tenly

Scrannel said:

Apple Zombies please wake up: this behavior is a clear violation of restraint of trade (Apple has been in court on this before).  Under the Sherman Anti-trust Act, this is illegally creating a monopoly because Apple refuses to sell OEM parts to 3rd party repair shops thus -- in this case -- forcing customers to use Apple's expensive service.  That is against Federal law.  And, of course Apple doesn't HAVE to wipe your phone.  They could just temporarily lock it, right?  Bricking your phone without warning?  Sleazy.  With BlackBerry OS 10, for example, if you accidentally brick your phone because you have forgotten your credentials, you have the option of sending it to BlackBerry with proof of ownership, and they will unlock your phone.  Considering Apple has stores almost everywhere, it would be simple. Why won't they?  Well... they want you to buy a new phone. Are we there yet? 

You created an account to post this crap?  LOL

When you create a new account and instantly start bashing Apple....   You might be a troll..,

When you misrepresent rumors as if they were facts...  You might be a troll....

When you join a pro-Apple site and you yourself are not pro-Apple...  You might be a troll...

When you type and type and type and type without breaking up your text into paragraphs...    You might be a troll...

Actually, there's no "might" about it.  You're a troll.

This is not a clear violation of anything.  The only thing that's clear is your hatred of Apple.  You quote rumors as if they were facts.  You say that Apple has been "in court before" for restraint of trade... I guess they were found to be innocent, right?  If not - you most certainly would have told us Apple "has been convicted before".

Peope will see your message for the trolling it is and just ignore you.

You've wasted your time creating your account and composing this drivel.  

Peter Z said:

tenly said:

I've explained it to you twice.  It's not my job to make you understand why you're wrong.  In your latest reply you're trying to change the question to one that makes you less wrong but the extra detail you provide has nothing to do with my analogy or this discussion.

I don't know exactly what conversation you are trying to participate in, but the conversation that I'm in is about the error that is generated when a third party replacement of the home button/Touch ID sensor take place - the secure enclave is NOT being replaced.  The secure enclave and everything in it remains intact, but the new Touch ID sensor is not able to communicate with it because the technician is unable to initialize it like Apple does.

In the above case, the only thing that need fail is Touch ID authentication - for anything - logins, Apple Pay, app unlocks, etc.  Touch ID would be completely unusable - but every other feature and function within the phone - can and should continue to operate - 100% SECURELY - using just your password/passcode.  This includes device encryption, passcodes, etc.  Everything except Touch ID and fingerprint data.  

Touch ID is an OPTIONAL feature that can be turned on and off.  After a replacement of the sensor - until the new sensor is properly initialized by Apple - the phone CAN AND SHOULD FUNCTION AS IF TOUCH ID WERE SIMPLY TURNED OFF in settings.

Its frustrating trying to educate you.  Two things are obvious.  One is that you think you're right - and the other is that you're not.  I've given up trying to show you exactly where and why you're wrong.  At this point I'm only replying so that the great many forum readers who are smarter than you will understand why you're wrong - although to be honest - most of them probably understood after reading my initial analogy - or even before I posted it.

If you still don't get it - I'm sorry, I can't make it any clearer.  You'll just have to continue forward in life remaininghl ignorant of how this stuff actually works.

Agree turning off all functions of the touch ID would've been enough of course. But apple treats there customers like the last crap since steve jobs died. Poor steve he'd be crying seeing how the current management is destroying his dream of this unique company step by step.

I think you might be overreacting and getting yourself all worked up over a misunderstanding.

Unless there are statements from Apple that I haven't seen, I think people are mixing up speculations and suppositions from the author that aren't exactly true.

Until I see a statement directly from Apple, I'm willing to give them the benefit of the doubt and assume that the "bricking" which is being reported - temporary or permanent - is unintentional.  My guess is that there is a bug - introduced with the latest update which is what is causing the "bricks".  I'd be willing to bet that Apple fixes any affected devices free of charge and that the go-forward response to unauthorized, 3rd party Touch ID repairs will NOT involve disabling the phone - it will simply disable the Touch ID feature.

Apple haters will be coming out of the woodwork, stirring things up and manipulating normal users, like you - into a fury based on lies and misinformation.

I would understand your anger - if all of the information it is based on, is true - but I really don't think it is.  Give it a week or two (probably less) to play out - or at least wait for Apples "official" statement regarding this situation before you lose too much sleep over it.  Bricking the phone - even temporarily is a ridiculous response and no matter what the haters think - Apple wouldn't intentionally respond so drastically.  Of course, when all of this before officially known, the haters won't miss a beat - instead of complaining about this, they'll shift their tune only slightly and start complaining about Apples code-quality - highlighting this glitch as proof that without Steve Jobs around to review every line of code that is added to iOS, mistakes like this will happen more and more often!

i think we'll find that they truth is this glitch, Error 53 and the bricked iPhones affected a very, very small number of users.  We should just relax and see what happens over the next week...

ericthehalfbee said:

^ No, you won't be replying again because you're wrong and won't admit it. And you lack the basic knowledge to prove your side right. In fact, you have posted literally NOTHING  about how the security on an iPhone (secure enclave, encryption, Touch ID) works. You're just throwing arond a bunch of theories about how you THINK it works and expect s to believe you.

Dont get so upset when people call you out when you're wrong.


Edited: Can't believe I forgot this as I just assumed the basic concept would be simple for anyone to understand. Apparently not.

I work for BMW (as I've posted here before). They do the EXACT same thing. If you replace the access module on a BMW (the one that decides if it should unlock the doors with the remote key) then the entire car is bricked. That's right, it won't even work. You'll need to get towed to BMW and they'll have to order in a brand-new module direct from BMW which they will then code (pair) to the vehicle. It's impossible for dealers or anyone to buy a used module and code (pair it).

According to your logic, BMW should allow the car to start so you can drive it, and turn off the feature for unlocking the doors (just like you claim Touch ID should be turned off and the rest of the iPhone should continue to work).

Sound familiar? Sort of like using a Touch ID sensor that hasn't been coded (paired) and the entire phone stops working. Now for the others who clearly don't comprehend the Magnusson Moss act (and think it applies here), how is BMW able to get away with this? If you have the right to repair your car at a third party shop, then how can this situation arise?

I lied.  I will continue to reply - only to make sure that people aren't left with your misguided and incorrect information.

Again - you are trying to confuse the issue and the conversation by making some weak vehicular analogy.  I'm not going to dispute anything you said about BMW or how their system works - but I will point out that it's a silly comparison to make.  The system you are describing is designed to prevent theft.  The iPhone security system we are discussing is designed to protect your data.  That's a huge difference - and at least now I know why you're thoughts are so far from accurate - you're speaking about what you know - which is vehicle theft protection.  Your mistake is in assuming that the security required to protect data is (or should be) similar.  It's not - and you clearly have no experience or knowledge about those types of systems!

If you want to pull out credentials, sure - let's play!  I have a Masters in Computer Science and have worked as a consultant in the IT industry for more than 20 years including 6 years of architecting, engineering and implementing secure systems.  Sorry, I've never worked on automotive security systems.

So - rather than comparing cars to smartphones, why don't you look at the exact items in question and then point out to all of us exactly where and how the phone with the uninitialized Touch ID sensor is more vulnerable to unauthorized data access or unauthorized use than the system which has Touch ID disabled via the settings app.  And remember, we want to compare Apples to Apples here - so for the devices we're going to compare - the ONLY difference between the 2 devices should be that one has all of the original parts and the other has an aftermarket Touch ID sensor that is not able to communicate with the secure enclave.

My assertion is that if Apple (iOS) detects that the Touch ID sensor cannot communicate with the secure enclave, the "Use Touch ID" setting should be turned off and grayed out - and the phone should operate as if it had never been activated in the first place.

Your claim is that by doing so, some portion of the users data would potentially be exposed and the only "secure" thing to do is to temporarily brick the phone - yet you offer no explanation as to how this could possibly happen.

By now, I'm sure you can see where you went wrong.  Whether you misunderstood the proposed alternative to bricking, whether you honestly believed that "securing a vehicle from theft" and "securing access to private data on a computing device" were the same thing and should be treated the same way - or whether you are just an Apple apologist and blindly defend Apple and assume that if they do something a particular way, it's the best way (or the only way)...

Anyhow - no matter why you initially disputed the assertion, I'm certain that you now see that you were wrong.  I'm also equally certain that you'll never admit it.  You've slung too many names and insults to back down and apologize at this point.  I'm quite sure that you will go to your grave still claiming to be right - even if Apple releases an update that makes the system work EXACTLY as I've described - which I see as a *very* likely possibility...!

maxit said:

tenly said:

I don't have the time or energy to reply to all of you individually - so this comment is directed to all of those who have blindly sided with Apple's approach of bricking the phone in response to this type of "tampering".

First of all - you don't even know for sure whether bricking the phone in these circumstances are what Apple intended to do.  By calling it a "glitch", they are acknowledging that it is in fact NOT working exactly as intended.

As many of the smarter forum members have opined, there are a number of responses that could have been applied in this situation that are less severe YET STILL 100% SECURE!  But since you don't understand how any of this stuff actually works - or what needs to be protected - you blindly over react.  You're the same people that welcome "perceived security" over "real security" and probably think that all of the security measures in place at the airport actually make your flights more secure - even though they've been proven time and time again to be a waste of time and money whose ONLY value is to provide the PERCEPTION of security!

It's people like you - people that welcome extreme over reactions to perceived threats (real or not) that are going to be responsible for giving away ALL of our privacy and freedoms in the not so distant future.

Should Apple protect my data?  Yes!  Absolutely!  Should they do so by bricking my device?  ONLY IF NECESSARY!!!  And in this case - ITS NOT!!!  There are several levels of response/reaction that could be applied here that would protect your data while still allowing you to use your device!  If you lack the intelligence to know what those responses should be - just shut the hell up - or go ahead and demand a solution that protects your data APPROPRIATELY.  Don't pretend you know what the solution is and demand specific things when it's so very obvious you are responding solely out of fear and ignorance and that you don't have a clue what *should* be done.

What an amount of BS....
you don't really understand how Apple has to enforce security measures like this, on a device where financial transactions are implemented and Apple Pay still have to gain trust worthiness amongst many banks worldwide.
you are trying to switch the responsibility from an unwise customer to Apple.
use an authorized service center: problem solved.

All I can say is re-read my previous messages.  The house analogy I use is accurate.  I can't point to the statement in your message that is wrong because all of it is wrong.

The fundamental flaw in your argument is that you incorrectly assume that the solution I described lessens the security of the data that resides on the device.  It doesn't - and I don't know why you don't understand that!  When Touch ID is operational - but turned off - is the data on my device secure?   Yes - it's as secure as the password I created.

We can't discuss this until you understand what security is and how to implement it effectively.  Currently, you don't - so you panic and overreach with a solution that secures your data - but also prevents authorized access to it!  That's a fail - unless it's necessary to ensure security.  But in this case - it's NOT necessary.

Instead of blindly claiming that my analogy is wrong - and not offering any reasons for making that claim - why don't you point out WHERE the security hole is in the "passcode only" approach?  I'll tell you why you can't do that - it's because it doesn't exist!  There is no security hole!  LOL!  Your objections are centered around the fact that the data stored on the phone is extremely sensitive...and so the solutions requires more security.... That's an invalid argument.  The data is in fact - just as protected and secure in my analogy as it is in a device where the user has chosen to disable Touch ID.

Enabling Touch ID on a device actually decreases the security of the device as a whole because it creates a new entry point that didn't previously exist - one that could be used by anyone with access to your fingers - either while you're sleeping, after they've roofied you, or after they've chopped off the appropriate finger!

This argument isn't worth any more of my time.  The smart people here already get it.  The rest of you will never get it because you lack a basic understanding of security - and that's fine.  I'm sure this is not the only thing you've ever been wrong about.  By now - you must be used to it.

I won't be replying again on this chain unless you or someone else can post an actual example of a real thing that makes this method less secure.  (you can't do it because there isn't one)

ericthehalfbee said:

tenly said:

You are delusional.  My analogy is perfect and yours is fantasy.  

Touch ID and your fingerprint are not related in any way to your password.  They are two completely separate entrance mechanisms.  It really bugs me when people like you come along and start spewing nonsense as if it were fact.  There's already too many that misunderstand how this all works without you adding to their confusion.

I don't know where you're getting your information - but I promise you (and everyone else) that it's nowhere close to accurate and I restart that my analogy is spot on.  I'm sorry if it simplifies things too much and makes you feel sheepish or silly for not realizing it before reading my analogy - but it really is that simple conceptually.  Honest!

No, still a stupid analogy that only proves you know nothing about the secure enclave and how it works.

The secure enclave is used for device encryption, your passcode, your fingerprint, access controls lists (things like application passwords and private keys).

You seem to think it's only used for Touch ID, and there's nothing to worry about if a piece of hardware that works with the secure enclave has been swapped out. And then have the nerve to tell others they are delusional or morons.

Seems pretty clear who the "delusional moron" is.

I've explained it to you twice.  It's not my job to make you understand why you're wrong.  In your latest reply you're trying to change the question to one that makes you less wrong but the extra detail you provide has nothing to do with my analogy or this discussion.

I don't know exactly what conversation you are trying to participate in, but the conversation that I'm in is about the error that is generated when a third party replacement of the home button/Touch ID sensor take place - the secure enclave is NOT being replaced.  The secure enclave and everything in it remains intact, but the new Touch ID sensor is not able to communicate with it because the technician is unable to initialize it like Apple does.

In the above case, the only thing that need fail is Touch ID authentication - for anything - logins, Apple Pay, app unlocks, etc.  Touch ID would be completely unusable - but every other feature and function within the phone - can and should continue to operate - 100% SECURELY - using just your password/passcode.  This includes device encryption, passcodes, etc.  Everything except Touch ID and fingerprint data.  

Touch ID is an OPTIONAL feature that can be turned on and off.  After a replacement of the sensor - until the new sensor is properly initialized by Apple - the phone CAN AND SHOULD FUNCTION AS IF TOUCH ID WERE SIMPLY TURNED OFF in settings.

Its frustrating trying to educate you.  Two things are obvious.  One is that you think you're right - and the other is that you're not.  I've given up trying to show you exactly where and why you're wrong.  At this point I'm only replying so that the great many forum readers who are smarter than you will understand why you're wrong - although to be honest - most of them probably understood after reading my initial analogy - or even before I posted it.

If you still don't get it - I'm sorry, I can't make it any clearer.  You'll just have to continue forward in life remaininghl ignorant of how this stuff actually works.