I’m all for a system that allows you to wipe the device to do a downgrade or upgrade (just like any PC with an unset bios password allows) but the idea that it’s a good design for someone without my OS password to be able to downgrade my OS or perform any operation on my OS is insane.
What’s even the point of setting a password if anyone can manipulate the system without entering it in?
The entire iPhone OS is on an encrypted volume and that is the right design choice. Not having the password means no access.
There is no general purpose encrypted volume operating system that allows unauthenticated users to perform OS manipulation. If you encrypt your FreeBSD, Linux, or Windows volume, the result is the same: no password, no access.
Your choice is to enter the correct password or wipe the disk.
The fact that Apple doesn’t allow you to set up a system without full disk encryption is not a user freedom issue, it’s a very sensible design choice especially for a device sold primarily to non-technical consumers who don’t understand the security implications of leaving the volume unencrypted.
The issue here isn’t that iOS security is designed wrong, the issue is that Apple broke basic password entry with an update.
Shame on Apple for having such lazy software development practices when it comes to implementing updates like this.
So don’t buy an iPhone if you don’t care about the security of your device and personal information. That would introduce a massive security hole that would negatively affect far more users than it would help.
I doubt that. The group of people you're talking about are those who have their phone maliciously stolen by people who are actively working to hack/exploit their way into the devices and then actively exploit the information stored on them. That is a utterly negligible percent of users, or even of users who have their phone stolen. The overwhelming majority of thieves of intent move the devices onto professional orgs that wipe them, jailbreak them, package them, and then ship them on to other entities that resell them.
The percent that might want to choose a different-than-latest version of OS would also of course be quite small, but I suspect it would be orders of magnitude larger than the other group we're speaking of just because that group of people is going to be so absurdly tiny.
In this world stolen iPhones are mostly worthless because they can’t easily be wiped without the password.
In your world, they could be.
I imagine iPhone thefts would go way up. They’re worth $1000 and we just carry them everywhere - if they were easily resellble it would be a very obvious quick-money theft opportunity.
iPhones are currently the primary target of thieves by an overwhelmingly wide margin. There are many ways to wipe them and its an industry in its own right. One of the most common, as always, is simple social engineering. They contact the victim posing as Apple, convince them to reveal their credentials in this way or that, wipe the device and away they go. If that fails they're stripped down and sold for parts, which is also reasonably lucrative.
I don't know for certain why thieves are generally not typically interested in abusing user data, but I'd imagine it's because the penalties if caught would go way up. That'd go from what is generally just petty theft, which carries a slap on the wrist, to wire fraud and a whole slew of other charges, which can leave people spending most of the rest of their life in prison.
Because a quick search for UK statistic shows that even though iPhones are minority of phones over here they are the overwhelmingly majority of all phone theft:
"In terms of smartphone models, the data also indicates who might be most at risk. Looking at the entirety of the UK, 68.6% of stolen phones are iPhones."
“In 2012, the National Crime Survey – which supplies data to the ONS – reported that there were roughly 608,000 theft from a person incidents across England and Wales, which was a high for the decade. However, since then, theft from person cases – including those including smartphones – have fallen year on year. A key factor for this continual decline could be that smartphone security has improved to a point that it’s no longer worth stealing them; with Face ID, trackers, and fingerprint scanners, it’s now harder for criminals to wipe and fence stolen property. It’s also possible that, due to the ubiquity of smartphones, the desire to steal them has simply decreased.”
I would say that phone theft is relatively rare. I didn’t mean to single out iPhone really - AFAIK the major manufacturers of Android phones provide similar protection, and if feel the same about them removing it.
To me the surprising claim would be that phone theft is common - I don’t think I know of anyone who’s had their phone stolen - but if you want stats, sticking with the UK, here’s the official statistics on robbery and ‘theft from a person’: https://www.ons.gov.uk/peoplepopulationandcommunity/crimeand...
It’s more work than I have time for now, but I don’t think that any of the headline figures can be regarded as ‘common’.
More emotionally: Maybe it’s just my age showing, but it is notable to me that nowadays we’re all carrying around $1000 items at all times, and muggings aren’t through the roof. Perhaps society is kinder than I gave it credit for, but I think that the lack of utility of those $1000 items if you steal them (so, they’re not really worth $1000 to a mugger) is a major part of the reason they’re not.
In the US millions are stolen per year. Nobody knows the exact number because I suspect many may not even realize they've been stolen from and simply think they lost their phone somewhere. Thieves tend to target touristy areas where this is even more likely.
It's also going to make the targets even less likely to report the crime to police as well. 'Hi, I don't live in this country and I think my phone might have been stolen somewhere at some point in time over the past several hours, maybe.' is not even going to be investigated by the police, even if somebody does decide to file a report.
Come to think of it, this may all be yet another reason why thieves don't tend to abuse personal information. That sort of stuff is going to get reported and can be viably investigated by the police.
Not allowing downgrades is the biggest contributor to smartphones becoming e-waste.
Apple should be forced to do this by law, but only after they discontinue software support. If they're willing to continue making small, incremental patches when necessary (such as to fix this obvious bug) then it's fine that they can still block downgrades. But at EOL? They should be legally required to allow old software to be installed.
This also impacts software compatibility - any 64-bit device that is now EOL that got updated to iOS 11 or newer is forever barred from running 32-bit apps just because people are worried that someone might take that old device and downgrade it as an attack?
The average person should always stay updated to the latest version for security reasons. But the power users should be able to choose which version they run, at least on devices that aren't currently supported at all.
Daily reminder that the first two iPhones and the first iPod touch had zero firmware signing, and you could freely install any supported version at any time, and can still do so today. That being the case has probably harmed 0.00001% of people at most
Any phone that gets more support than it should have, such that the only OS you can install is too slow to make using the device enjoyable, makes it more likely for the device owner to throw that device out, and then it becomes e-waste.
It also harms software preservation. Sure, we have IPSWs for every single public build of iOS that exists (and if you dig around, probably a ton of betas and even internal builds). But you can't really do anything with any of them once you get to the point in the iOS product line where things were sufficiently hardened
I have heard many replace their phones due to dropping them and becoming unusable. But everyone uses a case now and the build quality is generally better that one mishap does trash the phone. Most people I know getting new phones now did so bc their old phone "got too slow to be usable." I believe that's a matter of new OS versions really are much heavier. Both my last 2 phones I had upgraded bc I went one version too far and had a nearly bricked phone.
It’s really poorly written. After reading it all I still can’t figure out what’s the mechanism by which revoked permissions are hanging around, which is what would actually be interesting here.
It is poorly written. I have suspicion that the author is talking about the persistent file permission mechanism known as Security-Scoped Bookmarks, but the article makes it hard to understand what exactly is being discussed. It reads like a raw bug report without any analysis done.
And specifically they could show some code snippet to reveal what exactly the Insent app was doing. Was it calling startAccessingSecurityScopedResource of the NSURL class?
My impression is that the revoked permissions do not persist. Rather, an interactive window running under the user’s name has implied access to the user’s home folders, regardless of what’s been set under “Files & Folders” (which still applies for background/non-interactive processes).
I could absolutely be missing something here, but the title would be accurate in saying, “MacOS ACLs aren’t terribly intuitive”. But I think the behavior they’re documenting is intended behavior.
> Rather, an interactive window running under the user’s name has implied access to the user’s home folders, regardless of what’s been set under “Files & Folders” (which still applies for background/non-interactive processes).
No, that’s not true at all. Granting permission using the folder picker is required.
Betteridge’s law needs allowances for cases where the issue at hand is opinion or speculation. In this case, the non-clickbait headline would be “Germany’s Gold isn’t Safe in New York”, but the facts aren’t there to go to press with that.
It is extremely possible to work on a product people don’t hate, and still maintain a realistic perspective on your engineering abilities or impact or whatever.
If you’re toiling on a product that’s actively making the world worse, quit now. There are better gigs out there.
And ultimately they have a lot more important things to be doing then learning a different email client than the one they use at their desk on earth. This is an email client on a laptop, not a navigation system.
The mission of the astronauts on board is to test the damn Orion spacecraft in preparation for a human landing on the moon.
> NASA flight controller and instructor Robert Frost explained the reasoning plainly in a post on Quora (via Forbes). “A Windows laptop is used for the same reasons a majority of people that use computers use Windows. It is a system that people are already familiar with. Why make them learn a new operating system,” he reportedly wrote.
Maybe he should have designed the rest of the controls to look like the cockpit of 2003 Toyota Camry. It is a system that people are already familiar with. And actually reliable.
That’s awesome. I’m assuming there’s zero chance it actually gets deployed (for a value of zero that is less than the chance a moon base is actually deployed, also assumed zero) but if it does, apparently the controls will look like this- https://sj.jst.go.jp/stories/2024/s0124-01p.html
But yes, Gottenheimer is a conservative democrat.
reply