Juicy Box
macrumors 604
Type in your passcode. You have to do it every time you restart your phone.
Australian Consumer Regulator Sues Apple Over 'Error 53' iPhone Shutdowns
- Thread starter MacRumors
- Start date
- Sort by reaction score
Type in your passcode. You have to do it every time you restart your phone.
CylonGlitch
macrumors 68030
This feels like damned if you do damned if you don't situation. They allow 3rd party finger print sensors to be installed; and someone uses it to bypass security on the phone and people are all up in arms saying that they are not secure. They prevent 3rd party finger print scanners and everyone is all up in arms saying that they are trying to screw the consumer.
No, they are just trying to be cautious. Sometime that's the right thing to do. Now, bricking the device because of an invalid finger print scanner, that seemed over the top; instead just disable that feature and allow the rest to work correctly. Which, is the approach Apple has since taken with this.
You can never please everyone.
No, they are just trying to be cautious. Sometime that's the right thing to do. Now, bricking the device because of an invalid finger print scanner, that seemed over the top; instead just disable that feature and allow the rest to work correctly. Which, is the approach Apple has since taken with this.
You can never please everyone.
So you love a country full of consumers who don't read the terms and conditions.
Void warranty, and depending on how, lose device. I rather keep error 53 occurring so if I lost my phone my information would be safe.
[doublepost=1491493982][/doublepost]
A warning will do nothing to a thief who stole a phone and will use their fingerprint to open bank apps and transfer money.
Juicy Box
macrumors 604
If someone does something they are not suppose to do(use unauthorized parts), and something bad happens (security gets bypassed), it is probably on them, and I doubt people would feel too bad for them.
Now, when a company purposely bricks their device because there is an unauthorized part, then people might be all up in arms about it, and rightfully so.
Lets think of this using automobiles, since people like to use them as analogies all the time. If I replace my ignition key switch (the old turn it with a key style) with a button switch that has no security, would it be right for the car's manufacture to disable my car remotely? I don't think it would be. If I get my car stolen because of using a part that didn't belong on my car could I blame the car's manufacture? I could, but it would be ridiculous for me to do so.
macs4nw
macrumors 601
While their claim may have some validity, in this particular case, Apple's caution to protect the integrity of their Secure Enclave, a vital part of what makes ApplePay and customer banking info so secure, should override any minor inconvenience experienced by some consumers, especially in light of Apple promptly reimbursing affected customers with working devices, and their diligence in providing a timely fix.
Kaibelf
Suspended
Nothing says "standing up for consumers" like allowing janky third-party biometrics to compromise TouchID, eh?
gnasher729
Suspended
I'm quite sure nowadays the finger print sensor is enabled, which leaves your phone usable.
Just a warning would be bad if the phone is actually in the hands of a thief who swapped the sensor to unlock the phone. It is absolutely correct that a manipulated sensor must NOT be capable of unlocking the phone. However, pin unlock should continue to work.
Juicy Box
macrumors 604
I think it is standing up for consumers, when Apple is deliberately bricking devices. If the touchID could be compromised with unauthorized parts, and Apple was worried about security issues, it could have been disable. Bricking is unnecessary.
Juicy Box
macrumors 604
I don't think so, as you need the passcode to unlock an iPhone after restart.
Unless they are hot-swapping the sensor, which I am not sure if it is even possible.
Ah yes. Good point. Well then I guess it wasn't properly thought through at the time. But presumably no one died, and Apple fixed it. I bet the Sun still came up the following day
JunkiesNeedle
macrumors newbie
Haha! Typical ex-criminal Aussie low brow!
Don't bother reading the terms and conditions!
SBlue1
macrumors 68020
Well it would have been totally ok if they would pop up a message like "the touch-ID was possibly manipulated - it is deactivated for your security" instead of bricking the whole device!
oldmacs
macrumors 603
I'm fairly sure there was no immediate price jump when this happened. I'd be quite dismayed if this was the case, its part of Australian consumer law and the cost should not be past onto consumers as it should be a requirement of trading here.
[doublepost=1491512003][/doublepost]
Wow I assume you know nothing about Australia.
Didn't Apple acknowledge that bricking wasn't the intended consequence and address that in an iOS update?
Juicy Box
macrumors 604
Price changes at Apple are usually done periodically, and not usually tied to a particular event from what I noticed over the years.
Warranties costs most certainly get past down to the customer, regardless if it is laws or not.
oldmacs
macrumors 603
That's crap - it's not a warranty it's a condition of trading in Australia (if I am correct). It SHOULD NOT be passed down to the consumer. Apple already rorts us through not paying its tax.
Juicy Box
macrumors 604
Whatever you want to call it, warranty, trade condition, or tariff, Apple can pass that along to customers. It is a little silly to think otherwise.
Apple sets the price of their devices, not a government.
If a business plans on making a certain profit margin, they take in account all the product costs, including warranties, shipping costs, tariffs, and even the probability of losing a lawsuit.
Australia is not immuned to this, neither is any other country
oldmacs
macrumors 603
I'm not disputing that Apple may or may have done that, I just think it is wrong.
lowendlinux
macrumors 603
OK I thought about it and I still want to be able to have a 3rd party fix my phone.
Apple terms and conditions are not universally enforceable
Yes, I agree with you Apple should open source the IOS and Mac system, especially the kernel for researchers, students and hobbyists.
Righty McRighterson
macrumors member
What does Saudi Aramco have to do with this?
[doublepost=1491573770][/doublepost]
Terms and conditions for any device from any company are subservient to the law of the land in which Apple trade. Consumer protections my friend.
kdarling
macrumors P6
Think about it more.
Replacing the fingerprint sensor doesn't change the mathematical print representation stored in the Secure Enclave, which is what has to be matched. The sensor itself doesn't make that decision.
Btw, same thing will apply for facial or iris recognition. The cameras just pass along what they see. The Secure Enclave code then does the parsing and authentication against stored info.
Had nothing to do with third party. Replacing with an official Apple sensor also causes a rejection, unless an Apple tech uses a revalidation tool to match it to the phone.
In any case, even Apple said it was a mistake to brick the entire phone.
Nope. Touch Id is simply a shortcut to entering your passcode. If Touch Id fails five times in a row, iOS reverts to asking for the passcode... even with a perfectly stock working sensor.
How?
Half the posts in this thread show that many people still don't understand how Touch Id works.
Last edited:
LordVic
Cancelled
This is why I believe your original post that soem security decision was made that was overly cautious and went out, and that it wasn't their end goal fo bricking so many devices that were just being repaired.
In reality, there's no need to brick an entire phone for a single part that "MAY" potentially be compromised (remember, there was no evidence of compromise, just that the software said if it was not the original sensor, brick the phone)
The bricking of the phone was the part that went to far. When detecting a replaced sensor or something that potentially inteferes with it, the OS should disable the sensor and disconnect it from interacting with the security features. the phone itself should not be disabled, although some disabled features might be innevitable.
Similar to how Samsung handles KNOX. If you do something to your phone that trips KNOX's security to believe it's compromised, The entire samsung device doesn't get bricked. But KNOX shuts down and refuses to let you use KNOX required services. But at no point is the entire device bricked with the requirement of buying a new one.
I believe it was a mistake by Apple. Not an intentional one. And they did fix it shortly after it started becoming more and more prevalent.
[doublepost=1491579417][/doublepost]
Bricking the device is not a requirement in this case either.
First: for a "thief" to do so, woudl require shutting down the device to swap the sensor. iOS will always ask for a passcode on restart of the device, so the fingerprint sensor is still useless here.
Second: If the OS does detect a compromised fingerprint sensor, the more reasonable action is to just block use of the fingerprint sensor as a means of authentication, forcing fall back to passcode.
Bricking the device entirely, making it unusable, and then the initial response of "just buy a new phone" was extremely unreasonable. Very anti-competitive (many countries have laws prohibiting hardware manufacturers from banning 3rd party repair).
And even Apple admitted this after the fact and released an OS update that did what I said above. Block the offensive part, without bricking the whole phoen
[doublepost=1491579560][/doublepost]
what if that spilled milk made your $1000 device unusable while losing access to all your data?
And what if that spilled milk was intentionally poured onto your device, by the people who sold you that device?
your attempt at analogy and diminishing peoples impact by equating it to spilled milk shows how little you understand.
kdarling
macrumors P6
Agreed. Some of us older guys said from the start that we believed that it was an unintended mistake at a low level. Top brass would never have signed off on something that would invite such bad PR and possible class actions.
I've been programming for close to a half century now, and I've seen hundreds if not thousands of such goofs
After a while, you can sense what what went wrong.To me, it smacked of something like a newly hired coder who "fixed" an action that he thought was missing. ("Hmmm. Error 53 is commented out here. Must be a mistake. Let me re-enable the check. My bosses will be so proud of my extra initiative!")
Then, when the **** hits the fan, the first response from the lower ranks would be that it was working as intentioned, and the PR folks repeat that to the press. Then more inquiries are made the truth comes out internally