right to repair

You can now access Apple’s official diagnostics tool online for DIY repairs

Apple, IPhone, Mac, MacBook, repairability, right to repair, Tech / DJ Henderson / December 13, 2023

repairability —

Parts pairing still irks right-to-repair activists, though.

Scharon Harding – Dec 13, 2023 11: 20 pm UTC

The front of the iPhone 15 Plus, with the Dynamic Island — Enlarge / The iPhone 15 is part of Apple’s self-repair program now.

Samuel Axon

Apple today expanded the Self Service Repair program it launched in April to include access to Apple’s diagnostics tool online and the iPhone 15 series and M2 Macs.

The online tool, Apple said in today’s announcement, provides “the same ability as Apple Authorized Service Providers and Independent Repair Providers to test devices for optimal part functionality and performance, as well as identify which parts may need repair.” The troubleshooting tool is only available in the US and will hit Europe in 2024, according to Apple.

Upon visiting the tool’s website, you’ll be prompted to put your device in diagnostic mode before entering the device’s serial number. Then, you’ll have access to a diagnostic suite, including things like a mobile resource inspector for checking software and validating components’ presence, testing for audio output and “display pixel anomalies,” and tests for cameras and Face ID.

Apple’s support page says the tests may “help isolate issues, investigate whether a part needs to be replaced, or verify that a repair has been successfully completed.”

The tool requires iOS 17.0 or macOS Sonoma 14.1 and later.

Apple’s Self Service Repair program relies on parts pairing, though, and critics say this limits the tools’ effectiveness. Self-repair activist iFixit has been vocal about its disagreement with Apple’s use of the practice since the tech giant launched its self-repair program. iFixit has argued that parts serialization limits the usage of third-party parts. In September, iFixit CEO Kyle Wiens called parts pairing “a serious threat to our ability to fix the things we own,” noting that Apple may be seeking to strong-arm a favorable customer experience but that it’s costing us the environment and “ownership rights.”

In a statement to Ars Technica today, Wiens expressed further disappointment with Apple’s parts serialization:

Apple still has a long way to go to create a robust repair ecosystem, including ending their repair-hostile parts pairing system. This software tool clearly illuminates the problems we’ve identified with parts pairing, where the diagnostic tool fails to recognize the ambient light sensor in a new part we’ve installed.

Users of Apple M2-based MacBook Pro and MacBook Air laptops, as well as the Mac Mini, Pro, and Studio, are now all included in the program, which gives customers access to tools, parts, and manuals previously only accessible by Apple and authorized repair partners. Customers can also rent tool repair kits, although they, too, have been criticized for their bulkiness and limited rental period.

Since launching its repair program, though, Apple has made a turnabout with user repairability, even if it’s still flawed. With the latest additions, Apple’s program now supports 35 products. The company has also become an unexpected proponent for state and national right-to-repair bills. And it’s simplified repairs via its Self Service Repair program— somewhat—by no longer requiring fixers to call Apple upon repair completions. People can instead verify repairs and update firmware with the System Configuration post-repair software tool. Today, Apple also announced bringing the program to 24 new European countries, bringing the program’s total to 33 countries.

Apple still says its repair program is best reserved for people who are experienced with electronics repairs.

You can now access Apple’s official diagnostics tool online for DIY repairs Read More »

Trains were designed to break down after third-party repairs, hackers find

DRM, gps tracker, Newag, Poland, Policy, right to repair, trains / DJ Henderson / December 13, 2023

Unlocking the secret —

The train manufacturer accused the hackers of slander.

Ashley Belanger – Dec 13, 2023 10: 14 pm UTC

Enlarge / Dragon Sector uploaded a video to social media after discovering an “undocumented ‘unlock code’ which you could enter from the train driver’s panel” fixed “mysterious issues” impacting trains in Poland.

An unusual right-to-repair drama is disrupting railroad travel in Poland despite efforts by hackers who helped repair trains that allegedly were designed to stop functioning when serviced by anyone but Newag, the train manufacturer.

Members of an ethical hacking group called Dragon Sector, including Sergiusz Bazański and Michał Kowalczyk, were called upon by a train repair shop, Serwis Pojazdów Szynowych (SPS), to analyze train software in June 2022. SPS was desperate to figure out what was causing “mysterious failures” that shut down several vehicles owned by Polish train operator the Lower Silesian Railway, Polish infrastructure trade publication Rynek Kolejowy reported. At that point, the shortage of trains had already become “a serious problem” for carriers and passengers, as fewer available cars meant shorter trains and reduced rider capacity, Rynek Kolejowy reported.

Dragon Sector spent two months analyzing the software, finding that “the manufacturer’s interference” led to “forced failures and to the fact that the trains did not start,” and concluding that bricking the trains “was a deliberate action on Newag’s part.”

According to Dragon Sector, Newag entered code into the control systems of Impuls trains to stop them from operating if a GPS tracker indicated that the train was parked for several days at an independent repair shop.

The trains “were given the logic that they would not move if they were parked in a specific location in Poland, and these locations were the service hall of SPS and the halls of other similar companies in the industry,” Dragon Sector’s team alleged. “Even one of the SPS halls, which was still under construction, was included.”

The code also allegedly bricked the train if “certain components had been replaced without a manufacturer-approved serial number,” 404 Media reported.

In a statement, Newag denied developing any so-called “workshop-detection” software that caused “intentional failures” and threatened to sue Dragon Sector for slander and for violating hacking laws.

“Hacking IT systems is a violation of many legal provisions and a threat to railway traffic safety,” Newag said, insisting that the hacked trains be removed from use because they now pose alleged safety risks. Newag’s safety claims are still unsubstantiated, 404 Media reported.

“We categorically deny and negate Newag’s uploading of any functionality in vehicle control systems that limits or prevents the proper operation of vehicles, as well as limiting the group of entities that can provide maintenance or repair services,” Newag’s statement said. According to Newag, Dragon Sector’s report shouldn’t be trusted because it was commissioned by one of Newag’s biggest competitors.

Dragon Sector maintains that the evidence supports its conclusions. Bazański posted on Mastodon that “these trains were locking up for arbitrary reasons after being serviced at third-party workshops. The manufacturer argued that this was because of malpractice by these workshops, and that they should be serviced by them instead of third parties.” In some cases, Bazański wrote, Newag “appeared to be able to lock the train remotely.”

Newag has said that “any remote intervention” is “virtually impossible.”

Lawsuit threats fails to silence hackers

Dragon Sector got the trains running after discovering “an undocumented ‘unlock code’ which you could enter from the train driver’s panel which magically fixed the issue,” Dragon Sector’s team told 404 Media.

Newag has maintained that it has never and will never “introduce into the software of our trains any solutions that lead to intentional failures.”

“We do not know who interfered with the train control software, using what methods and what qualifications,” Newag said. “We also notified the Office of Rail Transport about this so that it could decide to withdraw from service the sets subjected to the activities of unknown hackers.”

Dragon Sector and SPS have denied interfering with the train’s control systems.

While Newag has contacted authorities to investigate the hacking, Janusz Cieszyński, Poland’s former minister of digital affairs, posted on X that the evidence appears to weigh against Newag.

“The president of Newag contacted me,” Cieszyński wrote. “He claims that Newag fell victim to cybercriminals and it was not an intentional action by the company. The analysis I saw indicated something else, but for the sake of clarity, I will write about everything.

Newag president Zbigniew Konieczek said that “no evidence was provided that our company intentionally installed the faulty software. In our opinion, the truth may be completely different—that, for example, the competition interfered with the software.”

Konieczek also accused Cieszyński of disseminating “false and highly harmful information about Newag.”

404 Media noted that Newag appeared to be following a common playbook in the right-to-repair world where manufacturers intimidate competitor repair shops with threatened lawsuits and unsubstantiated claims about safety risks of third-party repairs. So far, Dragon Sector does not appear intimidated, posting its success on YouTube and discussing its findings at Poland’s Oh My H@ck conference in Warsaw. The group is also planning “a more detailed presentation” for the 37th Chaos Communication Congress in Hamburg, Germany, at the end of December, The Register reported.

Because of the evidence gathered during their analysis, the Dragon Sector team has doubts about whether Newag will actually follow through with the lawsuit.

“Their defense line is really poor, and they would have no chance defending it,” Kowalczk told 404 Media. “They probably just want to sound scary in the media.”

Trains were designed to break down after third-party repairs, hackers find Read More »