She Sent Her iPhone to Apple. Repair Techs Uploaded Her Nudes to Facebook (2021)

Original Article ↗ Hacker News Discussion ↗

Passcodes and Device Repair

  • Many commenters are uncomfortable that repair shops routinely ask for device passcodes, especially for basic hardware work (screen, battery).
  • Some users always refuse; shops typically proceed anyway, sometimes warning they can’t fully test or will need the owner present to complete settings.
  • A former phone repair tech explains they request passcodes mainly to test screens and touch input after repair. Their shop offered: wipe beforehand, share the PIN, or accept unverified repairs.
  • Others describe vendors (including Apple Stores) asking for iOS passwords or even Mac root passwords, which they now see as unacceptable.

Technical Limitations and “Repair Mode”

  • Several people note that stock Android and iOS traditionally lack robust pre‑boot diagnostics, making testing without unlocking hard.
  • Comments highlight newer “repair modes”: Samsung (since ~2022), Pixels (similar features), and Apple’s “repair state” added in iOS 17.5.
  • There’s confusion and disagreement in the thread about how long Apple has had this feature and how visible it is.
  • Some argue Apple should make repair mode part of the standard intake process so users never hand over passcodes.

Privacy Abuse in the Repair Industry

  • Multiple anecdotes describe techs snooping through photos and files, treated informally as “normal” behavior in some shops.
  • A cited study in Canada found most repair providers ask for OS passwords, many store them insecurely, and a significant minority opened private photos on test laptops.
  • Older examples from photo labs copying nude prints underscore that this predates digital devices.

Legal and Ethical Responses

  • Strong views that this kind of access‑abuse is sexual exploitation akin to voyeurism or hidden cameras, deserving severe criminal penalties.
  • Others favor a distinction: private snooping as serious but not on par with distributing nudes; argue prison is an extreme punishment with limited deterrent effect.
  • Suggestions include both criminal charges and civil penalties that could shutter unethical repair shops.

User Practices, Features, and Threat Models

  • Some now factory‑reset devices before repair and rely on cloud backups, though others see storing everything in the cloud as its own risk.
  • Users discuss hidden/secure app folders, repair mode, and “Guided Access”/app pinning for limiting exposure when handing over devices or to kids.
  • Extended debate over FaceID vs passcodes, law‑enforcement access, and “rubber‑hose” scenarios, with some avoiding biometric unlock entirely.