In trial it would really come down to what T-Mobile's response was when their third party affiliate became responsible for this incident.
If T-Mobile did not do anything to enforce any type of protection for their customer and the customer in good faith believed that they were operating with a T-Mobile authorized retailer then T-Mobile could very well be financially responsible for their actions.
It comes down to how well the lawyer can argue the facts of the case and how the facts of the case stand up to scrutiny and what a jury will think of those facts and how they are presented.
Note, I'm not a lawyer, but I have worked with lawyers in a professional capacity and this is not a nothing Burger situation.
There is absolutely zero reason for a carrier employee to have your information to unlock the phone to begin with.
Back it up to iCloud, wipe it, restore the new phone from iCloud during the setup process. Upgrading an Apple device is about the easiest fucking thing to do.
Not an apple device user, but i thought apple phones had a “service mode” or “technician mode” etc that limited access to personal information, for expressly this intent??
How about no need to unlock anything? Why does the phone need to be unlocked at all or at least why are people not backing up locally then wiping in advance of any servicing?
We have a tech literacy problem. We should strive to teach all who are willing to learn, and refrain from demonizing those who screw up. But yeah… Hopefully this bad experience is the push some users need to hear to take it more seriously.
If there was no lock/unlock, then anyone could duplicate your data to a new device to crack later. Having to unlock the phone means you are explicitly giving the other phone permission to copy your sensitive data (photos, contacts, passwords, etc.).
When I put my current phone in service for the first time, it was because the MOBO died. No way to wipe it.
Anyway, I am too paranoid to trust only “wipe”. That’s like writing your passwords into a book, and then when you need to get rid of it safely, you only forget where you put the book. I prefer factory reset followed by quick set up, installing termux, and running yes "Fuck off, no data for you. " >> file until the storage is full to overwrite as much as I can.
Unfortunately, there’s still some more data in other partitions. From what I can see after doing factory reset, this includes at least: Google account info, timezone, lock screen settings, language, region. But I have no idea what else is there.
So, I just have to hope current Android’s FBE is done safely enough. (Of course, that clearly doesn’t apply to the last part.)
The other weird trick SSD recovery specialists HATE is recording a high-def video and leave it running indefinitely. But i guess thats no good if its not functional
When I had the battery replaced on my old iphone, I turned it off before handing it over to the technician. I didn’t have anything incriminating on it but I would hope they have that service mode.
She was “upgrading” and having the data transferred.
Apple needs to make sure all carriers are never getting anywhere close to this process, this is Apple’s responsibillity to fscillitate and they also need to warn users if they don’t have AdvancedDataProtection (half-ass e2ee but closer to ideal than the alternatives currently outside of the current gold standard -> encrypted local backups) that the they (Apple employees or government) have access to all data uploaded to iCloud so same problem and also even if its ADP, all the metadata names and file info is available. So if you have raunchily named “selfies”, thats fair game.
Apple has already done this. You should never need anyone to help you upgrade at all. Backup to iCloud and wipe the device. Then during setup restore from backup.
It’s easy as fuck. My 6 year old transferred all of his iPad data to his new one on his own.
There’s nothing Apple can do from stopping retarded users from giving their iCloud account information to someone else.
How do iCloud backups work in the context of ADP but also given the “limitations” (exposed metadata, names, dates, etc)? Is the iCloud backup a homogenous or monolithic? I don’t get how that’s reconciled if the backup itself is e2ee…
The fappening wasn’t an iCloud leak. Attackers used user passwords to gain access.
Advanced Data Protection solves this because you can’t access your iCloud from the web without your device unless you turn the protection off. So even if someone has your password, they can’t get into your iCloud without your trusted device.
Nope. You only get this 2 page thing called quick start guide, where one page tells you what button to press to turn on the device, to follow on-screen instructions, and other page tells you not to put the phone into fire and/or attempt to eat it.
I sold phones for several years. ALOT of people have no idea how to do even the first step of what you said. The process was always sell, transfer, wipe, and turn in. Transfer would require a passcode many times while going through the process, and customers would often tell you it to make the process easier. From young to old, they all need help doing that “easiest” thing.
I was going to say, I sold phones a while back too for 5 years. It’s amazing how much stuff people leave on their phones and that you don’t want to see. And yeah, you’re saying they should know but many don’t. Every trade in things specifically says to wipe the device prior to trade in and gives instructions on how to do so.
