOC when you pair the parts).

It would be nice if apple built a self-service tool for this and im sure they would offer that (just to avoid paying people who are on the other end of the phones) but writing software takes time and money. And this project is very clearly a 0 effort project they told the company that already provides parts and tools to thier stores and third party repair stores to just open a sales portal to sell them to consumers (at the same price they sell them to authorised repair centres) that company took the most off the self web store template and did just this minimal effort possible.