Unfortunately this occurred in 2016, long before they added "repair mode" in iOS 17.
But I should mention, I was in the middle of writing a comment along the lines of "apple really needs to add a repair mode to iOS" before going to look it up and realizing that it's actually been there since iOS 17.
For me this highlights another issue with iOS which is it has many awesome features that you just won't know about unless you're a techie that keeps up with the news. One great example is the "hidden folder" feature that allows you to hide sensitive apps in an unmarked folder that when set to it's most secure setting, can only be opened with FaceID and no passcode backup. Along with some other features like preventing the app from showing up in your app switcher.
This is a genius feature but I see very few people with it enabled, mostly because they just don't know it's a thing. Something like this should be front and center when you first setup your device but instead it's a feature so buried that I had to lookup a guide on how to enable it.
And repair mode is equally buried, I had to lookup a guide on how to enable it as well. IMHO Apple really needs to tweak iOS to better surface these features.
> iOS which is it has many awesome features that you just won't know about unless you're a techie that keeps up with the news
Probably the single most useful hidden feature, valuable to parents everywhere, is “Guided Access” mode available through accessibility settings.
It lets you lock the screen to a single app or disable touch entirely (or even by custom region), so that you can hand your device to a kid without worrying they will delete your photos.
They never even really promoted this features in their news updates.
Samsung has this too (not sure about other Androids), it's called "pin app".
It also makes the app come up immediately when your turn on the screen, so it's in front of the lock screen basically (but you can only access that particular app). It's good for showing someone a specific app. I also use it for instant access to my train ticket (QR code on screen on the train company's app). The iOS version sounds better though.
It’s a very confusing and hidden feature. You have to start “deleting” your phone from Find My (which is itself an hidden swipe action) and it’ll tell you that you can’t but you can enable repair mode.
IMO the feature shouldn’t even be in Find My because it’s not really related to finding your phone or activation locking/unlocking it.
>Unfortunately this occurred in 2016, long before they added "repair mode" in iOS 17.
Why isn't showing the user how to enable "repair mode" one of the first things the "genius" does if such a feature exists? In the same spirit as us turning away when a user enters their password.
You can't overwhelm the user with 300 "Here's what you can do with your phone!" tips when they first start it, so maybe something like a push notification every few days telling the user about a couple features.
Repair State isn’t a feature that you need to know about unless you’re having your phone repaired or traded in, at which point you’ll learn about it.
It’s a perfect example of a feature being surfaced exactly as it should be, when needed. Quite a bit of mental gymnastics to twist that into being an ‘issue’.
I disagree. If I take my phone in, I'm going to wipe it first. If someone asks me, I'd say they should do the same.
Now that I know it's a feature, I won't suggest that for iPhone users as backup+restore just sucks. (I know restore is easy, but bank apps, Signal, etc don't get backed up, so it is an annoyance)
The word "easily" is doing some work here, as your scenario is already in the area of "rubber-hose cryptanalysis", where passcodes don't stay private for long either.
Fair enough. The threat model I have in mind here is cops and customs agents violating one's (US) fourth amendment rights. With FaceID they don't need your passcode to unlock your phone. With a passcode, they cannot legally arrest you [yet] for refusing to provide it.
I thought it was common knowledge that for privacy and security you should have FaceID (and before that, fingerprint reader) disabled in favour of a password.
I actually wonder if it’s possible to coerce someone to use Face ID. If you have it set properly it requires your eyes to be open and looking at the phone, so someone can’t use it while you’re sleeping. They would have to hold your eyes up at that point Their hand is in front of your face. And how can someone force you to look in the right direction?
I had a friend a few years back that got taken for close to $50k and this feature would have prevented it.
- He was at a bar and got to talking to one girl.
- There was another girl watching him and his phone and figured out his passcode. The bar was dimly lit so FaceID didn't always work and at some point he entered his passcode and she saw.
- They all left to "go back to their place" and in the process the girls stole his phone.
- Mid ride they kicked him out of the Uber.
- He goes home and realized his bank accounts have all been cleaned out via Venmo and CashApp.
Had those apps been inside the "secure folder", they would have not been able to access them and thus would not have been able to clean him out like they did.
Holding the side button + volume button together until you see the power-off slider also temporarily disables Face ID / Touch ID, requiring the device passcode for unlocking.
You can also set your phone to erase after ten failed passcodes.
Because people willing to hit you with a wrench to recover a password are definitely going to stop when they discover that you actually destroyed the thing they were looking for, thus "getting one over" on them...
Although to be fair, they might just switch to a pistol at that point. After all, you are no longer useful once the data has gone.
Congratulations on discovering XKCD 538 [1]. Depending on your exact threat model (i.e. barring a very surprise attack), this actually can be defended against in many cases, too.
Is there a way to do [2] on Android? I know you can hold the power button and choose Lockdown, but that requires actually looking at the phone, which would be difficult in some situations.
I haven't used an Android phone for more than about 5 minutes in total ever so perhaps someone more informed in that ecosystem can weigh in, but a quick Google did not find a way. It's also worth checking that the same properties of "before first unlock" hold for Android as they do for iPhones even if you can reset it in such a way.
But I should mention, I was in the middle of writing a comment along the lines of "apple really needs to add a repair mode to iOS" before going to look it up and realizing that it's actually been there since iOS 17.
For me this highlights another issue with iOS which is it has many awesome features that you just won't know about unless you're a techie that keeps up with the news. One great example is the "hidden folder" feature that allows you to hide sensitive apps in an unmarked folder that when set to it's most secure setting, can only be opened with FaceID and no passcode backup. Along with some other features like preventing the app from showing up in your app switcher.
This is a genius feature but I see very few people with it enabled, mostly because they just don't know it's a thing. Something like this should be front and center when you first setup your device but instead it's a feature so buried that I had to lookup a guide on how to enable it.
And repair mode is equally buried, I had to lookup a guide on how to enable it as well. IMHO Apple really needs to tweak iOS to better surface these features.