Apple Releases Updated Version of iOS 9.2.1 to Fix Devices Bricked by 'Error 53'

[AronDraws]

If it's possible to restore a bricked iPhone via a software update doesn't that mean the San Bernardino terrorist phone can be accessed through a special update? One that stays within the hands of Apple to avert the privacy concern. Can and should are to different issues.

I was under the impression that bricked was bricked. Done. No way around it. It's interesting to me that it can be plugged in and given new updates even after being bricked.

I'm also really puzzled too because a few articles mention that they had tried and failed 10 times to enter the password and that the phone's data was erased. Why would it matter after the phone self-erased? Why go after Apple when there's nothing left on the phone?

 

[Merkie]

I am right here.
Yep, I was wrong, but I also assumed it was intended and (still) agreed that bricking a once-working post-fix phone out of no where was douchy. I don't think anyone here was justifying that.

However, to brick a phone because a component that has major recourse through the security facede was modified, potentially unsafely, is completely acceptable (in my opinion, I have to add for those who think its anything more). I've seen repeatedly though history that exploiting the hardware means no safe bets - it is incredibly dangerous and to say "Well TouchID is a one-way channel," is not enough to subvert any worry about someones hardware access to any device.

By that reasoning, any third-party tempering with the phone should brick the phone, right?

Besides that, the TouchID sensor isn't a piece of hardware that adds security, it's a piece of hardware that adds convenience. The security is in the passcode (note that you can always circumvent TouchID by entering the passcode).
[doublepost=1455829683][/doublepost]

Note that Apple is disabling TouchID for these users. I suspect this was not something they thought of originally, but are doing in response to "public pressure." Given they are now bricking PART of the phone (the main security feature) rather than the entire phone, it is not inconsistent with what everyone was saying about it being a safety feature. Users can choose to use their phones with third-party parts, but they will not get the same security protection that enables ApplePay and other features. No one can hack your phone to create false charges via ApplePay, for example.

This is not entirely true. The TouchID sensor in your phone only works with your phone. It is tied to the secure enclave inside your iPhone. Technically, Apple doesn't have to do anything as it is impossible to unlock your phone with a non-original TouchID sensor.
[doublepost=1455829744][/doublepost]

They are disabling TouchID on phones with unauthorized repairs. I'm not sure who you think the joke is on.

They are not disabling anything. The way TouchID is designed, it is impossible to enable TouchID with a replacement sensor. Quite the difference.

 

[Cougarcat]

They are not disabling anything. The way TouchID is designed, it is impossible to enable TouchID with a replacement sensor. Quite the difference.

My TouchID was disabled after just a screen replacement. Though I suspect the home button cable got damaged during the repair.

 

[Vanilla35]

I think generous is the wrong term here.

Glassed Silver:mac

Yeah, damage control isn't exactly "generous".

 

[kdarling]

So the check to make sure that the Touch ID hardware hasn't been tampered with was removed?

It looks like the FBI got the update they were asking for after all.

Nope. The check is reportedly still there. However, now it only disables Touch ID, not the whole phone.

This, along with their claim that it was an unintended coding mistake, is what some of us said all along.

 

[TMRJIJ]

I just wanna know where all the, ‘No it’s your own fault' posters are.
Apple have admitted that they were wrong. That means it’s Ok for you lot to as well you know……...

It is the users fault. Touch ID sensor isn't something that should be mindlessly replaced like a screen or battery. Apple shouldn't have changed this.

 

[Mascots]

By that reasoning, any third-party tempering with the phone should brick the phone, right?

Besides that, the TouchID sensor isn't a piece of hardware that adds security, it's a piece of hardware that adds convenience. The security is in the passcode (note that you can always circumvent TouchID by entering the passcode).

I think in that retort, you answered your question. No, I don't think any third party tampering should ever brick the device. Unauthorized tampering of components that are tied directly to the most secure elements on the phone is a completely different interaction than changing a display or battery - unauthorized tampering that makes the Touch ID sensor ring "illegitimate". There is always that chance that any piece of hardware can be modified to break into a device, but lets be real here - people aren't going to be hacking display or display components in an attempt to break into a phone. People are going to be hacking at Touch ID components to attempt to break into a phone. It's not an what if, it's a that is.

As you said, it is a piece of hardware to add convenience to the security of the device. That convenience comes with a cost of security, however, and the cost isn't a constant. How do you know without a doubt there is no way that modifying Touch ID hardware will never open a door to allow access to secure data on the device or worse?

You don't. And it isn't an if, it is a when. If you assume otherwise, then you shouldn't be giving out security advice and especially not about specifics to a component that you have no way of knowing the internal construction of.

 

[samcraig]

Nope. The check is reportedly still there. However, now it only disables Touch ID, not the whole phone.

This, along with their claim that it was an unintended coding mistake, is what some of us said all along.

You don't think this is a backpeddle?

 

[C DM]

And yet some members were in denial keeping on saying what Apple was doing was right as it was an "unauthorised" repair.Jokes on those guys now.Hahahaha

As opposed to those who were claiming this was all just some plot for Apple to make more money. LOL, indeed.

 

[69Mustang]

Note that Apple is disabling TouchID for these users. I suspect this was not something they thought of originally, but are doing in response to "public pressure." Given they are now bricking PART of the phone (the main security feature) rather than the entire phone, it is not inconsistent with what everyone was saying about it being a safety feature. Users can choose to use their phones with third-party parts, but they will not get the same security protection that enables ApplePay and other features. No one can hack your phone to create false charges via ApplePay, for example.

Reading elsewhere on the interwebs, the disabling of Touch ID was a consequence of an unauthenticated replacement home button. That feature of the security has always been there (it seems). The lack of validation between Touch ID and the Secure Enclave would render that functionality dead. The guy who originally highlighted the Error-53 issue could use his phone (after repair) with a passcode, but not Touch ID.

From what I've gathered the unauthorized repair really wasn't the issue. An Apple Genius doing an authorized repair and not validating the new part would trigger the same Error-53 issue at update. As Apple states, it was never meant to be a customer facing "security feature", but a factory test. All the underlying security that was there before is there now. The only thing missing is something that shouldn't have been there in the first place.

Hindsight being 20/20, had they not issued the original statement claiming intentional security feature, this would have been a dead issue much sooner.

 

[C DM]

So the check to make sure that the Touch ID hardware hasn't been tampered with was removed?

It looks like the FBI got the update they were asking for after all.

Seems like what the FBI has been asking (since I'm assuming this is in reference to what's in the current news) has been in relation to accessing an iPhone 5c which doesn't have TouchID at all, which makes this all fairly irrelevant to any of that.

 

[samcraig]

Reading elsewhere on the interwebs, the disabling of Touch ID was a consequence of an unauthenticated replacement home button. That feature of the security has always been there (it seems). The lack of validation between Touch ID and the Secure Enclave would render that functionality dead. The guy who originally highlighted the Error-53 issue could use his phone (after repair) with a passcode, but not Touch ID.

From what I've gathered the unauthorized repair really wasn't the issue. An Apple Genius doing an authorized repair and not validating the new part would trigger the same Error-53 issue at update. As Apple states, it was never meant to be a customer facing "security feature", but a factory test. All the underlying security that was there before is there now. The only thing missing is something that shouldn't have been there in the first place.

Hindsight being 20/20, had they not issued the original statement claiming intentional security feature, this would have been a dead issue much sooner.

Exactly.. which still makes me think it's a backpeddle. Which Apple is pretty well known for. Clever scripting Like that time that they realized that their algorithm for displaying signal strength was wrong. After Antennagate.

 

[kdarling]

You don't think this is a backpeddle?

No sir. I and others said from the start that we believed that it was an unintended mistake.

I've been programming for 45 years now. To me, it totally smacks of a newly hired coder who "fixed" an action that he thought was missing. ("Hmmm. Error 53 is commented out here. Must be wrong. Let me re-enable the check!")

Even if that coder asked their boss about doing so, it surely didn't rise high enough to get vetted by Apple legal. An action like that was certainly going to cause class action lawsuits, and maybe even get the FTC involved for warranty law violations.

Not to mention that it's another PR goof that Cook cannot afford right now.

I'd normally be first to nail Apple on backpedaling, but this just feels too much like a programmer goof. But who knows. Maybe you're right and I'm giving them too much credit this time.

 

[C DM]

well well well, there are some forum members that look damn silly right now, who were advocating this was the right move, it was for our own good etc etc . Sorry guys, but you need to think for yourselves at times and not take what ever apples tells you gospel.

Worryingly, apple gave no evidence and you all were adamant it was a security issue. Looks like apple was testing the waters to go after authorised repairs and nothing to do with security, and they quickly realised the press smelt BS.

Your phones are just as secure without a working touched.

Or it was essentially just a bug and nothing more.

 

[samcraig]

No sir. I and others said from the start that we believed that it was an unintended mistake.

I've been programming for 45 years now. To me, it totally smacks of a newly hired coder who "fixed" an action that he thought was missing. ("Hmmm. Error 53 is commented out here. Must be wrong. Let me re-enable the check!")

Even if that coder asked their boss about doing so, it surely didn't rise high enough to get vetted by Apple legal. An action like that was certainly going to cause class action lawsuits, and maybe even get the FTC involved for warranty law violations.

Not to mention that it's another PR goof that Cook cannot afford right now.

I'd normally be first to nail Apple on backpedaling, but this just feels too much like a programmer goof. But who knows. Maybe you're right and I'm giving them too much credit this time.

I have no idea. I'm just going off of the change in message from Apple about the situation, not the technicalities behind it.

 

[danranda]

I just wanna know where all the, ‘No it’s your own fault' posters are.
Apple have admitted that they were wrong. That means it’s Ok for you lot to as well you know……...

I'll take this one on the nose... however, let it be known that at least I, as with most who's basic point was "you let just anybody open up your device and work on it means you void your warranty and might not get the exact results you want, whereas if apple did the repair for you, you're guaranteed the proper results" still stands. I never said this was teh proper result of a failed security check.

Glad to know they improved the result of a failed security check.

 

[997941]

Personally I believe the backlash is what got apple to fix the issue. And I am glad they did. In my eyes, they made a mistake and rectified that mistake. However, I believe with all my heart that this was not a bug, and intentional on apples part. The backlash led to the fix which should have been in place from the start. Mistakes happen. They corrected it. I can move on and forget about this

 

[alexgowers]

i feel like the original class action lawsuit still has it's validity. Disabling touch ID rather than bricking the phone is still a loss of function at an authorised dealer. However i feel like security of the device could be compromised it they turned touch ID back on with a 3rd party chip installed, that would pretty much allow anyone to fake the button and gain access.

 

[entropys]

Our long (three week) national nightmare is finally over. The few dozen people reported to have bricked phones can finally use them again. Yay freedom!

At least we can now focus on less important matters like the future of the country.

Do not worry about the future of the country. That is for the establishment to worry about, not us little people.

 

[acorntoy]

You posted the thread about the lawsuit 55 time. Even at a couple of minutes a message on average you spent hours warping reality into a pretzel to try and explain why Apple is 100% right and all the people who thought Apple was wrong were clueless about security, too cheap to pony up the cash for a proper repair. Apple was doing it for their own good and they should thank Apple.

The mental gymnastics you demonstrated on the previous thread were quite impressive.

And now that Apple has admitted they were wrong (or that it was all a mistake) despite your fanatical rabid instance that they were right and acting in the customers best interest that is the best response you can come up with?



Hilarious. You posted 55 times in that whole thread saying Apple was right and everyone who had their phone bricked deserved it because Apple did it for their own good. The posted you responded to could have been quoting you from the previous thread. Now you twist it to pretend nobody worded it one specific way, when you repeated it 55 times.

I think most people thought that if Apple budged Touch ID would be restored. I think restoring functionality while disabling Touch ID and helping security is a middle ground everybody can deal with.

 

[Cougarcat]

i feel like the original class action lawsuit still has it's validity. Disabling touch ID rather than bricking the phone is still a loss of function at an authorised dealer. However i feel like security of the device could be compromised it they turned touch ID back on with a 3rd party chip installed, that would pretty much allow anyone to fake the button and gain access.

The issue should not occur with authorized repair because they presumably know what they are doing.

Part of the problem is that the wires involved break if you look at them funny, so they are easily damaged if a different repair (unrelated to TouchID) is being made.

 

[lordofthereef]

Note that Apple is disabling TouchID for these users. s. No one can hack your phone to create false charges via ApplePay, for example.

I, and many others, asked the question why it wasn't being disabled and many people responded in a rather hostile manner about how it's not possible and how we don't know what we are talking about. I am serious. Have a look at the thread.

It makes a lot of sense to simply disable the sensor. I have a hard time imagining that nobody at Apple thought of disabling the sensor rather than disabling the entire device, but anything is possible I guess. I mentioned multiple times in that thread, and will again here, that while I am not an engineer of any sort, the simplest answer seemed to be disabling touch ID, and it seems that is what happened. Lesson learned (probably not) to people that wish to talk down on another in forums.
[doublepost=1455833795][/doublepost]

They are disabling TouchID on phones with unauthorized repairs. I'm not sure who you think the joke is on.

The joke is on the folks who believed whole heartedly that Apple was intentionally (and legitimately and legally) bricking phones because such a repair was detected. They were not only rude and demeaning (in many cases), they were flat out wrong.

It wasn't all for naught. My ignore list grew more in the last few weeks than it has since I started my account here. If you are going to circulate incorrect information AND put me (and others) down while doing it, I don't know that I am interested in ever having to hear your thoughts on anything again.

 

[MH01]

Or it was essentially just a bug and nothing more.

id buy that had Apple not make a dogs breakfast out of the whole issue pretending it was a security reaction.

They have gone from one BS version of events/cause to another BS version of events/cause.

Kudos to the logical individuals on MR who saw through this , and questioned

Though in theory yes, could have all stemmed from a coding error , for general hardware failure .

 

[ikir]

Sadly i think if an user is so much idiot to use a third party touch id / part on an pricey iPhone 6/6s they can't blame Apple for this kind of issues. These users would be the same who scream "our privacy!!!!!" when they fingerprints got stolen

 

[cmwade77]

Sadly i think if an user is so much idiot to use a third party touch id / part on an pricey iPhone 6/6s they can't blame Apple for this kind of issues. These users would be the same who scream "our privacy!!!!!" when they fingerprints got stolen

It's not always about the money, they could be in an area where getting the phone to an authorized repair center is difficult, if not impossible to do.