Real security should be real security regardless of corner cases of inconvenience.
Siding with Apple on this 100%.
Non-thinking fans would side 100%. Without an explanation for why Apple doesn't do something less drastic (such as merely clearing the Secure Enclave) or doesn't do it upon booting the iPhone but has to wait until iOS is updated (which is usually rather late), I can only side with them ~80%.
Real security should be real security regardless of corner cases of inconvenience.
Siding with Apple on this 100%.
I also with the caveat that a recovery is available by paying an out of warranty service charge. And from the anecdotes that's not possible to determine. Though since Apple can perform a re-authentication the path exists: even if authorized parts were required to replace the knockoffs (if found to have been used).
Do we know how many people are actually encountering this? Is this an issue affecting a lot of people or is it just something that has the tech press, rumor sites and twitterverse all in a flutter making it look like a bigger deal than it is (especially on a slow news day)?
Real security should be real security regardless of corner cases of inconvenience.
Siding with Apple on this 100%.
Non-thinking fans would side 100%. Without an explanation for why Apple doesn't do something less drastic (such as merely clearing the Secure Enclave) or doesn't do it upon booting the iPhone but has to wait until iOS is updated (which is usually rather late), I can only side with them ~80%.
Are you able to provide a motive for them *not* doing something less drastic?
Non-thinking fans would side 100%. Without an explanation for why Apple doesn't do something less drastic (such as merely clearing the Secure Enclave) or doesn't do it upon booting the iPhone but has to wait until iOS is updated (which is usually rather late), I can only side with them ~80%.
Are you able to provide a motive for them *not* doing something less drastic?
Bricking the phone does seem harsh.
Ultimately my concern is where did the parts come from? If the repair centre isn't Apple authorized the parts can only be second-hand salvage parts, counterfeit, or possibly stolen from the production line.
Are you able to provide a motive for them *not* doing something less drastic?
Bricking the phone does seem harsh.
Ultimately my concern is where did the parts come from? If the repair centre isn't Apple authorized the parts can only be second-hand salvage parts, counterfeit, or possibly stolen from the production line.
No. Not in matters of security. That is exactly what you want to happen when somebody (or maybe even some government) may try to access the data by swapping out a part in the manner that is being discussed here.
Absolutely the way it should be done. Anyone complaining about it hasn't thought thru the possible even if unlikely consequences of it not working that way.
I think it is clear who hasn't thought through the possibilities here...Apple doesn't need to brick the phone, only disable the touch-id system.
-kpluck
Exactly. If unauthorized changes are detected to the Touch ID sensor or to the secure enclave - and they have not been properly initialized by Apple - then the entire subsystem should be disabled. This means no more Touch ID unlocks and no more Apple Pay. This however does not necessitate bricking the entire phone. The user also has a passcode - and that passcode has not been compromised - therefore the phone should remain functional and operate as if Touch ID was simply turned off. No chance of a security breach - and the user should be given a descriptive message advising them to take the phone to an authorized Apple repair center to have a new system board installed (or phone swapped).
*IF* the defect is the result of an unauthorized 3rd party repair, this will be something that the end user has to pay for. If it's a hardware defect in the original phone, Apple will fix it for free.
The article is a joke. It is the authors speculation that there may be no recourse other than buying a new phone - not a statement from Apple. What a ridiculous assumption to make! There's no way that is true as can be inferred from Apples actual statement.
How many people can possibly be affected by this in the first place?
I would say that anyone who paid a third party for a Touch ID sensor repair should be entitled to a refund - but I also can't imagine a repair shop would have attempted more than 1 such repair because it would be immediately obvious that the repair was unsuccessful. For the same reason, I can't imagine there are very many people who were actually affected by this. The group is probably too small to even get class action status and Apple will probably go ahead and get them operational again for free - or perhaps for the cost of the original repair.
As for voiding the warranty - if the phone were still covered by Apple's warranty, why would they be paying someone to do the repair in the first place?
I see this whole story as a gigantic non-event. Just another extremely minor issue that is blown way out of proportion to generate clicks and controversy.
Why not fix the problem by having iOS wipe out the data in the secure enclave/Touch ID, thus ensuring the data is not compromised instead of bricking it? Or at least let the phone work without use of Touch ID (yikes, it'd be like using an iPhone 5). Yes, this would allow non-Apple authorized repairs to actually succeed and possibly deprive Apple of a bit of revenue.
As for the person quoted in the Guardian article that lost all of his/her data: backup your stuff! Data-wise this is no different than losing your iPhone. Apple makes it so easy to backup and restore that there should be no excuses. If you value the information then back it up.
The problem is that doesn't deter thieves. Thieves will get a workable phone to resell or use.
Irrelevant. This feature is not meant to be a theft deterrent, it's meant to secure your data. Enable Activation Lock for your theft deterrent.
Really Mr. Cook, a security issue; that's how you defend this buffoonery? If it was just a security issue, why not just disable the Touch ID functionality instead of the entire phone?! Get ready for another expensive lawsuit.
Because it's better to be safer than compromised. How does Apple know that some bright spark won't find a way to re-enable the TouchId and gain access to your data by exploiting an undiscovered vulnerability in iOS?
Unexcusably paranoid without any basis in reality. By this logic, the device should be bricked anytime the case is opened by anyone other than an authorized repair center - because once it's opened up - who knows what a smart hacker can accomplish? LOL! Ridiculous!!!
I'm selling a sticker that you can put on the back of your phone. The sticker prevents elephant attacks. All of my friends are using it and none of them have ever been attacked by an elephant so there is proof that it works. Even if you're skeptical - it's better to be safe than sorry - right? They're $100 each - but they're guaranteed for life. If you ever get killed in an elephant attack while carrying the sticker, we'll refund twice the amount you paid for the sticker! How many can I put you down for?
Apple acknowledges 'Error 53' glitch, says it's part of Touch ID security"
This security feature was intentionally implemented.
Therefore, it is not a glitch.
That's not necessarily true. Intentionally implemented or not - if it is not acting as it was intended to, it can be considered a glitch. From what I gather, the "error" might be firing more often than intended and in situations where it was not necessarily meant to. Bricking the phone when it does occur may also be a more drastic measure than was intended when the feature was intentionally implemented - only Apple knows for sure. Sorry to shatter your black and white world by introducing logic and reality.
I don't have the time or energy to reply to all of you individually - so this comment is directed to all of those who have blindly sided with Apple's approach of bricking the phone in response to this type of "tampering".
First of all - you don't even know for sure whether bricking the phone in these circumstances are what Apple intended to do. By calling it a "glitch", they are acknowledging that it is in fact NOT working exactly as intended.
As many of the smarter forum members have opined, there are a number of responses that could have been applied in this situation that are less severe YET STILL 100% SECURE! But since you don't understand how any of this stuff actually works - or what needs to be protected - you blindly over react. You're the same people that welcome "perceived security" over "real security" and probably think that all of the security measures in place at the airport actually make your flights more secure - even though they've been proven time and time again to be a waste of time and money whose ONLY value is to provide the PERCEPTION of security!
It's people like you - people that welcome extreme over reactions to perceived threats (real or not) that are going to be responsible for giving away ALL of our privacy and freedoms in the not so distant future.
Should Apple protect my data? Yes! Absolutely! Should they do so by bricking my device? ONLY IF NECESSARY!!! And in this case - ITS NOT!!! There are several levels of response/reaction that could be applied here that would protect your data while still allowing you to use your device! If you lack the intelligence to know what those responses should be - just shut the hell up - or go ahead and demand a solution that protects your data APPROPRIATELY. Don't pretend you know what the solution is and demand specific things when it's so very obvious you are responding solely out of fear and ignorance and that you don't have a clue what *should* be done.
I don't have the time or energy to reply to all of you individually - so this comment is directed to all of those who have blindly sided with Apple's approach of bricking the phone in response to this type of "tampering".
First of all - you don't even know for sure whether bricking the phone in these circumstances are what Apple intended to do. By calling it a "glitch", they are acknowledging that it is in fact NOT working exactly as intended.
As many of the smarter forum members have opined, there are a number of responses that could have been applied in this situation that are less severe YET STILL 100% SECURE! But since you don't understand how any of this stuff actually works - or what needs to be protected - you blindly over react. You're the same people that welcome "perceived security" over "real security" and probably think that all of the security measures in place at the airport actually make your flights more secure - even though they've been proven time and time again to be a waste of time and money whose ONLY value is to provide the PERCEPTION of security!
It's people like you - people that welcome extreme over reactions to perceived threats (real or not) that are going to be responsible for giving away ALL of our privacy and freedoms in the not so distant future.
Should Apple protect my data? Yes! Absolutely! Should they do so by bricking my device? ONLY IF NECESSARY!!! And in this case - ITS NOT!!! There are several levels of response/reaction that could be applied here that would protect your data while still allowing you to use your device! If you lack the intelligence to know what those responses should be - just shut the hell up - or go ahead and demand a solution that protects your data APPROPRIATELY. Don't pretend you know what the solution is and demand specific things when it's so very obvious you are responding solely out of fear and ignorance and that you don't have a clue what *should* be done.
Still siding with Apple here.
Additionally, I've upped my support for them to 103%.
Why not fix the problem by having iOS wipe out the data in the secure enclave/Touch ID, thus ensuring the data is not compromised instead of bricking it? Or at least let the phone work without use of Touch ID (yikes, it'd be like using an iPhone 5). Yes, this would allow non-Apple authorized repairs to actually succeed and possibly deprive Apple of a bit of revenue.
As for the person quoted in the Guardian article that lost all of his/her data: backup your stuff! Data-wise this is no different than losing your iPhone. Apple makes it so easy to backup and restore that there should be no excuses. If you value the information then back it up.
You're overthinking it.
If the secure element is compromised, you don't want the device to be accessed, period. Like the proper solution really is "wipe the device and restore from a backup" and the restore from the backup re-syncs the secure element.
Are you able to provide a motive for them *not* doing something less drastic?
Bricking the phone does seem harsh.
Ultimately my concern is where did the parts come from? If the repair centre isn't Apple authorized the parts can only be second-hand salvage parts, counterfeit, or possibly stolen from the production line.
Think of it as one of those steering wheel locks. Renders the item unusable until security is ensured.
Oh oh and the only "moron" here is the one insisting the phone is permanentlyt disabled aka "bricked" when it so obviously isn't since Apple has a process for restoring the security elements synchronization after replacement.
Ultimately my concern is where did the parts come from? If the repair centre isn't Apple authorized the parts can only be second-hand salvage parts, counterfeit, or possibly stolen from the production line.
Think of it as one of those steering wheel locks. Renders the item unusable until security is ensured.
Oh oh and the only "moron" here is the one insisting the phone is permanentlyt disabled aka "bricked" when it so obviously isn't since Apple has a process for restoring the security elements synchronization after replacement.
Not the best analogy since the intent is not to protect the phone from theft but rather to protect the contents. Your analogy does nothing to protect the contents of the vehicle.
A better way to look at it is as if your phone were a house that has 2 doors - a front door and a side door and each door has a lock that takes a unique key. Both doors provide access to the contents of your house.
Now...if you lose the key to the side door - would it make sense to you to barricade the front door? LOL! No. That's obviously stupid. The key to the front door remains uncompromised - so you would only need to barricade the side door! In this analogy, the side door can be represented as the Touch ID fingerprint whereas the front door represents your actual passcode/password.
Now, what would you think of someone in the above situation who decides they should barricade BOTH doors "just to be safe"?
LOL! If your answer is anything other than a "full-on moron" then you probably ARE that person!
Obviously it's only necessary to barricade the side door until it's lock can be changed. If access via the side door is prevented/denied, there is no security breech possible by continuing to allow authorized access through the front door!
Seems this only will effect repairs that see damaged Home buttons. Prior to the update replacing the home button simply meant the user would lose Touch ID for good. Ive done dozens of Iphone 6 screen repairs and luckily I was able to keep the original TouchID every time so I doubt third party repair shops really are scared about this. It only screws users who had a severely messed up phone and I'm sure this error will pop up on quite a few users who never had "unauthorized repairs." I understand the need to secure Apple pay and all that jazz but still 3rd party claims void pretty much everything Apple has to do with a phone so what do they really care? I had a 6 Plus user come to me recently for screen repair. The unit was pretty trashed. Apple refused to repair it as they quoted a rate pretty close the cost of the phone and they assured him his warranty was now toast because of the phones condition. I got him repaired for roughly 200 bucks. So this error 53 has the indirect or direct result of driving these customers back to their overpriced services.
Going forward though 3rd parties will struggle with the improved technology. 6s phones and the pressure sensitive screens cost a pretty penny and with limited availability there will be very little competition to Apples repair market anyway.
My niece had her home button replaced and Touch ID was disabled, even DFU restore it wouldn't enable, it is on the latest iOS update and is fine apart from that. Apple just advised that Touch ID won't work and that they won't repair it because it has 3rd party parts in it now. No biggie, she just can't use Touch ID or Apple Pay.
maybe it's just certain parts that cause the 53 error?
Comments
Siding with Apple on this 100%.
Are you able to provide a motive for them *not* doing something less drastic?
Ultimately my concern is where did the parts come from? If the repair centre isn't Apple authorized the parts can only be second-hand salvage parts, counterfeit, or possibly stolen from the production line.
*IF* the defect is the result of an unauthorized 3rd party repair, this will be something that the end user has to pay for. If it's a hardware defect in the original phone, Apple will fix it for free.
The article is a joke. It is the authors speculation that there may be no recourse other than buying a new phone - not a statement from Apple. What a ridiculous assumption to make! There's no way that is true as can be inferred from Apples actual statement.
How many people can possibly be affected by this in the first place?
I would say that anyone who paid a third party for a Touch ID sensor repair should be entitled to a refund - but I also can't imagine a repair shop would have attempted more than 1 such repair because it would be immediately obvious that the repair was unsuccessful. For the same reason, I can't imagine there are very many people who were actually affected by this. The group is probably too small to even get class action status and Apple will probably go ahead and get them operational again for free - or perhaps for the cost of the original repair.
As for voiding the warranty - if the phone were still covered by Apple's warranty, why would they be paying someone to do the repair in the first place?
I see this whole story as a gigantic non-event. Just another extremely minor issue that is blown way out of proportion to generate clicks and controversy.
Irrelevant. This feature is not meant to be a theft deterrent, it's meant to secure your data. Enable Activation Lock for your theft deterrent.
I'm selling a sticker that you can put on the back of your phone. The sticker prevents elephant attacks. All of my friends are using it and none of them have ever been attacked by an elephant so there is proof that it works. Even if you're skeptical - it's better to be safe than sorry - right? They're $100 each - but they're guaranteed for life. If you ever get killed in an elephant attack while carrying the sticker, we'll refund twice the amount you paid for the sticker! How many can I put you down for?
That's not necessarily true. Intentionally implemented or not - if it is not acting as it was intended to, it can be considered a glitch. From what I gather, the "error" might be firing more often than intended and in situations where it was not necessarily meant to. Bricking the phone when it does occur may also be a more drastic measure than was intended when the feature was intentionally implemented - only Apple knows for sure. Sorry to shatter your black and white world by introducing logic and reality.
First of all - you don't even know for sure whether bricking the phone in these circumstances are what Apple intended to do. By calling it a "glitch", they are acknowledging that it is in fact NOT working exactly as intended.
As many of the smarter forum members have opined, there are a number of responses that could have been applied in this situation that are less severe YET STILL 100% SECURE! But since you don't understand how any of this stuff actually works - or what needs to be protected - you blindly over react. You're the same people that welcome "perceived security" over "real security" and probably think that all of the security measures in place at the airport actually make your flights more secure - even though they've been proven time and time again to be a waste of time and money whose ONLY value is to provide the PERCEPTION of security!
It's people like you - people that welcome extreme over reactions to perceived threats (real or not) that are going to be responsible for giving away ALL of our privacy and freedoms in the not so distant future.
Should Apple protect my data? Yes! Absolutely! Should they do so by bricking my device? ONLY IF NECESSARY!!! And in this case - ITS NOT!!! There are several levels of response/reaction that could be applied here that would protect your data while still allowing you to use your device! If you lack the intelligence to know what those responses should be - just shut the hell up - or go ahead and demand a solution that protects your data APPROPRIATELY. Don't pretend you know what the solution is and demand specific things when it's so very obvious you are responding solely out of fear and ignorance and that you don't have a clue what *should* be done.
Still siding with Apple here.
Additionally, I've upped my support for them to 103%.
If the secure element is compromised, you don't want the device to be accessed, period. Like the proper solution really is "wipe the device and restore from a backup" and the restore from the backup re-syncs the secure element.
Oh oh and the only "moron" here is the one insisting the phone is permanentlyt disabled aka "bricked" when it so obviously isn't since Apple has a process for restoring the security elements synchronization after replacement.
A better way to look at it is as if your phone were a house that has 2 doors - a front door and a side door and each door has a lock that takes a unique key. Both doors provide access to the contents of your house.
Now...if you lose the key to the side door - would it make sense to you to barricade the front door? LOL! No. That's obviously stupid. The key to the front door remains uncompromised - so you would only need to barricade the side door! In this analogy, the side door can be represented as the Touch ID fingerprint whereas the front door represents your actual passcode/password.
Now, what would you think of someone in the above situation who decides they should barricade BOTH doors "just to be safe"?
LOL! If your answer is anything other than a "full-on moron" then you probably ARE that person!
Obviously it's only necessary to barricade the side door until it's lock can be changed. If access via the side door is prevented/denied, there is no security breech possible by continuing to allow authorized access through the front door!
Game. Set. Match.
maybe it's just certain parts that cause the 53 error?