Needed to add price gouging for parts into the bill as well
Outlawing Product Pairing
Proctor called the legislation “the best bill yet” because it goes a step further than other state’s right to repair laws by calling out and making illegal “product pairing,” in which onboard software makes it impossible to install parts that aren’t from the manufacturer.
Product pairing has become a favorite way for companies to make sure that products they sell are repaired only by them, and it’s not covered in any of the other state’s right to repair laws. Apple relies on product pairing extensively. iPhone owners, for instance, generally can’t replace any parts unless the phone can determine that the replacement is a genuine Apple replacement part. This led Apple, which has supported right to repair legislation in other states, to lobby against Oregon’s bill.
“We remain very concerned about the risk to consumers imposed by the broad parts-pairing restrictions in this bill,” Apple’s principal secure repair architect, John Perry, said in February at a legislative hearing.
“An iPhone contains its owner’s important personal data including financial, health, and location information, and this bill introduces the possibility that Apple would be required to allow unknown, non-secure third-party Face ID or Touch ID modules to unlock that personal information,” Apple said in a statement on March 4. “We will continue to support repair legislation, but strongly believe this bill does not offer the consumer protections Oregonians deserve.”
That’s all horse-hockey, of course, and basically a way for Apple to publicly support right to repair while denying it to its customers, as noted by iFixit,>
Yeah, it’s in the name is “security”. As if a third party camera or back cover is going to break into the OS, harvest super important user data, and then somehow find some way to transmit it back to headquarters.
You know, or they just want to make money off of selling parts at 200% profit instead of Apples 500%.
The idea that this is somehow a security risk is a giant steamy pile of bullshit to keep people buying their garbage.
“An iPhone contains its owner’s important personal data including financial, health, and location information, and this bill introduces the possibility that Apple would be required to allow unknown, non-secure third-party Face ID or Touch ID modules to unlock that personal information,” Apple said in a statement on March 4.
What BS. Sure, making sure every fingerprint sensor or whatever has a unique signature would allow you to lock a module to a device to prevent tampering and security bypass. But you should be able to just enter a password or recovery code in order to authorize a new part to be used with your device’s security, then it’ll be the customers responsibility to make sure that the part operates as it should. None of Apple’s business.
My computer contains much more important information than my phone and there certainly isn’t any parts pairing BS there. I would never trust any biometric authentication alone for securing sensitive information. It’s good to use in addition to a secure password though.
Personal EVS shouldn’t be completely unrepairable and unmodifiable. Just disconnecting the battery will brick it and you have to send it back to the manufacturer…
Needed to add price gouging for parts into the bill as well
Proctor called the legislation “the best bill yet” because it goes a step further than other state’s right to repair laws by calling out and making illegal “product pairing,” in which onboard software makes it impossible to install parts that aren’t from the manufacturer.
Product pairing has become a favorite way for companies to make sure that products they sell are repaired only by them, and it’s not covered in any of the other state’s right to repair laws. Apple relies on product pairing extensively. iPhone owners, for instance, generally can’t replace any parts unless the phone can determine that the replacement is a genuine Apple replacement part. This led Apple, which has supported right to repair legislation in other states, to lobby against Oregon’s bill.
“We remain very concerned about the risk to consumers imposed by the broad parts-pairing restrictions in this bill,” Apple’s principal secure repair architect, John Perry, said in February at a legislative hearing.
“An iPhone contains its owner’s important personal data including financial, health, and location information, and this bill introduces the possibility that Apple would be required to allow unknown, non-secure third-party Face ID or Touch ID modules to unlock that personal information,” Apple said in a statement on March 4. “We will continue to support repair legislation, but strongly believe this bill does not offer the consumer protections Oregonians deserve.”
That’s all horse-hockey, of course, and basically a way for Apple to publicly support right to repair while denying it to its customers, as noted by iFixit,>
Yeah, it’s in the name is “security”. As if a third party camera or back cover is going to break into the OS, harvest super important user data, and then somehow find some way to transmit it back to headquarters.
You know, or they just want to make money off of selling parts at 200% profit instead of Apples 500%.
The idea that this is somehow a security risk is a giant steamy pile of bullshit to keep people buying their garbage.
What BS. Sure, making sure every fingerprint sensor or whatever has a unique signature would allow you to lock a module to a device to prevent tampering and security bypass. But you should be able to just enter a password or recovery code in order to authorize a new part to be used with your device’s security, then it’ll be the customers responsibility to make sure that the part operates as it should. None of Apple’s business.
My computer contains much more important information than my phone and there certainly isn’t any parts pairing BS there. I would never trust any biometric authentication alone for securing sensitive information. It’s good to use in addition to a secure password though.
Absolutely! Biometrics are at best a username, not a password.
One wheel as well is a notable example for me.
Personal EVS shouldn’t be completely unrepairable and unmodifiable. Just disconnecting the battery will brick it and you have to send it back to the manufacturer…
I’m sorry, are they under the impression that they still own the phone once you buy it?