Friday, February 9, 2024

Apple Lobbying Against Right to Repair

Jason Koebler (Hacker News):

An Apple executive lobbied against a strong right-to-repair bill in Oregon Thursday, which is the first time the company has had an employee actively outline its stance on right to repair at an open hearing. Apple’s position in Oregon shows that despite supporting a weaker right to repair law in California, it still intends to control its own repair ecosystem. It also sets up a highly interesting fight in the state because Google has come out in favor of the same legislation Apple is opposing.

“It is our belief that the bill’s current language around parts pairing will undermine the security, safety, and privacy of Oregonians by forcing device manufacturers to allow the use of parts of unknown origin in consumer devices,” John Perry, Apple’s principal secure repair architect, told the legislature.

Maybe stop making app launches phone home to Cupertino before telling us how much you care about privacy.


9 Comments RSS · Twitter · Mastodon

Lorena Insumos

Apple has shown over and over that privacy is an important consideration in their product design. They have focused on encryption (Advanced Data Protection, iMessage, FaceTime), user choice (App Tracking Transparency, camera and microphone indicators, privacy labels) and on-device processing (Siri, Photos, Journal, autocorrect) to a far greater degree than their peers. Google and Microsoft ecosystems offer no comparison.

You’re allowed to complain about app launches contacting Apple servers for notarization all you want, even though there’s no way it could matter less, but those facts are not changed. What degree of perfection would be enough for you to be satisfied with Apple claiming that they care about privacy?

@Lorena It’s not related to notarization. It affects apps that aren’t notarized, as well as subsequent launches (whereas notarization is only the first). They were transmitting the data in the clear and logging IP addresses. And it should never have been designed this way in the first place—why not send banned hashes to the Mac? It speaks to dysfunction that this ever shipped. Honestly, the way Apple handled this—promising a fix and then deleting evidence of said promise without comment—has really poisoned my opinion of their motives. Because here’s something that they said they were going to do, and which would be easy to do, and yet they won’t do it. (And don’t forget that they’re currently being sued over a broken iOS opt-out switch for sending data back to Apple.)

Also, I think it’s logically incorrect to say that because A, B, and C were good for privacy that means they get to play the privacy card to justify everything they do. Advanced Data Protection, iMessage, and FaceTime are certainly wins (though note that until recently with ADP iMessages were stored in backups accessible to Apple). I think App Tracking Transparency was more about hurting Facebook than providing value to customers. Privacy labels are of questionable value (because they aren’t and can’t be audited) and may actually hurt. Both are about marketing rather than actual privacy. The fact that Apple pretends the privacy labels work decreases my opinion of their privacy efforts. Siri’s on-device support is incredibly minimal—it can’t even create reminders—and for a decade or so didn’t support features that had previously worked on-device.

Give me a break. Privacy labels are a complete joke. A lead from Facebook or Google ads is evil but of course it’s fine when Apple does the same thing and fills the App Store with Search ads trash.

Apple sucks so bad at search devs are throwing boatloads of cash their way to show up in the results because you gotta fight the scammers, include what your app does in the app name and subtitle itself, keyword spam just to try to be seen. Meanwhile Apple is collecting all the data and cash on both ends of the sale. We call that double dipping the chip where I’m from.

I like the fact that people are defaulting to thinking about Apple as greedy assholes.

Like when iFixit found the bespoke cable to apples VR headset and their spontaneous reaction was that this could only be explained by greedy asshattery.

It says a lot about what Apple had become.

@Lorena Insumos Cory Doctorow has a wonderful screed just for you. I think other comments have already elucidated very well on the particular examples you gave.

To answer the question you pose in your second paragraph—that is, what should Apple do to mitigate the legitimate criticism of the OCSP hole—well, that's easy: give the user total control over every automatic connection that is made to any host anywhere beyond the network the machine is on, unless local infrastructure or policy demands otherwise. If it can't be turned off, it's not private. Tell the user how much they'll regret doing it, if necessary, but make it possible.

This, of course, they will not do. They're a services company now–just like Google, and Microsoft. :(

Does "right to repair" include source code? I think it should.

Why single out hardware?

If you want “right to repair” for software there is already an entire movement dedicated to that cause. Just run a GNU/Linux distribution. Pretty sure you can install Debian on most laptops distributed in the last decade (probably more).

It isnt practical to expect devs in Apple/windows world to release their source code. People already complain that a 0.99 is too expensive and should be free. Making it easy for anyone to download the code and recompile it basically ensures that 99% of devs will never make any money.

@ObjC4Life Partial agreement. Convenience can beat free (libre), but Open Source has other benefits that are intangible. Perhaps we should focus on making public-good coding comfortable for developers, rather than propping up an industry that absolutely relies on source code being closed to exploit people (including other developers). A world where macOS and Windows were Free Software would certain kill neither Apple nor Microsoft yet would almost certainly be very emancipatory for the entire industry. This, of course, means it won't happen ...

A farmer wakes up one day and her tractor doesn't work. Thanks to the new "Right to Repair" laws, she has all the tools, can buy replacement parts 3rd-party and downloads an up-to-date repair manual...all good.

And then…the problem ends up being a software bug! So sad—have fun with your Tractor-brick!

Leave a Comment