undefined | Better HN

0 pointstgsovlerkhgsel3y ago0 comments

The question I always ask to figure out how things work: What happens if I lose my phone?

Vendors trying to peddle a solution will always try to answer this question in a way that doesn't say "well in that case you're screwed" and any answer except "you're screwed" means there is some kind of potentially-vulnerable recovery process, and the description of how the process works usually gives you an idea of how secure it is (or at least a starting point to ask more questions).

0 comments

olliej3y ago

If you lose your phone (and all other devices you might have), apple does have a secure (as in apple cannot access it) last ditch recovery path (see my other wall of text/word soup answer).

But in the absence of that the data is gone - it's one of the big concerns that come up in response to "E2E everything": people are not used to the idea that forgetting your password (or losing devices in a 2fa world) means the data is actually irrecoverable and it's not just a matter of reseting the account password (e.g. you can't go into a store with your ID to "prove it's you" because that isn't the problem)

j / k navigate · click thread line to collapse

0 comments

olliej3y ago

If you lose your phone (and all other devices you might have), apple does have a secure (as in apple cannot access it) last ditch recovery path (see my other wall of text/word soup answer).

j / k navigate · click thread line to collapse