> Their entire claim of a horror story relies on having physical access and the passcode, which would be game over on basically any device anyway.
If i understand correctly, prior to 11, you needed to know the iCloud password to, say, remove Activation Lock. Now, you don't need iCloud password, just device password (and physical access of course).
It's a significant drop in security, and not just in a theoretical sense ,if only because people enter their device passcodes a lot more than they do their icloud passwords (which makes them tend to be easier to guess and easier to capture).
and yet Apple asks for your passcode and puts it on their repair database if you take it in. no idea how many of your other accounts their repair people use your phone to compromise. I'm guessing it's low but it's not impossible to believe some repair technician with your phone's passcode might use your phone to access other accounts
This one always irks me. If I know that my phone needs a repair, I’ll always back it up and do a fresh install before bringing it in. It’s a huge hassle and I get the impression that not many people even think about it.
Can you do that if the phone won't start because some defect? Is the same with a laptop, if it won't start you can erase the drive without opening it before sending it for repair.
To be fair you can always deny to give it out to the techs, it's just less convenient for you to do so. I don't think they will refuse to repair your device if you do not give up your passcode.
I've taken multiple devices in for multiple repairs, and I've never had an Apple Genius ask for a PIN, passcode, or password. Every single time they ask me to unlock the device and are careful to look away while when I need to enter my iCloud password to disable FMI/Activation Lock.
They do? I've had the screen replaced on a few, and they always have me unlock it myself. Are they capturing my input somehow? I've never verbally provided any passcode to an Apple store employee.
If i understand correctly, prior to 11, you needed to know the iCloud password to, say, remove Activation Lock. Now, you don't need iCloud password, just device password (and physical access of course).
It's a significant drop in security, and not just in a theoretical sense ,if only because people enter their device passcodes a lot more than they do their icloud passwords (which makes them tend to be easier to guess and easier to capture).