My son turned 7 earlier this month. I've been getting him into coding and teaching him the fundamentals of using a PC which I reckon is a pretty essential life skill these days. Part of that is helping him to understand the principle of secrets, namely that he should protect the PIN he's using to sign in to his Windows 10 machine. He's good at it too, being sure to shield the little laptop from view whenever he uses it with others around. But based on my experience today, if he was to walk into an Apple store today with a faulty iPhone, he'd be taught a very different lesson:
Tried to get a faulty iPhone speaker looked at in Apple store: "You have to give us the unlocked phone". No chance! https://t.co/8TVLNj23LD— Troy Hunt (@troyhunt) October 31, 2016
The link in that tweet explains precisely the reason why we all know that handing over your unlocked phone is a bad idea. This is how it played out in the store:
Me: The speaker in the phone has got a really nasty crackle when holding it to your ear on a call.
Genius (and I'll be using that term sarcastically from here on in): Oh yes, I can hear that, it definitely has an issue, let me run some diagnostics.
[He fires up the local diagnostics on the device in front of me after I'd unlocked it with Touch ID]
Genius: Ok, let me take that out back and check it out for you.
Me: Sure, just let me lock it first.
Genius: Uh, no, we need it unlocked.
Me: It's a hardware fault and no, I can't give it to you unlocked, I'm a security guy and I think about these things.
Genius: Oh you can trust us, we take your security very seriously!
[Right about here I'm trying not to lose it because I know what that statement usually means!
Me: Look, there's no way I'm giving you an unlocked phone while you disappear into a back room, do people seriously do that?!
Genius: Sure, all the time!
Of course I knew the answer to the question before even asking it, but I somehow felt I needed to rub the point in before storming out of the store, dysfunctional iPhone speaker in tow. I could have wiped it there and then, handed it over and later restored from last night's iCloud backup, but I don't like not having a fully working outgoing device before doing a restore to a new one. I also don't like the lag time due to poor Australian internet and whilst I could have driven home and done a local backup to iTunes, there's still the need to reconfigure a bunch of things that don't cleanly restore. tl;dr - I wasn't getting out of this without burning a heap of time one way or the other.
Walking away disgruntled by the whole affair, a number of things started really getting to me. First of all was how broken the ecosystem was when the only way they could support their product was to fundamentally compromise their customer's security. It's certainly not just my experience either:
@troyhunt Carriers in the US require the same thing to run diagnoses. You'd think they'd have tools that didn't require unlocked phones.— Srbo Ičelić (@sicelic) October 31, 2016
That last tweet is a perfectly reasonable assumption and some device manufacturers seem to be able to get that spot on:
I'm not highlighting this because I do some Microsoft things, I'm pointing it out because it's precisely the way we'd all like to see things pan out. If it's a software or configuration issue, sit with the customer and sort it out but if there's a hardware issue that requires the device to be taken "out back", then there should be a means of diagnosing faults on a locked device. Yes, I get that we're talking about potentially competing objectives (strong encryption versus being able to operate some functions whilst the device is locked), but clearly the current situation is far from ideal.
The other thing that struck me is the paradox of how easily all the great things Apple has done with protecting devices can so easily be undone by a screwy support policy. I mean think about it - Touch ID, Secure Enclave and a track record of being resilient even to attempts to access a locked device by the FBI. Then a kid at the Genius bar turns around and say "oh yeah, just circumvent all that for us would ya?" I'm pretty sure I've seen this paradox represented somewhere before...
The bigger issue though (and the one which inspired the title of this post) is that it's a terrible message to be sending consumers. Apple have done the good work mentioned above precisely to keep the data out of the hands of unauthorised users. Look around you in an Apple Store and consider how many of the folks in there have the first clue about how to properly secure their devices. Like all of us, they learn based on the experiences they're exposed to and the message they're getting when they go into an Apple store is that it's ok to give an unknown third party their unlocked device. And yes, the person you're giving it to is an unknown party because you're not giving it to Apple (that's a company), you're giving it to a poorly paid and inexperienced stranger.
I've been critical of Apple in the past for very similar reasons insofar as that was a case of convenience trumping security. I love my Apple devices and I genuinely think they're the best phones and tablets on the market, but this attitude towards consumer security needs fixing.
However, I've worked out how to fix it - I'm going to buy that iPhone 7 I was thinking about, restore the 6S to it, wipe the old device and then have it repaired (or replaced) after which I'll eBay it. Somehow I think they'll be just fine with that solution...
Update, a couple of weeks later: The new iPhone 7 arrived, I configured everything, successfully restored it and backed it up to iCloud then wiped the 6S and took it into Apple. They were awesome and are replacing the screen and the speaker for free. We don't always have the luxury of doing this, but I'm very happy I waited and am now having the phone repaired without any personal risk to myself.