• HughJanus@lemmy.ml
    link
    fedilink
    arrow-up
    28
    ·
    1 year ago

    Do you really think that replacing FaceID suddenly gives thieves unfettered access to your phone?

      • Neve8028@lemm.ee
        link
        fedilink
        arrow-up
        25
        ·
        1 year ago

        If a lock is broken, then you might call a locksmith to fix or replace it. This is something that happens frequently and isn’t as absurd as you make it out to be.

        • kitonthenet@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I’m not saying it has to be absurd, but no one is acknowledging that the security risks are real, and requiring a lesser standard of security is a cost of legislating this stuff, which it is the editorial stance of ifixit to support

          • Maalus@lemmy.world
            link
            fedilink
            arrow-up
            18
            ·
            1 year ago

            The security risks aren’t real. They are simply trying to scare off people like you who will repeat nonsense over and over again.

              • Zangoose
                link
                fedilink
                arrow-up
                21
                ·
                edit-2
                1 year ago

                No, you can’t, because that isn’t a good analogy. Those two situations are not at all the same, but I’ll humor you.

                The analogy you’re making is like saying only the company who makes doors is allowed to change the lock on your door, and they’re allowed to just stop offering the lock-changing service whenever they want. They also conveniently put a mechanism in so that whenever a third-party locksmith comes, your door falls apart. Your only option is to buy a new door, doorknob, frame, and hinge because your lock is worn out.

              • papertowels
                link
                fedilink
                arrow-up
                4
                ·
                edit-2
                1 year ago

                That’s a bad comparison because I wouldn’t let a random Internet stranger fix my phone either, but I would allow an actual locksmith to change my locks.

              • NightAuthor@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                1 year ago

                If you swap the faceid, you still need to unlock the phone with your passcode to re-enroll faceid.

                I guess that’d be more like you changing the outside doorknob.

      • HughJanus@lemmy.ml
        link
        fedilink
        arrow-up
        16
        ·
        1 year ago

        I’m assuming this is supposed to be metaphorical but you don’t seem to understand that it is not analogous because replacing FaceID doesn’t suddenly give you access to the device.

        • kitonthenet@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          It absolutely could, if the processor trusts that the data coming from the faceid sensor is accurate, the faceid sensor can simply lie. You’re removing a layer of defense, which necessarily impacts security

          • NightAuthor@lemmy.world
            link
            fedilink
            English
            arrow-up
            5
            ·
            1 year ago

            What’s the faceid sensor going to do, brute force a damn cryptographic collision with the cyphertext of your faceid?!

            If you have even the first fucking clue, even in the broadest of strokes, I’d really be interested in hearing about how this would actually work.

            • Fogle@lemmy.ca
              link
              fedilink
              arrow-up
              3
              ·
              1 year ago

              I think he think the face id just says “yeah, that’s right, unlock” and the phone unlocks. So if you put in a custom one that always says “yeah unlock” it will just always unlock. As if the person putting in the thing couldn’t see the data on your storage anyway

      • papertowels
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Never owned an apple device, so I might be drastically off base here.

        Is face id actually its own unit, including authentication storage?

        If I were designing the iPhone, I’d just use a camera that relays the data to the CPU, and authentication happens there. If it operates like this, a more accurate comparison is I’d let a third party reputable locksmith change my locks, but I’ll set the key pins myself after.