There is also another issue why Apple is restricting "part harvesting": theft. iCloud locks or Samsung's KNOX lock entered the field because the manufacturers were pretty pissed that customers using their devices in public became a target for "enterprising" robbers who'd factory-wipe the devices and flip them to a pawn shop or second-hand store in a matter of half an hour. When people are afraid to use your products because it paints a phone-sized target on them, they won't buy your product.
That cut down on a lot of the robbery bullshit, but then criminals simply found new buyer classes - they'd simply part stolen devices out and resell everything but the iCloud/Knox/whatever locked mainboard. Displays, cameras, speakers, batteries, flex cables, cases, everything.
So now, at least Apple is tagging the most "valuable" parts in new phones, simply to make stealing them unattractive for thieves, which frankly sucks but is necessary because it's a public safety issue.
(If anyone at Apple is reading this: ffs, allow the legitimate owner of a device to "unpair" all components in their phone in iCloud so that legitimate second-hand shops can strip a broken device at least for its parts)
While anti-consumerist practices such as this authentication mechanism sometimes accidentally protect the consumer, it is not the reason why companies do it. If it were, they would also allow you to say “yes this replacement is desired.” Similarly, if it was about security and preventing backdoored parts, they could allow you to authorize the replacement.
But no, it is of course about money grabbing, and then the consumer is the opponent.
Such an ignore button would allow theft to continue and would allow users to make poor security decisions. I agree that something needs to happen to enable easier or maybe more privacy focused 3rd party repairs but I also appreciate my device being less of a target.
What? How is someone who snatched your phone out of your hand and ran away going to know your password and authentication information needed to authorize a parts replacement?
I think the point is that an unsuspecting buyer of, e.g. a screen replacement, could end up going to a shady repair shop that uses stolen parts, sees the message once, clicks "OK", and moves on. The reasoning being that this scenario would cause some demand for black market parts.
The suggestion from OP whereby the seller of a used phone logs in and "unpairs" the parts could avoid this, unless a robber forces you to do it under duress.
Apple could just unpair parts when the phone itself is reset/deactivated. And new genuine Apple parts could at least have a one-time automatic pairing when signing in with your Apple ID.
Stolen phone? The phone is still activated, part can't pair with new phone. Not perfect, but at least somewhat less anti-consumer.
But if that were the case, there would be plenty of people willing to sell you a refurbished screen for your 2 year old iphone for $100.
By restricting the reuse of parts, when you crack the screen of your old phone, you are faced with a $500 repair bill, and decide to just pay your phone company $50/month for a new contract that comes with a new phone.
Yes, it's actually made phone theft even worse as a victim. instead of running with the device muggers are demanding pin's and passcodes at gun/knife point
Got a source on this? Quick google search for "Chicago death iPhone mugging" did not turn up anything about robbers specifically asking for PIN codes, or killing someone for not providing it.
Dakota Earley age 23 was viciously attacked and shot 3 times and barely survived. all caught on video and you can hear the thieves demanding the passcode.
and before you dismiss it given the time of day or one off, armed robberies for cell phones are way up in chicago and they are occurring in broad daylight . the crime that keeps getting covered and that I know someone who this happened to is, 1 -2 people walking on the street, a car pulls up with 4 people . they all get out and have guns and force you to give up your phone and passcode. Armed Robberies are way up 44% 7978 cases and they are all for iPhones and passcodes . people are getting pistol whipped when they don't cooperate and increasingly even when they do.
You're probably right. I rebalance my account 4 times/year. I'm thinking it may be best to have one "secure PC" that I do my balancing on, and even remove the passwords from my password manager.
for paypal, i only ever use a login through the website on the rare occasions i have to use it. for other apps like cashapp/venmo, do they even have a non-app method of using them?
My comment is in response to your “yes this replacement is desired.” button in a world where parts can be harvested from a phone and used in a different one. My understanding of what you mean is if phone A were stolen and parts removed from it and installed in phone B then phone B would get the “yes this replacement is desired.” button instead of whatever is in place now. My feeling is this button would be no different from just not having a button at all. The user of phone B will almost never care what that prompt says and will just click through, they're certainly not going to consider the parts were stolen from phone A.
Change "replacement" to "removal" and it should work as intended. I haven't authorized my stolen phone's parts to be removed so they can't be installed in any other phone.
But if the phone doesn't turn on you can't authorize the removal. And if it turns on but a factory reset is enough to let you authorize the removal, you're back to square 1. Either way it's not feasible.
the phone is likely linked to an apple account. seems reasonable that if the components are approved for a specific phone and that phone is linked to an icloud account, that account could permit a swap?
That assumes that you managed to ask the previous owner to log into iCloud on another phone and "free" the previous one for repairs. I guess you could do that if he's buying a new iPhone from you, but still... it is similar to the Macs that are stuck on the previous owner's enterprise account.
They're going to snatch your phone, break it up into parts, and install those into other people's phones, and those people will happily approve the new part.
You should search what happens when these phones are stolen with Apple's lock on them.
It's almost always the same play book:
- moves to some US address nearby
- turns off for days
- shows up in Shenzhen or Guangzhou
Usually from there are a few attempts to phish the owner with fake iCloud alerts (and sometimes outright threats) before they strip it for parts.
To be clear it's not like the phone theft itself is part of some concerted effort by Chinese actors: there are only so many places where the tools and skills to strip down, repackage, and resell something as specific as an iPhone speaker unit are so common
Thieves who really want your iPhone will make you unlock it (or just point it to your face) and remove it from your iCloud account. Much better than using it for parts.
Does that happen? I've not heard of that. Regardless, that does iPhones are still immune to everything short of armed robbery. That your front door lock doesn't stop thieves from smashing the window to get in doesn't mean it doesn't serve a purpose.
> How does that not completely bypass any of the reasons for wanting to do this?
Do it from your iCloud account. Presumably thieves will not hold you at gun point to log in to iCloud and allow pairing of your phone's components to a ready recipient iPhone
but you'd have to make it to not be something to be done from an iDevice. it would have to be through the website. otherwise, how do you know it's not a still a malicious approval?
I dont buy the anti theft angle either. People's phones still end up stolen, and they are still contacted by the thieves to remove the icloud account. ICloud is a good enough feature to prevent theft, and having authorized repair options in it is great. So, that notion is already pretty bad. If someone replaces the motherboard with a blank iPhone(no iCloud attached), then a check of parts that are serialized to an iCloud account should be implemented to prevent harvesting parts from a locked iPhone. There are better consumer friendly methods that Apple simply ignores.
Truly, they could put up any roadblock---a time delay, requiring a phone call, MFA up one side and down the other---and it would be a much better look for them.
I don't buy the anti-theft angle that can only be solved by buying a brand-new genuine part direct from Apple.
> And it is “anti-consumerist” to make my property a less desirable target for theft?
That's not the main purpose, it's an excuse. You can tell because they don't take relatively simple steps to make things easier for non-stolen parts replacement like the one being suggested
No need to try to defend them based on unsupportable benefit of the doubt possibilities. If their motivations were actually for the users benefit, then the user would have these options and be benefitting.
Yes. I could see a better system being made. Perhaps alerting you that the screen was marked as stolen and refusing to have it operate. Hell, for screens in particular you could display a “please return to <original owner>” message and nothing else.
I think this is being downvoted as it initially reads as a snarky way to say "the way it works now is fine", but reading closer I think they are saying it should only happen when the screen is marked as stolen which seems reasonable
The solution for a phone is put a vin on the display and other valuable parts and upload those to the carrier/manufacturer.
Imagine how happy someone would be if they had their display replaced with a stolen one and next thing they know their phone is both bricked and of no value even for parts.
I don't know why iFixit doesn't even touch on that point.
I live in Barcelona and phones are being pickpocketed every day here. Not being able to wipe or unlock or else is a mayor deterrent for the pickpockets, because noone will take the phone off of them, so it's not worth it. Phones are still being stolen but imagine if they could sell to a global market of repair shops.
You couldn't go to any tourist location without having your phone stolen if it wasn't bolted to your person.
I get the iFixit point as well but if I have a 1500€ phone, I don't want to think about it being stolen, when I am on vacation, because someone needs some parts (oh the human trafficing/organ harvesting similarity...)
Apple should offer a better repair program and offer the ability to "unlock and relock" it in a apple store with proper proof of ownership. Or anything else in that direction.
> I get the iFixit point as well but if I have a 1500€ phone, I don't want to think about it being stolen, when I am on vacation, because someone needs some parts (oh the human trafficing/organ harvesting similarity...)
Do you think thieves are that descending? I know someone whos iPhone 14 was stolen in London. If this helped protect against theft, then why did they steal the phone anyway?
Of course thieves are discerning. They are running a profitable criminal enterprise. They are in it for big money and are extremely sophisticated and not going to risk stealing worthless junk.
An example of one theft is not evidence that the policy doesn’t reduce theft, or that the purpose of the policy isn’t to reduce theft.
> Of course thieves are discerning. They are running a profitable criminal enterprise.
I can promise you the person who stole this iPhone doesn't run a profitable criminal enterprise. But I am also not disputing that someone along the theft value chain, someone will likely be discerning. However, your claim seems to conflate a criminal enterprise and the theft value chain with an individual thief.
Also, I find the notion that it is very risky to steal something in London hard to believe, but if you have some data to back that up I would be happy to change my mind.
>If this helped protect against theft, then why did they steal the phone anyway?
They are plenty of stories on Reddit and TikTok where the stolen phone ends up in China, and then the owner is phished into disabling iCloud so that the phone could be wiped. If not the sold is phone for parts. To me the very fact that you need an entire phishing ring to make stealing iPhones profitable means that there is some cost that deters thieves from targeting iPhones.
Barring phishing, the next best thing is to scrap it for parts. I can see Apple's reasoning here - if most of your growth is going to come from poorer nations it makes sense you don't your customer base worry about carrying a year's salary in their pocket.
I'm also unconvinced it's a "money grab" on Apple's part. Locking down repairs will not come anywhere close to replacing the lost revenue from the consumer's slowing upgrade cycle.
You can tell the theft thing is an excuse from Apple because they don't do things like allowing you to unlock parts you own, or even buy genuine new parts that definitely stolen without silly restrictions like needing to put in a serial number first and then contact Apple to pair it (this is probably done to make it almost useless for repair shops because they want to push their even more restrictive "independent" repair program)
>tell the theft thing is an excuse from Apple because they don't do things like allowing you to unlock parts you own
This would only make sense if Apple had an existing system for customers to unlock their own parts and then disabled it. The system you are talking about doesn't exist, and the idea that they built X but didn't include X+1 because of "greed reasons" isn't entirely credibly.
While you could argue that maybe someone brought the idea up and it was shot down by some devilish exec, it's equally likely to me that
(1) no one at apple thought of the idea
(2) since the product would be customer facing it is some apple design hell along with the iPad calculator
(3) no one cared enough to spend the political points to push for the product
(4) the problem just isn't prevalent enough to justify the cost.
There are plenty of reasons why Apple could be building this to reduce theft while also not building some other auxiliary system.
Something Louis Rossmann who advocates for right to repair, says (I'm paraphrasing of course) is that it's not necessarily that they explicitly go out of their way to say "let's make repair harder", but when there are no incentives to improve the situation it won't be worked on at all and that has the same effect, so it's still important to push them to do it
How do the thieves get the contact details of the person whose phone they stole to fish them? And why did they steal the iPhone I mentioned without having the contact details of the person?
In the last link, the user explains in the comments that when they marked the device as stolen, they could choose some text to display on the screen and they chose to include a phone number that they had access to.
Plenty of people hope for a good samaritan interaction and will do something like that.
also idk if they ever changed it, but a long time ago I found a phone that was locked and no identifying information shown. I asked siri to call 'my' mother and she arranged a pickup.
If thieves have to rely on people seeing thieves as good Samaritans and trusting thieves with their contact details after they were robbed by them, we definitely have entered a realm of absurdity. But while this hypothetical realm is devoid of all reason and logic, theft still remains.
> How do the thieves get the contact details of the person whose phone they stole to fish them?
If the phone is set to display notifications when locked, you can see the usernames of friends of theirs in notifications on the screen.
I found a locked iPhone on the ferry one time and saw Snapchat notifications from their friends on the lockscreen. I sent a message request to one of the users on the notifications, and told them that I found the phone on the boat and that the owner of the phone should contact the ferry company to retrieve the phone as I would hand it over to the crew of the ferry.
Similarly, if your goal was to be a thief instead of being helpful you might keep an eye on the Instagram notifications of the phone, and then cross-reference friends of those people to figure out who owns the phone.
Granted, that's dealing with stolen iPhones getting sold and an entirely set of other problems. You'll note that 26.8% of them were either unlocked, easily guessable, or in one instance had the credentials there (compare shoulder surfing before stealing the phone).
> Of phones they won at auction (at an average of $18 per phone), the researchers found 49 had no PIN or passcode; they were able to guess an additional 11 of the PINs by using the top-40 most popular PIN or swipe patterns.
Not sure I understand. The father's phone was stolen, and the son was contacted, and the son logged into the account.
>How?
Anyone can pop out the sim card and plug it into any dumbphone, navigate to settings and read the phone number. I assume there's probably a USB device to dump data on a sim card.
>Losing it is not the same as having it stolen, though.
Your phone is lost until you attain the information that it was stolen. I fail to find it now, but there was a tiktok of a woman who lost their iphone at festival and it turned up in china where she also was unsuccessfully phished.
> Losing it is not the same as having it stolen, though.
Your phone could disappear and you would assume it fell out of your pocket or that you left it somewhere, when in fact someone could have stolen it from you while you were not paying attention.
And besides, most people probably don’t expect that a thief would respond and trick them into unlocking the phone for them. Instead the expectation might be that a thief would not respond, and that if someone responded they are a good samaritan trying to help you.
I’m highly dubious of anyone claiming this reduces crime.
Things being easy to steal and sell aren’t the _cause_ of crime, they’re a symptom. If someone has felt the need to resort to a life of crime for whatever reason, how is lowering their “salary” (so to speak) going to reduce crime? Surely they now need to steal more phones to make up the difference? I guess you could argue they might commit a different crime instead?
Activation lock made a huge difference. The next step to talking profits out of stolen iPhones is to make harvesting parts difficult.
I absolutely give Apple the benefit of the doubt when it comes to I this. Back in the bad old days iPhone theft was incredibly common and that has come down a lot over the years.
> The next step to talking profits out of stolen iPhones is to make harvesting parts difficult.
I would 100% buy this if you showed me data that indicates that part harvesting is behind most of the remaining theft of iPhones, which it very well may be, but if we have the data we would not have to guess.
FFS, what else do you think people are stealing them for? To make abstract art? Kleptomania? To stop the 5G towers from giving them COVID?
People steal stuff because they can use it or because they can turn around and sell it. If they can’t do either, they eventually stop stealing those things.
Especially catalytic converters. Can be stolen from an unprotected (i.e. no massive baseplate) car in below 30 seconds, and nets you about 1000$ a piece from junkyards willing to ignore the sawzall marks.
Few people would choose a life of crime as a hobby, or if it wasn't paying much better than an average entry-level office job, so it's not like someone decides to resort to crime and then later considers the financial aspects. Most get into it because of the quick money.
To use a hyperbolic example, if the median profit for stealing a phone would suddenly drop to $10, where their only value are the easily extractable raw materials, a 20-fold increase in theft would be less likely then a rapid drop in theft.
Currently there are avenues to remove iCloud lock, where licensed repair shops or Apple employees remove them for some extra cash [1], so the value of stolen iPhones is greater than the raw materials, making it attractive. But with higher regulation, that could change.
It’s not that it reduces crime overall, it’s that it reduces a specific, very inconvenient crime to be the victim of. Having your phone stolen, especially on vacation, is significantly worse than many other sorts of theft.
And people still die of infection despite the existence of antibiotics. Crazy, right?
Please tell me you understand that reducing the value of an iPhone on the black market will reduce incidence of theft even if it doesn’t eliminate it entirely.
Maybe people resort to a life of crime because it makes them money and they like money, not because they have no other option. People readily accept that rich people do morally wrong things (like exploit their employees etc) for more money. So why assume that the only reason people in general would do morally wrong things is because they need to to feed their family?
> So why assume that the only reason people in general would do morally wrong things is because they need to to feed their family?
I don't think anyone has ever made that claim, but people do tend to do what's easy/convenient and it's a lot easier and more convenient to put in 8 hours in a safe climate-controlled office where you get medical benefits and a salary you can depend on than it is to go out every night mugging people or trying to pick pockets, then trying to figure out how to sell your stolen goods, all without getting killed, robbed yourself, or caught by police.
Most people need to make money somehow and nobody is picking the most dangerous, risky, effort intensive means to make that money when they have other options readily available.
The harder it is for someone to make money doing anything other than commit crimes the more likely they will be to commit crime and for some people (those with few resources, and addictions and/or past criminal records for example) it can be very very hard to get and maintain legitimate employment.
Its like poisenous plants. Being poisenous doesn't prevent the single plant from getting eaten. But it makes it very unlikely, that a lot plants of that species get eaten. So while a single iPhone might get stolen, overall there are less if many thieves targetting iPhones. They don't bring money, but increase the risk of landing in prison.
> So while a single iPhone might get stolen, overall there are less if many thieves targetting iPhones.
Do we have data to show this?
> They don't bring money, but increase the risk of landing in prison.
I also don't think the risk of going to prison for theft in London is that high. Sure, stealing an iPhone increases it, but an increasing an insignificant risk by a factor of 10 could still leave it being insignificant.
There is probably a "trailing indicator" effect at play here. I believe people don't sell the phone immediately, but try and find a buyer later. It will take a few thefts of un-sellable iPhones before the thief realises that the risk is not worth the reward. These changes don't trickle down immediately.
> It will take a few thefts of un-sellable iPhones before the thief realises that the risk is not worth the reward.
But his only bears out if thieves can easily discern an iPhone 14 from other phones, which I'm not sure is that easy in the context they operate. And it also requires it to be risky to seal in London, and I think if that were the case then theft would be less prevalent there. And I think if the people in London cared about having their iPhones stolen, they would take political action to that effect.
But sure, it all sounds very plausible, though I would still like to see data to back it up. It may be, but it also may not be.
>I live in Barcelona and phones are being pickpocketed every day here. Not being able to wipe or unlock or else is a mayor deterrent for the pickpockets
If the whole part won't be used it will be stripped to components and resold to the same repair shops anyway. Yeah the profit margins will be smaller per phone but they will just steal more.
Apple doesn't want phones fixed because Apple wants to sell more phones, plain and simple. There is no other incentive.
> Yeah the profit margins will be smaller per phone but they will just steal more.
The risk of getting caught scales with that increased volume. The extra friction of parting out a phone for less money compared to selling the whole phone beggars belief that "stealing more" is the most common response.
"iPhone theft getting less profitable raises the rate of theft" just doesn't make sense.
Yes, classically, thieves just scale up their operations tenfold when their profit per theft goes down. This is why iPhone theft has skyrocketed in the past decade, to the point where the general public is anxious to ever wield such a device in public for fear of being immediately snatched.
What is the relative rates of occurrence of phone theft vs. phones breaking in a way that requires repair? I'm going to go out on a limb and say that far far far more people have a phone that needs to be repaired than have a phone that gets stolen.
So making repair worse to make theft "better" seems like a bad tradeoff to me. And that's even presuming that this stated goal actually works. I would expect that a very non-trivial amount of phone theft happens without knowing the model. Assuming that's the case, having 1 manufacturer make selling parts non-viable doesn't really help that much.
So A) even if it was 100% effective that seems like a bad tradeoff to me and B) I'm skeptical of how much difference this actually makes in theft rates.
I know that I personally, if choosing between a phone that I knew for a fact would 100% never be stolen, but also couldn't be repaired, vs. a phone that could easily be repaired but was subject to theft, I would choose the repairable phone every time. It's an anecdote, but I've never had a phone stolen and literally every single phone I've ever had has needed repair at one point or another.
>as long as you're excluding screen and battery replacement which aren't what's being talked about here.
You did not read the iFixit post then, it is what is being talked about here. The post has nice screenshots of the phone complaining that the battery is not "a genuine Apple battery".
Luckily, for like $4/mo (and $29 per incident), Apple will replace the screen for you. You can break your screen every year and it will cost you less than the $100 that screen would cost on the open market.
> What is the relative rates of occurrence of phone theft vs. phones breaking in a way that requires repair?
i would think having a permanently useless phone would stop the first rate from ever increasing much. you are walking around with a grand in your pocket everywhere you go so to lower the risk of violent robbery is good.
People were robbed at gunpoint before cell phones and will continue to be robbed at gunpoint even if every single manufacturer adopts this policy. This is not some magic bullet that stops crime. There is another commenter in this very thread describing being mugged at gunpoint and his mugger forcing him to go through the Apple unpairing process in order to make the phone completely flippable as a whole device.
Not to mention that it is not infinitely worse. There is some relative amount of needing repair to being robbed at which it becomes a bad tradeoff. Where that point is is probably different for different people. But that line exists somewhere for everyone.
> (If anyone at Apple is reading this: ffs, allow the legitimate owner of a device to "unpair" all components in their phone in iCloud so that legitimate second-hand shops can strip a broken device at least for its parts)
I was robbed at gunpoint (but not in a 'problematic' part of town) and the thief outlined all the steps he needed me to take to remove my phone from Find My and from iCloud. I think a lot of these mitigation measures could make sense but there's no perfect solution.
IMHO this is a huge problem. A thief just wants to steal your phone. To ensure the value of the device, it’s now common to force you to provide your passcode. This gives access to all your data, can be used to reset your Apple ID password, lock you out of your account, and erase and lock all your other devices. This problem never existed before, and it’s significantly worse! Like, way way way worse. It’s so bad I wonder if I should really be signed into my Apple ID on my phone at all. Because I don’t give the slightest care of someone stealing my phone. But I do care if they have access to all my data, erase and lock me out of all my other devices. I really care about that. And this problem only exists because Apple locks down the device and all parts.
> And this problem only exists because Apple locks down the device and all parts.
It would likely be a problem even without the lockdowns and official parts flowing freely, because even if Apple is selling the parts with zero margin, black market and gray market parts supplied from stolen devices are still going to be cheaper, which means there will still be a demand for them from unscrupulous repair shops that use cheap parts of questionable origin to gain an upper leg on shops playing by the rules. There will also always be individuals doing DIY repairs who won’t care where parts come from so long as they’re cheap.
It's much easier on Android to setup all kinds of alternatives. You could setup a 'dummy' key that if entered would alert the police, for example. Failing that, you can setup different keys for different services with different levels of access, as well as have third party equivalents to 'Find my iPhone'.
Not being in the walled garden provides a lot of freedom and flexibility to setup contingencies.
Maybe... But ignoring the fact this lgel of customisation is unlikely for any normal and most tech people, you'd likely require root to override the core system and password auth I'd imagine. I believe this ends up invalidating what is core functionality for most people - banking, wildvine, etc.
If we're moving into the realm of the ultra paranoid, high security over convenience focused user - sure. In fact I dare say such a user might prefer a Linux phone with physical keyboard, or no phone at all. But if we're talking average iPhone or Android users here, I can't imagine the scenario would change much at gunpoint.
> But ignoring the fact this lgel of customisation is unlikely for any normal and most tech people,
This is HN though...surely there are a lot of people who care about security and have experience using custom roms.
> you'd likely require root to override the core system and password auth I'd imagine
Honestly, even a simple solution would be putting on something like Prey, which is free and easy to use, and using a third party applocker tool. Those two things don't need a custom rom or any other customization.
Apple should have a duress system. You have say 48 hours to contact Apple and tell them the change was made under duress--and you do so with the *old* credentials, not the new ones. All changes to your account revert and the phone locks itself to your account once it sees the network.
There's a significant difference in risk in robbing someone at gunpoint vs just slipping their phone out of their pocket. It's awful that that happened to you, but it's important to realize that just because a specific security measure could not prevent what happened to you, that doesn't mean it's wholly ineffectual or not worth having.
> , but it's important to realize that just because a specific security measure could not prevent what happened to you, that doesn't mean it's wholly ineffectual or not worth having.
I think you are missing the point of the comment. The GP says that Apple should allow parts to be unpaired to allow re-use of components; this example suggests that there is utility to keeping the existing security system.
I mean the perfect solution (from a theft perspective) would just be only allowing Apple to remove the phone from your iCloud account at a physical location when presented with ID. Annoying for people selling their phone, sure. But that plus the hardware paring would make it functionally worthless to anyone but you.
Unpairing a device from icloud should probably require a second factor or a mandatory safety wait period. Same for every potentially really harmful action.
I do not accept this as a reasonable answer. I've lived in not even very good areas, with very lax physical security (often not locking my car) and have never had this issue, ever. Nobody has ever stolen my phone. Not in downtown Detroit, not in not-downtown-Detroit, not in SF, not in Chicago. If crime really is this bad, it's not an Apple or Samsung problem. It's a societal problem that extremely badly needs to be addressed seriously and not just worked around with convenient anti-consumer garbage.
“No one has stolen my phone so I don’t believe that actions to stop phone theft is necessary”
I’ve heard plenty of stories of people getting their phones stolen in public. Especially when I was in school, we’d hear of plots like kids coming up to students and asking to call their parents because they’re scared and alone only to run over to a car waiting around the corner and drive away.
You can argue it’s unnecessary, but it certainly chilled the market for stolen phones. They’re pretty obvious targets and they’re very personal. Not worrying about it as much is a big win, but some people have other priorities and that’s ok too.
I didn't make that argument at all, so it's pretty annoying that you've cornered me into arguing it. I really don't respect when people do this.
I never, ever argued against "actions to stop it". I argued against this action. I never argued that my anecdata that my phone has never been stolen means that all action against theft are unnecessary, but I believe it is good cause for me to want a phone that doesn't have excuse-driven anti-consumer anti-repair garbage built into it to "prevent theft" that has never been my problem.
I am, however, arguing that this is not how we should be dealing with problems like this. It, in fact, should be illegal.
No one is forcing you to argue that position. You said “my phone has never been stolen… Apple shouldn’t solve this… sell me a steal-able phone”.
My counter is that a primary reason you never had a stolen phone is the anti-theft solutions implemented by private companies.
Personally, I think removing the incentives to theft is a great way to reduce it, and this is particularly effective. Sure repair-ability would be nice, but I repair it so infrequently and it’s sufficiently cheap that I don’t mind. As an example, expecting the police to successfully hunt and remedy every petty theft of all the phones that would be stolen instead would be a lot less resource efficient for society. We have enough crime as is that the police have better things to do than fail to find a lost phone.
> No one is forcing you to argue that position. You said “my phone has never been stolen… Apple shouldn’t solve this… sell me a steal-able phone”.
Once again, no I didn't. Hell, the snippet "Apple shouldn’t solve this" doesn't even appear in my text.
At this point, I'm beginning to wonder if maybe you're being deliberate in doing this, because I don't understand the need to paraphrase me. If I didn't think all of those details and qualifiers were necessary, I would've just left them out myself. And while I understand that my writing is not succinct, it's not like I wrote a novel, so why not just quote what I actually said? Otherwise, it feels like I'm just having to explain how my position differs from the one you're arguing against.
> My counter is that a primary reason you never had a stolen phone is the anti-theft solutions implemented by private companies.
I will quote myself:
> I never, ever argued against "actions to stop it". I argued against this action.
Note that while I have owned a couple iPhones, the last iPhone I owned only had one "paired part" that I am aware of. I am not arguing against iCloud locking as a concept. I am not arguing against all anti-theft measures.
I can see why someone may miss this from the first comment I made, since well, I didn't explicitly say that part. However, at this point, I don't understand what else I can say.
> Personally, I think removing the incentives to theft is a great way to reduce it, and this is particularly effective. Sure repair-ability would be nice, but I repair it so infrequently and it’s sufficiently cheap that I don’t mind. As an example, expecting the police to successfully hunt and remedy every petty theft of all the phones that would be stolen instead would be a lot less resource efficient for society. We have enough crime as is that the police have better things to do than fail to find a lost phone.
I am not suggesting police go and try to find every lost phone. I am suggesting that we have a serious societal problem and we're not really doing anything about the problem itself. The fact that police can't handle every single case suggests to me that it's completely out of control. It'd worse if this was the same for e.g. shoplifting, or breaking and entering... which it is, in some areas. But we don't accept that as "normal", and we shouldn't accept this as normal either.
I realize you were explicit about the fact that police action was just an example of something that one could do, but I find it interesting that it is the example you would go to. While a lot could be said about Japan, with far less prisoners and prosecution, they have generally a lot less issue with crimes like these in particular based on both anecdotal evidence and published statistics, yet it feels like it is a foregone conclusion that there's nothing that can be done about all of this petty theft. I call shenanigans.
Furthermore, while this may sound reasonable in an era of disposable phones and new shiny toys every year, I think it's a horrid long-term outlook. To me paired parts isn't worth it: it's a threat to sustainability and civil rights, as I think Apple's practices tend to be widely emulated regardless of whether or not the outcome for consumers is ultimately good. It's already getting harder and harder to buy computers, new or used, that do what you tell them to. Paired parts is just another dark step in the wrong direction.
In the future, Apple product launches will be measured in the volume increase they make to landfills.
That's not what this is and you know it. The equivalent would imagining a fictional world where we could say just raise the dead or Borderland's style instantly print you a new body at the phone-booth down the street. In that world there's no point to murdering you, they get no benefit it's only an inconvenience to the person being murdered.
In that world you need very little actual protection against murder because there's no incentive to do it. That's the current state of iPhones, you don't need to lock them up, use those chest pickpocket proof bags, or strap them to your wrist because no one wants to steal them.
Phone theft was pretty common in the US 10 years ago. This article (based on a population of 20 million people) says about 1 million phones were stolen in 2013:
It's much less common now, since all the major brands brick themselves when stolen (though it's starting to be common to either shoulder surf the pin, or to grab an unlocked phone out of people's hands, then rapidly reset 2FA and email passwords).
I agree with the GP comment that it should be possible to make phones theft-proof and also repairable though.
Counter anecdote: My coworker in SF had his phone stolen by someone who grabbed it from his hand and leapt through a closing BART door, so that my friend had to watch the thief walk off as the train pulled away from the platform.
Most people haven't had their phone stolen. That doesn't mean phones aren't stolen.
I had someone grab mine from my hand in a coffee shop and sprint out the door last year.
(I got it back via chasing after them and a minor physical altercation. This was definitely an unwise choice on my part, because the thief was then in the news a few days later for murder.)
> It's a societal problem that extremely badly needs to be addressed seriously and not just worked around with convenient anti-consumer garbage.
The societal problem is that people got used to paying over a grand for a thing that fits in their pocket.
> Nobody has ever stolen my phone.
Put yourself in the position of the thieves. You would want an easy target; one that if push came to shove that they wouldn't be able to injure or detain you. How big are you, physically?
My wife had her iPhone stolen in the north side of Chicago maybe 15 years ago - in a good area no less. Some big guy followed her to her apartment asking to make a phonecall for some made up emergency. She's 5'2" and was like 90 pounds at the time. She did the math on how it was likely to go and just handed it over, as it was late at night and she was alone. Predictably, he ran off. (As an aside, I think it's hard for men to understand exactly how vulnerable women feel in general - as ne'erdowells see them as easy targets compared to even men of similar size)
The same thief may have thought twice if it was me - because I'm a man rather closer to 6' and 200lbs. He may win that fight and get the phone, but not without me getting some licks in - an unattractive proposition, since a broken orbital or finger cuts into those profits.
It's a big world. Haven't you seen videos of phones getting stolen out of peoples hands from thieves on scooters in places like Brazil? Or the millions of tourists in Spain and Italy whose cell phones would become major targets.
In other parts of the world where the cost of a new iPhone is much more expensive relative to local earning power it does happen. I've had coworkers who had their phones stolen in Spain and Brazil for example.
> Four people from out of state face charges for allegedly stealing phones during Lollapalooza in Chicago over the weekend.
> ...
> When police asked Bardales about the phones, he allegedly told them he bought them at the music festival for $50 each and planned to sell them for parts, CWB Chicago reports, citing prosecutors.
> AUSTIN, Texas — Austin Police are investigating an international crime ring that targeted Austin City Limits Music Festival. Authorities believe a half-dozen people worked together to steal approximately 1,000 cell phones from festival attendees. Police say five people have been arrested but more suspects are involved.
I had my phone grabbed out of my hand at a concert in the US. But yeah pick pocketing is much more common in Europe, had people try it twice there. Once in Milan and once in Barcelona.
The big target here now is music festivals where teams will rove looking for vulnerable/inattentive people and get into their pockets or bags and bolt.
Someone tip toed carefully into my house while I was sleeping in it, in the Mission near Valencia St., and cat-burgled* my wife's phone off her nightstand, at around 3am. We have some pictures of his legs (?) that he took in some bathroom later that evening. Finally it winds up pinging its location at a Mission phone repair shop, which of course the guy there is saying he has no idea what we're talking about and maybe the phone is "upstairs."
We didn't report, because last time I reported someone breaking into my garage, the two SFPD officers were talking about people interested in my "printer." Nothing was stolen, because it woke me up and I yelled at them from above.
I don't really know what the economy is around stolen phones. It surely exists. I don't know why you would want to die on this hill of ignorance. It's a quintessentially social media thing to do! You have no dog in this race.
There have been recent stories about how thieves were looking at people entering their passcodes into their phones, snatching the phone when it was unlocked and using the pin to disable iCloud/Find My.
...You can't use the device PIN to disable iCloud. You have to put in the iCloud password. And you really do have to put it in; even if the iPhone is unlocked, security features like that always require the password.
I think they were doing something like going to settings -> Apple ID try to change the password incorrectly many times (or something like that). That would basically lock you out of your own iCloud account (at least for a while) so you couldn’t lock or track it via find my.
I recommend using the “Screen Time” feature on iPhones to protect against this. You can basically set a _different_ 4 digit pin to access some of the settings of the iPhone, including the Apple ID one. (The setting becomes grayed out and inaccessible until you disable screen time).
So it’s possible, and there’s countless articles explaining how.
But at face level… your phone is so personal that it’s pretty easy to mess with basically all of your life.
When you have someone’s unlocked phone, you can usually get access to their emails, and use that to reset most accounts. Finances, social, emails, often work etc.
This is exactly how it works. If a thief knows the passcode (be it numerical or more complex), he can change your iCloud Account password without knowing the current password and disable Find My without.
Apple acknowledges this and seem to be ok with it [1].
Your sample size is pretty small. That said, the self-selecting population of people whose phones were parted out in the bug report have the exact opposite experience.
If that were true, Apple would only require the replacement part to be verified, but they also require the device receiving the part to be verified. That's the "pair" in "pairing".
Not speculation at all. I can tell you for certain this is what they're trying to combat.
The "require the device receiving the part to be verified" is just a consequence of how it's currently implemented. There are ways to implement this without the need to do per-device pairing, but doing so in a secure way is quite difficult. I suspect they'll eventually remove the requirement to pair devices using system configurator, if only because this removes the need to have chat assistance with pairing. That's costing them money to have a call center, and they want to avoid it I suspect.
> I can tell you for certain this is what they're trying to combat.
> There are ways to implement this without the need to do per-device pairing, but doing so in a secure way is quite difficult.
Is this based on first-hand knowledge? I'm skeptical on both fronts because I neither see any evidence this is what's being combatted, nor do I see the technical difficulty of being able to self-authorize your phone's parts to be used in repairs.
Sure it takes some engineering effort to get there, but I wouldn't expect it to be particularly challenging from a technical point of view. The phone is already linked to a user account, and the phone's parts are apparently already linked to the phone that's currently using them.
So, the technical challenge is related to managing the following things (all simultaneously):
* Apple wants to make sure components in an authentic phone are not capable of being stolen and resold (this is a problem today, even with the pairing, although it is less valuable due to pairing)
* Apple wants to make sure that if you change components, that the replacement component is authentic
* Apple wants to make sure that if you change components, that the replacement component is not stolen
I can't comment on specific implementations, but allowing users to just re-pair devices in the current state would not allow the above 3 goals to be met. By restricting who has access to the pairing tools, they can achieve those 3 with the downside being obviously it leads to a crappy user experience for repair.
If you send a permanent unlock code for parts being re-used in a repair, then that fully accomplishes 2 and 3 and almost entirely accomplishes 1. With no need to know anything about the host device.
And brand new parts could lock themselves to the first device they're put into.
It wouldn't be ideal for repair but it would be much better.
My point is that Apple currently does not appear to have tight control over the serial numbering or whatever on the external components (display, etc) in a truly secure way. If you let anyone re-pair devices, then that opens the floodgates to 3rd party vendors being able to make devices that appear as 'authentic' components, which does not accomplish #2.
As it stands today, you can already use any random components, you'll just get a pop-up telling you it can't be authenticated.
The problem, as I see it, with having a method to 'pair' and 'unpair' components right now... is that I don't think Apple is really doing anything too special to 'pair' devices. My guess is they're just using a serial number of the device (display, camera, whatever) and making sure that serial matches the what is programmed into the mainboard. If you allow any random person to change the paired serial number for say, the display, then you no longer have any guarantee that the new display is actually an authentic device. Maybe someone aftermarket makes a bunch of devices with 0xDEADBEEF as the serial number so you just always pair that.
If Apple knows that serial number 0x12345678 was sold to you, and that it is the component you want to install, then they have a guarantee that this part is authentic and should work properly.
So, Apple needs a way for you to pair a serial number, but also that the serial number you're pairing is authentic. I'm not sure they have the second piece today.
The rationale of putting engineering time into developing sophisticated anti-repair schemes instead of selling spare parts directly under some threat of a part black market is completely bonkers to me.
Sorry, I'm not buying it, this is Apple protecting their exclusive repair turf and nothing else.
It seems pretty easy to implement the "unpair" functionality you ask for.
If "Find My iPhone" (the anti-theft subsystem) is disabled, then the serial numbers for all the parts could be sent to an Apple database, and/or the components could have a "ready to be re-used" bit set that caused them to factory reset themselves if the phone they're plugged into changes (so any state on the re-used thing wouldn't somehow leak into the other phone).
I'm not sure how to define "phone they're plugged into" though. Whatever board has the NAND + security coprocessor on it, maybe?
That does sound like a pretty good solution, if it can be done for a broken phone. The major issue I see is that refurbish companies are already complaining about "bricked" MacBooks, because nobody actually cared enough to ensure that those laptops where reset before being sold. I don't see the same industry being capable of guiding users through resetting permissions for spare parts.
A better solutions is to take the direction FairPhone has chosen and make the things that break user-serviceable and offer the parts for sale on Apples own website. If the issue is that phones are being stolen and sold for parts, just flood the market with cheap parts. The new iPhones are absolutely massive, so I'm not buying that you can't make them a bit thicker and allow a user to take them apart. How many people use their phone without a cover anyway?
If Apple is serious about being more environmentally friendly, then make a user serviceable phone. Not replacing your phone because fixing it is either impossible or impossibly expensive is going to have a much bigger impact than buying carbon credits for people who charge their watch. My best guess is that Apple is so obsessed with just-in-time production and so hostile to the idea of stocking parts, that they can even see the potential benefits.
According to iFixit, they've solved the "this is physically hard to repair" problem. Also, Apple aggressively recycles components, and is making bold claims about carbon neutrality of manufacturing this release cycle. On top of that, the cost of repairs is dramatically lower for the new models (again, according to the iFixit article).
So, I think those issues are mostly fixed, or at least best-in-class.
The problem of "I bought your laptop, but you didn't disable anti-theft" is questionable. Here's how to sell a macbook so that it can be used by the purchaser and so that your data is wiped:
It takes 4 clicks (and probably a password entry), and it's easy for the purchaser to confirm it was done before forking over cash (assuming they turn on the machine to confirm it can POST). If the seller forgets to do this, they can initiate the wipe + unlock remotely via iCloud.
Apple parts are pretty cheap already, so that's not the issue either.
As far as I can tell, all the complaints boil down to people wanting to fix phones without Apple's authorization. Its a valid complaint, but it only really impacts independent repair shops at this point.
I'd also like to see better support for third-party replacement parts (like with PC's), but I don't think there is any realistic market demand for that, and it is not what people are asking for.
I would be surprised if Apple does what you suggested, but I do think it's an excellent suggestion, thank you. It just won't be a priority unless some sort of legislation forces their hand.
You can try to push that as a marketing strategy, but I would say the share of the market that looks for smartphones specifically because they are less of a target for theft is minuscule, the reason being because nobody shop for phones thinking about getting robbed. They shop mainly guided by ecosystem (android Vs ios) brand perception (how good their aftersales support is), budget and cost-effectiveness. In this sense, device lockdown is clearly a anti-consumer practice, not pro-consumer.
You can do a search and you'll find many articles and comments about how back in the day people were warned not to wear the white iPod ear buds as not to be a target for thefts.
> West Midlands police have issued a stark warning to iPod users: ditch the white headphones or pay the price.
Earpods and phone parts in this context are fundamentally different because earpods are a peripheral whereas cameras, batteries and such are components for an embedded system. I can't see how they apply to the discussion.
...people weren't stealing ear pods the were stealing iPods. The theft of Apple products is a legitimate saftey concern. By preventing a market for stolen iPhones (ie to be cannibalised for parts) they are increasing the safety of their users.
> nobody shop for phones thinking about getting robbed
I don’t know the safety situation of where you live but I literally had this conversation with friends two weeks ago where we loved the idea that the iPhone is a better purchase because it’s less prone to theft (because of the reasons GP mentioned).
Enough for non-anecdotal people to shift their entire ecosystem to a diffent brand? People in general won't just switch from Android to iPhone because "filthy criminals are after my brand new phone for parts". If apple wasn't going to lock their parts and Samsung would, people would still keep buying iPhones.
If iPhones didn’t have that protection, but Android phones did, would you and your friends switch to Android and love the idea that Android phones are the better purchase?
> (If anyone at Apple is reading this: ffs, allow the legitimate owner of a device to "unpair" all components in their phone in iCloud so that legitimate second-hand shops can strip a broken device at least for its parts)
If you've lived in certain places, you'd know this isn't a solution at all.
Thieves will start holding people at gunpoint forcing you to unpair it all while they wait.
So if they can already do that, they'll just sell the whole unlocked phone and not worry about parts? Unless it's broken to the point of being unsellable, I guess
That's a good point. You're right -- since you can already force someone to unpair, being able to unlock the individual parts isn't going to make a difference. Thanks.
They can already "unpair" the phone by removing it from iCloud, as you say. The phone could simply check whether the serial number on a part is already associated with an iCloud registered device and if not, allow it to pair. Fairly obviously, they don't do this because it would reduce the demand for their parts, which is a multibillion dollar business.
> iCloud locks or Samsung's KNOX lock entered the field because the manufacturers were pretty pissed that customers using their devices in public became a target for "enterprising" robbers who'd factory-wipe the devices and flip them to a pawn shop or second-hand store in a matter of half an hour.
It wasn't just the manufacturers who were pretty pissed at that. Minnesota passed a law requiring smartphones to have a kill switch that would allow the owner to remotely render the phone inoperable [1]. Then California did, with the California law also making kill switch support be turned on by default. Those laws have been in effect since mid 2015 and were quickly followed by a huge drop in smartphone thefts.
Phone theft is also a big deal at music festivals. Last year an entire backpack full of phones was recovered. People who lose them either never hear from them again, or see them in Find My as a brief blip somewhere hundreds or thousands of miles away. Sometimes they're shucked on site and all you find is your empty phone case on the ground.
It's already awful to lose your phone, but even more so when you're at a multi-day event you paid hundreds to attend.
>That cut down on a lot of the robbery bullshit, but then criminals simply found new buyer classes - they'd simply part stolen devices out and resell everything but the iCloud/Knox/whatever locked mainboard. Displays, cameras, speakers, batteries, flex cables, cases, everything.
This would be way less valueble to do if the companies just sold the parts are reasonable prices.
The extreme ways fixers have to go to to source parts for legitimate repairs concerns is insane.
The entire reason there even is a whole ecosystem of people picking apart phones in Shenzen is because it's so darn difficult to source it any other way!
I agree, and I think there's a compromise. Allow the pairing of harvested parts, but also allow users to report their unit as "stolen" so the parts can't be paired.
However, this is probably fraught with problems that Apple doesn't want to deal with. Users will want to know if someone tried to pair their parts and they'll be hit with a large number of subpoenas daily from people who want to know which repair shops had their stolen phones.
If Apple has a record of the individual serial numbers on parts contained in each phone, that seems like a wonderful way of backtracking stolen phone parts to the thieves.
"Oh you're trying to replace your phone screen with one from a stolen item. Please provide your contact details so we can pass that on to the police."
How much were you paid to shill Apple for this top post?
If this were a real issue, then I as the device owner should be able to toggle this on and off as needed. But that hits deeper, since this is a device that's being sold as "purchase" when I don't have real control - Apple does.
At best, this is a rental being mis-advertised as a purchase.
> How much were you paid to shill Apple for this top post?
Unfortunately, I don't get paid by anyone except my employer lol. 16k HN and 160k Reddit karma points in about a decade isn't exactly influencer-worthy.
> If this were a real issue, then I as the device owner should be able to toggle this on and off as needed.
Phone theft is a real issue, even in places not suffering from open street markets with people fencing stolen shit, like London [1].
Absolutely not. The cases for repairs vastly outnumber the cases for theft to a degree it isn't comparable in the slightest. This should be the basis for any honest discussion.
Not putting that in perspective cannot lead to sensible considerations.
Well I think you hit the nail on the head. They aren’t working on the most important aspect of the puzzle (your last point), not because they aren’t reading HN comments, but because that would have a very negative effect on their bottom line.
Or they could just sell official replacement screens for $50. The price of an entire budget smartphone. Thefts of iPhones would plummet. The phones would be worth more to consumers. A small drop in sales perhaps due to more repairs.
It's really stupid. How many people get their devices not stolen vs stolen. I would bet 99% is conservative? sounds like an excuse to just make it harder to repair and make the product useless much earlier.
Even if that's their motivation, doing that is still a terrible practice at least in the way they're doing it. It's certainly one of the big reasons why I won't buy these devices.
That cut down on a lot of the robbery bullshit, but then criminals simply found new buyer classes - they'd simply part stolen devices out and resell everything but the iCloud/Knox/whatever locked mainboard. Displays, cameras, speakers, batteries, flex cables, cases, everything.
So now, at least Apple is tagging the most "valuable" parts in new phones, simply to make stealing them unattractive for thieves, which frankly sucks but is necessary because it's a public safety issue.
(If anyone at Apple is reading this: ffs, allow the legitimate owner of a device to "unpair" all components in their phone in iCloud so that legitimate second-hand shops can strip a broken device at least for its parts)