• Neve8028@lemm.ee
      link
      fedilink
      arrow-up
      25
      ·
      1 year ago

      If a lock is broken, then you might call a locksmith to fix or replace it. This is something that happens frequently and isn’t as absurd as you make it out to be.

      • kitonthenet@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I’m not saying it has to be absurd, but no one is acknowledging that the security risks are real, and requiring a lesser standard of security is a cost of legislating this stuff, which it is the editorial stance of ifixit to support

        • Maalus@lemmy.world
          link
          fedilink
          arrow-up
          18
          ·
          1 year ago

          The security risks aren’t real. They are simply trying to scare off people like you who will repeat nonsense over and over again.

            • Zangoose
              link
              fedilink
              arrow-up
              21
              ·
              edit-2
              1 year ago

              No, you can’t, because that isn’t a good analogy. Those two situations are not at all the same, but I’ll humor you.

              The analogy you’re making is like saying only the company who makes doors is allowed to change the lock on your door, and they’re allowed to just stop offering the lock-changing service whenever they want. They also conveniently put a mechanism in so that whenever a third-party locksmith comes, your door falls apart. Your only option is to buy a new door, doorknob, frame, and hinge because your lock is worn out.

            • papertowels
              link
              fedilink
              arrow-up
              4
              ·
              edit-2
              1 year ago

              That’s a bad comparison because I wouldn’t let a random Internet stranger fix my phone either, but I would allow an actual locksmith to change my locks.

            • NightAuthor@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              If you swap the faceid, you still need to unlock the phone with your passcode to re-enroll faceid.

              I guess that’d be more like you changing the outside doorknob.

    • HughJanus@lemmy.ml
      link
      fedilink
      arrow-up
      16
      ·
      1 year ago

      I’m assuming this is supposed to be metaphorical but you don’t seem to understand that it is not analogous because replacing FaceID doesn’t suddenly give you access to the device.

      • kitonthenet@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        It absolutely could, if the processor trusts that the data coming from the faceid sensor is accurate, the faceid sensor can simply lie. You’re removing a layer of defense, which necessarily impacts security

        • NightAuthor@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          What’s the faceid sensor going to do, brute force a damn cryptographic collision with the cyphertext of your faceid?!

          If you have even the first fucking clue, even in the broadest of strokes, I’d really be interested in hearing about how this would actually work.

          • Fogle@lemmy.ca
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            I think he think the face id just says “yeah, that’s right, unlock” and the phone unlocks. So if you put in a custom one that always says “yeah unlock” it will just always unlock. As if the person putting in the thing couldn’t see the data on your storage anyway

    • papertowels
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Never owned an apple device, so I might be drastically off base here.

      Is face id actually its own unit, including authentication storage?

      If I were designing the iPhone, I’d just use a camera that relays the data to the CPU, and authentication happens there. If it operates like this, a more accurate comparison is I’d let a third party reputable locksmith change my locks, but I’ll set the key pins myself after.