I went to the Apple “Genius Bar” today to get my iphone screen repaired (it shows only a white screen). They told me I need to disable the “find my iphone feature” before they can start the repair. This requires me to confirm it on the phone itself - which does not work due to the broken screen. So the apple staff handed me a “Showcase iPhone” of the apple store which had a “apple support” app on which I need to enter the password of my phone. I have no idea what this apple support app is doing or if it is legitimate at all (ass this is a show phone where many people have access to). I ended up leaving without repairing the phone and now consider to go to an unofficial screen repair shop. From a security point of view that does not look like a very good approach. Any thought on this?
There is a discussion on Hacker News, but feel free to comment here as well.
That’s not the question posted though. The person accepts that their data is in their custody, with a degree of protection offered by the password. We can debate how flimsy that protection is, but that point is never raised because the store asked for their password, without telling them why.
What sort of bullshit excuse would there be to require an unlocked, untraced phone to fix a broken screen? Replace the screen, boot the phone. Does the new screen show all the pixels? Call the customer in and have them look at it. Done.
It’s beyond me how one can defend the store behavior.