Eh, the NFC chips in Apple devices are very capable. If Apple opened them up to everyone, you would see half a dozen “clone your access card” app a day later.
It’s easy to say that it’s not Apple’s problem if people use horrifically insecure RFID and NFC access systems. But I doubt the media, or the lawyers for any office block, would see it that way. The headlines basically write themselves “iPhone used to hack into secure government facilities” or something silly like that. Just look at the uproar the Flipper Zero created in Canada[1]. Now imagine if you could do that with an iPhone (which has most of the hardware needed) by simply downloading an app. Not a chance in hell Apple is gonna let their products be used like that (heck the AirTag stalking debacle demonstrates how silly the reaction can be when there’s an opportunity to roast Apple over an open flame).
It would be great if all this stuff was open but the reality of the situation is that RFID and NFC standards are trash, and even when there is a secure “standard” (I’ve yet to see any evidence that manufacturers actually aim for any kind of cross compatibility, even when following a standard), access control manufacturers haven’t bothered using them.
> Just look at the uproar the Flipper Zero created in Canada[1]. Now imagine if you could do that with an iPhone (which has most of the hardware needed) by simply downloading an app.
iPhone users should be able to do that if they have any semblance of control over the hardware they bought. If MacOS supports SDR without any issues, and Apple's own implementation of NFC is good enough, I think this is a silly argument. Enabling NFC access does not turn an iPhone into a Flipper Zero any more than it does with Android, the argument is moot.
If the best reason we can muster is "it would make Apple look bad" then we might as well have put the Magic Keyboard and USB-A/HDMI ports in the garbage and withdraw Apple from the EU economic zone. Apple is perfectly capable of adapting to changes that do not align with their insular and stubborn worldview. Some would even say these changes improve their products.
> If Apple opened them up to everyone, you would see half a dozen “clone your access card” app a day later.
Android devices use the same chips, and any access card that can be trivially cloned by any device, consumer or otherwise, doesn't deserve to be called that.
> It would be great if all this stuff was open but the reality of the situation is that RFID and NFC standards are trash
You clearly have no idea what you are talking about. What's broken isn't the entire ISO 14443 stack, but rather some legacy implementations. This is like saying "TLS is trash", because some old versions supported RC4 and DES 56 bit at some point.
> Just look at the uproar the Flipper Zero created in Canada
People create uproars about things they don't understand every day.
It’s easy to say that it’s not Apple’s problem if people use horrifically insecure RFID and NFC access systems. But I doubt the media, or the lawyers for any office block, would see it that way. The headlines basically write themselves “iPhone used to hack into secure government facilities” or something silly like that. Just look at the uproar the Flipper Zero created in Canada[1]. Now imagine if you could do that with an iPhone (which has most of the hardware needed) by simply downloading an app. Not a chance in hell Apple is gonna let their products be used like that (heck the AirTag stalking debacle demonstrates how silly the reaction can be when there’s an opportunity to roast Apple over an open flame).
It would be great if all this stuff was open but the reality of the situation is that RFID and NFC standards are trash, and even when there is a secure “standard” (I’ve yet to see any evidence that manufacturers actually aim for any kind of cross compatibility, even when following a standard), access control manufacturers haven’t bothered using them.
[1] https://arstechnica.com/security/2024/02/canada-vows-to-ban-...