Law Firms Consider 'Error 53' Lawsuits Against Apple as Some Stores Authorized for Repairs

[oneMadRssn]

They weren't "working fine", they were on the verge being found out to have been tampered with : aka "not fine".
Also, this message occured in 8.3 so your argument is again bogus.

No tampering. As I've said many times, Apple doesn't care whether it has been tampered with. You can put in a 100% untampered touchid sensor in there and it will throw this error. You can literally take a brand new touchid sensor from a brand new iphone straight from the shrink-wrap, put it into another iphone, and this error will disable the phone.

I forgot which exact version of iOS introduced this error. I know it was somewhat recent. Sorry for giving Apple the benefit of the doubt.

 

[ZipZap]

It isn't Apple's responsibility to support improper third-party repairs. It would be nice though. And they are actually being nice according to the OP.

Who the hell is asking them too. Seems to me the only reason we are going back is because they bricked the phone.

 

[I7guy]

Please point me to a source that says it is possible to re-pair a logic board and a touchid sensor. From all my research, and let me assure you i've done more than a cursory search, this is not possible. The pairing is either hard-coded into the logic board, or they permanently disable this chip to be reprogrammed after initial pairing. Either way, all evidence suggests that when Apple is confronted with the issue of a broken touch-id sensor, they replace either the entire phone or replace the logicboard and touch-id sensor together. I have seen zero evidence that Apple has ever replaced just the touchid sensor on an iPhone.
[doublepost=1455036342][/doublepost]

They can call it strawberry surprise error for all I care - let's call a spade a spade. There is no hardware failure if the hardware works. It is a software disable.

The hardware doesn't work you can't use Touch ID. Therefore to repeat the hardware doesn't work.

 

[igorsky]

Does not matter. As the consumer its up to me if I am worried about that. If I turn off fingerprints, then the button should be replaceable 100% of the time with no impacts to the phone.

What are all of you people trying to protect me and others from exactly. I choose what I want to do with my device. Not Apple.

If I lose my phone and have not set up "Find My iPhone", thats on me. Its my choice.

There is some belief here that Apple's actions are to protect me from myself. That's not necessary, and why the lawyers will have a field day with this one.

Apple has lost already. No arguments to the contrary apply.

Right because if your Touch ID was in fact hacked by a third party who then went on an Apple Pay shopping spree and spread all your personal dick pics online, you, as the consumer, would only blame yourself and not Apple. Good one.

And thanks for your legal opinion. Apple should just cut a check now instead of proving, through the court of law, how stupid these members of the class action suit, and their attorneys, are.

 

[BaldiMac]

Please point me to a source that says it is possible to re-pair a logic board and a touchid sensor. From all my research, and let me assure you i've done more than a cursory search, this is not possible. The pairing is either hard-coded into the logic board, or they permanently disable this chip to be reprogrammed after initial pairing. Either way, all evidence suggests that when Apple is confronted with the issue of a broken touch-id sensor, they replace either the entire phone or replace the logicboard and touch-id sensor together. I have seen zero evidence that Apple has ever replaced just the touchid sensor on an iPhone.
[doublepost=1455036342][/doublepost].

I like how you smoothly moved those goalposts. I never claimed they could be re-paired. I said they could switch in new parts as long as they are properly paired.

From the OP:
"When iPhone is serviced by an authorised Apple service provider or Apple retail store for changes that affect the touch ID sensor, the pairing is re-validated."

 

[ZipZap]

This thread really demonstrates how much Apple Fanboys can ignore the obvious if it avoids degrading Apple's image.

Right because if your Touch ID was in fact hacked by a third party who then went on an Apple Pay shopping spree and spread all your personal dick pics online, you, as the consumer, would only blame yourself and not Apple. Good one.

And thanks for your legal opinion. Apple should just cut a check now instead of proving, through the court of law, how stupid these members of the class action suit, and their attorneys, are.

Who the hell is going to hack a phone in my possession?
If I lose it and Its not protected with with a lock...that's on me.

You are clearly not thinking clearly. Apple has lost this one.

 

[BaldiMac]

Who the hell is asking them too. Seems to me the only reason we are going back is because they bricked the phone.

You are. You expect them to make accommodations to deal with improper parts or installation. The sensor doesn't magically get disabled because you chose to use an improper third-party repair.

 

[igorsky]

Who the hell is going to hack a phone in my possession?
If I lose it and Its not protected with with a lock...that's on me.

You are clearly not thinking clearly. Apple has lost this one.

Your phone is in your possession when it's being repaired? Again, if you do lose your phone and someone simply swaps your Touch ID sensor to get full access, we'll see if it'll be on you. Judging from your posts, it won't be.

 

[LV426]

Present me with data that there is hardware sending data to the touch ID and I will tip my hat. Happy to admit when I am wrong, but nobody has been able to decisively tell me that this is how it works.

And even if it is how it works, as I mentioned multiple times already, I feel the way that Apple has implemented this security feature "out of the blue" was not the right away to go about it.

See serial peripheral interface bus referenced below. SPI devices communicate in full duplex mode, i.e. data is sent and received.

The Secure Enclave is a coprocessor fabricated in the Apple A7 or later A-series processor. It utilizes its own secure boot and personalized software update separate from the application processor. It provides all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised.

The Secure Enclave uses encrypted memory and includes a hardware random number generator. Its microkernel is based on the L4 family, with modifications by Apple. Communication between the Secure Enclave and the application processor is isolated to an interrupt-driven mailbox and shared memory data buffers.

Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, entangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space.

Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key entangled with the UID and an anti-replay counter.

The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor, determining if there is a match against registered fingerprints, and then enabling access or purchases on behalf of the user. Communication between the processor and the Touch ID sensor takes place over a serial peripheral interface bus. The processor forwards the data to the Secure Enclave but cannot read it. It’s encrypted and authenticated with a session key that is negotiated using the device’s shared key that is provisioned for the Touch ID sensor and the Secure Enclave. The session key exchange uses AES key wrapping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption.

 

[sualpine]

This thread really demonstrates how much Apple Fanboys can ignore the obvious if it avoids degrading Apple's image.



Who the hell is going to hack a phone in my possession?
If I lose it and Its not protected with with a lock...that's on me.

You are clearly not thinking clearly. Apple has lost this one.

I suggest you read https://www.apple.com/business/docs/iOS_Security_Guide.pdf

Any iPhone 5S or newer uses the secure enclave for hardware backed encryption, including ACL enforcement, keychain enforcement, kernel signing, app signing, etc.

The secure enclave is necessary to run the phone, EVEN WHEN TouchID is not active.
If it has been compromised, the entire phone is compromised.

Again, read https://www.apple.com/business/docs/iOS_Security_Guide.pdf

Your position is factually incorrect.

 

[I7guy]

I suggest you read https://www.apple.com/business/docs/iOS_Security_Guide.pdf

Any iPhone 5S or newer uses the secure enclave for hardware backed encryption, including ACL enforcement, keychain enforcement, kernel signing, app signing, etc.

The secure enclave is necessary to run the phone, EVEN WHEN TouchID is not active.
If it has been compromised, the entire phone is compromised.

Again, read https://www.apple.com/business/docs/iOS_Security_Guide.pdf

Your position is factually incorrect.

Not to mention the lack of respect due to name calling.

 

[igorsky]

No but I would go back to the repair shop and fix their work. In this case, Apple has prevented all service except theirs and said nothing about this restriction.

Actually you'd have to go to the original car manufacturer to get this fixed. For the sake of argument, let's call this car manufacturer Apple.

See how this all makes sense now?

 

[oneMadRssn]

I like how you smoothly moved those goalposts. I never claimed they could be re-paired. I said they could switch in new parts as long as they are properly paired.

From the OP:
"When iPhone is serviced by an authorised Apple service provider or Apple retail store for changes that affect the touch ID sensor, the pairing is re-validated."

So... essentially the only way to fix a broken touchid sensor is to get an entirely new iphone (or a new logic board, which is 90% of the cost of a new iphone). Not because it's physically impossible to put in a working touchid sensor from another for-parts or salvage phone, not because there is anything critical to this pairing that is required for touchid to work. Only because Apple has decided to implement this clearly anti-consumer software.

I love Apple, I really respect the company and everyone that works there. But this policy is 100% anti-consumer. There is no other reasonable explanation. It's not security-related, as others have shown the touchid sensor itself is a dumb sensor (ie, the fingerprint information is not stored on the sensor itself, that would be silly). It's not hardware-related, as prior to this change, the swapped touchid sensors worked just fine. It is plainly only anti-consumer.
[doublepost=1455037479][/doublepost]

The hardware doesn't work you can't use Touch ID. Therefore to repeat the hardware doesn't work.

Prior to this software change, touchid did work. After this software change, the entire phone is disabled. After this software change, it is impossible to test whether or not touchid works because the entire iphone is unusable. How can you say the hardware doesn't work?

 

[I7guy]

So... essentially the only way to fix a broken touchid sensor is to get an entirely new iphone (or a new logic board, which is 90% of the cost of a new iphone). Not because it's physically impossible to put in a working touchid sensor from another for-parts or salvage phone, not because there is anything critical to this pairing that is required for touchid to work. Only because Apple has decided to implement this clearly anti-consumer software.

I love Apple, I really respect the company and everyone that works there. But this policy is 100% anti-consumer. There is no other reasonable explanation. It's not security-related, as others have shown the touchid sensor itself is a dumb sensor (ie, the fingerprint information is not stored on the sensor itself, that would be silly). It's not hardware-related, as prior to this change, the swapped touchid sensors worked just fine. It is plainly only anti-consumer.
[doublepost=1455037479][/doublepost]

Prior to this software change, touchid did work. After this software change, the entire phone is disabled. After this software change, it is impossible to test whether or not touchid works because the entire iphone is unusable. How can you say the hardware doesn't work?

Hold on there. Are you claiming if an unauthorized Touch ID replacement is made, Touch ID still functions?

 

[BaldiMac]

So... essentially the only way to fix a broken touchid sensor is to get an entirely new iphone (or a new logic board, which is 90% of the cost of a new iphone). Not because it's physically impossible to put in a working touchid sensor from another for-parts or salvage phone, not because there is anything critical to this pairing that is required for touchid to work. Only because Apple has decided to implement this clearly anti-consumer software.

I love Apple, I really respect the company and everyone that works there. But this policy is 100% anti-consumer. There is no other reasonable explanation. It's not security-related, as others have shown the touchid sensor itself is a dumb sensor (ie, the fingerprint information is not stored on the sensor itself, that would be silly). It's not hardware-related, as prior to this change, the swapped touchid sensors worked just fine. It is plainly only anti-consumer.
[doublepost=1455037479][/doublepost]

Prior to this software change, touchid did work. After this software change, the entire phone is disabled. After this software change, it is impossible to test whether or not touchid works because the entire iphone is unusable. How can you say the hardware doesn't work?

Security is clearly anti-consumer.

 

[oneMadRssn]

Security is clearly anti-consumer.

There is no support that it is security related. Merely alleging it is for security doesn't make it so.
[doublepost=1455037833][/doublepost]

Hold on there. Are you claiming if an unauthorized Touch ID replacement is made, Touch ID still functions?

First, what is an "unauthorized touch id replacement?" If I take a touch-id sensor from one iPhone and put it into another iPhone, is that unauthorized? Seems perfectly fine to do that.

Second, yes, prior to this software change, touchid worked just fine when the sensor was swapped from one phone into another.

 

[seancca]

So... essentially the only way to fix a broken touchid sensor is to get an entirely new iphone (or a new logic board, which is 90% of the cost of a new iphone). Not because it's physically impossible to put in a working touchid sensor from another for-parts or salvage phone, not because there is anything critical to this pairing that is required for touchid to work. Only because Apple has decided to implement this clearly anti-consumer software.

I love Apple, I really respect the company and everyone that works there. But this policy is 100% anti-consumer. There is no other reasonable explanation. It's not security-related, as others have shown the touchid sensor itself is a dumb sensor (ie, the fingerprint information is not stored on the sensor itself, that would be silly). It's not hardware-related, as prior to this change, the swapped touchid sensors worked just fine. It is plainly only anti-consumer.
[doublepost=1455037479][/doublepost]

Prior to this software change, touchid did work. After this software change, the entire phone is disabled. After this software change, it is impossible to test whether or not touchid works because the entire iphone is unusable. How can you say the hardware doesn't work?

What will happen is they are going to probably replace the display and then calibrate the display using the calibration machine they have used since the iPhone 5 and then more than likely have to restore the phone so it works.

 

[I7guy]

There is no support that it is security related. Merely alleging it is for security doesn't make it so.
[doublepost=1455037833][/doublepost]

First, what is an "unauthorized touch id replacement?" If I take a touch-id sensor from one iPhone and put it into another iPhone, is that unauthorized? Seems perfectly fine to do that.

Second, yes, prior to this software change, touchid worked just fine when the sensor was swapped from one phone into another.

That is the unauthorized because you didn't follow the repair procedures. Funny the documentation provided earlier refutes that you can just swap the sensor and have Touch ID work. Maybe a 5s works differently due to Apple Pay.

 

[BaldiMac]

There is no support that it is security related. Merely alleging it is for security doesn't make it so.

You mean besides the statement from Apple and the documentation that has been posted multiple times? And the confirmation from iFixit?

 

[Tech198]

Would people rather be left with TouchID being used by bad guys to grab your passwords otherwise ?

Think about it from a security view... This is what we originally wanted... we got it.... but now after a fail validation by a non-Apple repairer and iOS update would brick our phones, we now go back to "ok... lets not be secure at all"

If you could still JB your deceive as a possible "fix" to this, that would at least be something, since u can still use your phone... I mean hey... you've block Touch ID anyway right with an iOS update. Apple should accept that if uses do this to their phones by third party repairers, then we'll let them JB so they can use their phone again..

After all they've chosen to have gone down that that path partially by not going to an Apple store to repair in the first place.... Apple should let people walk on the wild side as an option. For those that go back to the Apple store. then good on em. So, it can work both ways.

 

[applezulu]

...On a different note. How many third-party home button repairs do people think happen every year? I can't imagine this being a revenue issue. I'm thinking this market would be less that a $1 million a year. Completely inconsequential to Apple.

The flip-side of this equation is something many people here seem to ignore. If Apple were more 'relaxed' about this issue, the first time there was a real or perceived breach of the fingerprint data, Apple would be at risk of hundreds of millions or even billions in lost revenue.

If the installation of aftermarket parts or experimental tinkering with the components were to demonstrate even a theoretical possibility of hacking into the fingerprint system, many of the same people lighting up this thread would be railing against Apple's stupidity for failing to protect fingerprint data in the TouchID hardware. Not only is maintaining the actual integrity of the device's security hardware important, but almost more critical is maintaining people's perception that the device is secure and Apple is committed to keeping it that way.

So the up-side potential revenue from muscling some mom-and-pop repair shops out of the way is inconsequential when compared to the potential down-side losses if the TouchID mechanism were shown or even just suspected to be hackable or insecure. This controversy is a tempest in a teapot compared to what would go down if Apple were less hard-nosed about the issue.

 

[oneMadRssn]

That is the unauthorized because you didn't follow the repair procedures. Funny the documentation provided earlier refutes that you can just swap the sensor.

Magnuson–Moss Warranty Act prohibits manufacturers of consumer products from voiding a warranty merely because the consumer chose to do a repair with a third-party. Apple cannot legally say that you must do all repairs through Apple or else the entire warranty is void and to add insult to injury, we will disable all functionality of your device.

 

[BaldiMac]

Magnuson–Moss Warranty Act prohibits manufacturers of consumer products from voiding a warranty merely because the consumer chose to do a repair with a third-party. Apple cannot legally say that you must do all repairs through Apple or else the entire warranty is void and to add insult to injury, we will disable all functionality of your device.

The warranty act is a red herring in this discussion. It doesn't require Apple to support incompatible third-party repairs. It doesn't require Apple to teach third-parties how to securely pair the hardware.

 

[sualpine]

Magnuson–Moss Warranty Act prohibits manufacturers of consumer products from voiding a warranty merely because the consumer chose to do a repair with a third-party. Apple cannot legally say that you must do all repairs through Apple or else the entire warranty is void and to add insult to injury, we will disable all functionality of your device.

False.

"While you cannot use a tie-in sales provision, your warranty need not cover use of replacement parts, repairs, or maintenance that is inappropriate for your product. The following is an example of a permissible provision that excludes coverage of such things.

While necessary maintenance or repairs on your AudioMundo Stereo System can be performed by any company, we recommend that you use only authorized AudioMundo dealers. Improper or incorrectly performed maintenance or repair voids this warranty.

Although tie-in sales provisions generally are not allowed, you can include such a provision in your warranty if you can demonstrate to the satisfaction of the FTC that your product will not work properly without a specified item or service. If you believe that this is the case, you should contact the warranty staff of the FTC's Bureau of Consumer Protection for information on how to apply for a waiver of the tie-in sales prohibition."

Source: http://www.mlmlaw.com/library/guides/ftc/warranties/undermag.htm

 

[Tech198]

Alternatively. to put it simply, the 'Error 53" issues could be just an reason that users find it hard to work in an closed eco-system. and fail to do the right thing by getting it repair at Apple..... even if they charge u more as the reason not to do it.

I gave a few options... i's up to you to decide. But what do I know