Law Firms Consider 'Error 53' Lawsuits Against Apple as Some Stores Authorized for Repairs

[AppleGroundZero]

Regardless, it’s anti competitive Here’s another example;
http://www.digitaltrends.com/music/...-ipods-for-two-years-answers-for-it-in-court/

Honestly had not seen that before , and I can't really speak on the company behalf for that issue.

But referring to the issue at hand , the accusation that were trying to corner the repair market with prohibiting 3rd party repairs , is unfounded.

As I said I am not 100% familiar with the process of becoming an AASP , however that choice is there as a support option for customers , the company realized we were not going to be able to build a ARS in every major area , which is why we have a need for AASP's and why we have a mail in option , I live in Oregon , and there is only 3 ARS's in the state, believe me , I know the store location struggle all too well , however I personally have never broken my device , so I have not needed to do a repair nor had a hardware malfunction so maybe I cannot completely relate to a personal level , but I do help with calls like this on a daily basis.

It may not be perfect but the system is efficient in helping with as much as we can without compromising the quality of our devices , I do not believe personally it can be considered a fault when a company wants to be sure that its responsible for its hardware issues and failures , and taking massive steps in insuring your device security.

This security step may be excessive in peoples eyes as it is now , but imagine how much worse this issue would be if someone actually found a way to exploit 3rd party repairs to steal information and what not.

Again this is my personal opinion , and reasoning , make of it what you will

 

[N47H]

For those defending Apple in this debacle and buying the god awful security nonsense as good reasoning rather than this being a disgusting approach to monopolise and overcharge for repairs, please answer these questions...

1. Where is any evidence of the existence of a Touch ID sensor capable of circumventing the need for an accurate thumb/finger print?

2. Why disable the phone? Why not just warn users that using non Apple parts could compromise safety in a pop-up?

3. Why not just wipe all payment and personal data (passwords etc) upon detection of a non matching Touch ID component? Then there's no data to steal?

4. Why not just lock out the Touch ID capabilities of the phone until you and Apple can verify you are the user? Or until an Apple Store replaces the part at your expense?

5. Why is it even an issue, if your phone has been switched off, and you use Touch ID, you will be required to enter your passcode to unlock the phone, and then if you want to use Touch ID for any apps or services you will need to use your password on first use. Where did this thief who fitted the imaginary circumventing sensor also get your passcode and password from? Aren't these measures enough to protect your data and money?

6. Why only disable these phones upon OS update?

7. And this is the killer question, the question that negates all arguments that this is purely a security move... Why refuse to fix the phone? Why only allow the purchase of a replacement? If this was purely a security issue the Apple stores would surely verify you're the owner and charge you to replace the sensor again and pair it.

 

[BaldiMac]

For those defending Apple in this debacle and buying the god awful security nonsense as good reasoning rather than this being a disgusting approach to monopolise and overcharge for repairs, please answer these questions...

1. Where is any evidence of the existence of a Touch ID sensor capable of circumventing the need for an accurate thumb/finger print?

2. Why disable the phone? Why not just warn users that using non Apple parts could compromise safety in a pop-up?

3. Why not just wipe all payment and personal data (passwords etc) upon detection of a non matching Touch ID component? Then there's no data to steal?

4. Why not just lock out the Touch ID capabilities of the phone until you and Apple can verify you are the user? Or until an Apple Store replaces the part at your expense?

5. Why is it even an issue, if your phone has been switched off, and you use Touch ID, you will be required to enter your passcode to unlock the phone, and then if you want to use Touch ID for any apps or services you will need to use your password on first use. Where did this thief who fitted the imaginary circumventing sensor also get your passcode and password from? Aren't these measures enough to protect your data and money?

6. Why only disable these phones upon OS update?

All good questions. But just because you don't know the answer doesn't mean Apple is lying.

7. And this is the killer question, the question that negates all arguments that this is purely a security move... Why refuse to fix the phone? Why only allow the purchase of a replacement? If this was purely a security issue the Apple stores would surely verify you're the owner and charge you to replace the sensor again and pair it.

1. They're not. See the OP.
2. Why should Apple be required to fix improper third-party repairs?

 

[N47H]

All good questions. But just because you don't know the answer doesn't mean Apple is lying.


1. They're not. See the OP.
2. Why should Apple be required to fix improper third-party repairs?

1. They were in all stores, see the Guardian article, it's only now that a negative reaction has been brewing in the media and with consumers that they've reacted and started offering repairs.

2. They don't have to repair third party parts, but they can replace them and fit first party ones in their place, you're paying them not asking them to do it for free. We can go back to the over used car analogy, if I use a third party part in my car during its warranty period it can "possibly" void my warranty, that's fair enough, however my dealer/manufacturer would still repair the car at a cost even if third party parts had been used previously.

 

[H2SO4]

Honestly had not seen that before , and I can't really speak on the company behalf for that issue.

That’s fine but I was more referring to the point that they had concealed a situation that they knew of that would make a users data inaccessible, (which is pretty much the same as deleted). It took court to get them to see it. Not everyone at Apple is a scumbag of course, (the vast majority won’t be), but there are definitely some.
The trouble is the ones that are can often be the ones that make policy that is more about the bottom line than the consumer.

If they can give me a solid statement in plain english that explains the real security issue and the absolute need for bricking, not that meaningless double talk PR crap they usually come out with, I’ll be happy(er).

 

[sualpine]

For those defending Apple in this debacle and buying the god awful security nonsense as good reasoning rather than this being a disgusting approach to monopolise and overcharge for repairs, please answer these questions...

1. Where is any evidence of the existence of a Touch ID sensor capable of circumventing the need for an accurate thumb/finger print?

2. Why disable the phone? Why not just warn users that using non Apple parts could compromise safety in a pop-up?

3. Why not just wipe all payment and personal data (passwords etc) upon detection of a non matching Touch ID component? Then there's no data to steal?

4. Why not just lock out the Touch ID capabilities of the phone until you and Apple can verify you are the user? Or until an Apple Store replaces the part at your expense?

5. Why is it even an issue, if your phone has been switched off, and you use Touch ID, you will be required to enter your passcode to unlock the phone, and then if you want to use Touch ID for any apps or services you will need to use your password on first use. Where did this thief who fitted the imaginary circumventing sensor also get your passcode and password from? Aren't these measures enough to protect your data and money?

6. Why only disable these phones upon OS update?

7. And this is the killer question, the question that negates all arguments that this is purely a security move... Why refuse to fix the phone? Why only allow the purchase of a replacement? If this was purely a security issue the Apple stores would surely verify you're the owner and charge you to replace the sensor again and pair it.

All of your questions are answered in https://www.apple.com/business/docs/iOS_Security_Guide.pdf

The secure enclave does WAY more than fingerprints. It protects the entire system.

 

[kdarling]

I think you need to read the warranty again because it states in there any modifications done by a 3rd party nullifies the warranty.

This is not a modification of functionality. It's a simple parts replacement, perhaps even with OEM parts.

I have already demonstrated how an incorrectly paired TouchID sensor compromises the Secure Enclave, and how a compromised Secure Enclave compromises the entire phone, regardless of whether TouchID is enabled or not. Therefore, as the summary states, Apple has 100% legal grounds to state that the part caused hardware failure, being that the Secure Enclave is physically on the Apple A series coprocessor, which is a physical part of the phone.

There is no hardware failure involved. It's only a software comparison of keys that can be reset via proprietary Apple tools.

Egg Freckles did a nice article on this, some history (repair, Apple third party parts and device testing) and then the current issue. It's a pretty short article, check it out http://eggfreckles.net/notes/error53/

That blog says:

"Error 53 is the result of the Secure Enclave, where fingerprint data is kept, failing to pair with the Touch ID sensor, where fingerprint data is captured. A malicious Touch ID sensor could steal an iPhone owner’s fingerprints. It could unlock the iPhone without its owner’s consent. And it could make purchases using Apple Pay without the owner’s permission."

How could the Touch ID sensor make purchases on its own? Or is he trying to claim that someone could stick a spy sensor in your iPhone, say while you sleep, then later steal your phone and make purchases by triggering the spy sensor to re-use the last working fingerprint?

That's an incredibly remote possibility. Seriously. It would be so much easier and more likely to steal a print from a glass you've touched and make a fake fingerprint to unlock the phone. And yet few people worry about that.

 

[AppleGroundZero]

That’s fine but I was more referring to the point that they had concealed a situation that they knew of that would make a users data inaccessible, (which is pretty much the same as deleted). It took court to get them to see it. Not everyone at Apple is a scumbag of course, (the vast majority won’t be), but there are definitely some.
The trouble is the ones that are can often be the ones that make policy that is more about the bottom line than the consumer.

If they can give me a solid statement in plain english that explains the real security issue and the absolute need for bricking, not that meaningless double talk PR crap they usually come out with, I’ll be happy(er).

Tell you what , let me check my resources and let me see what I can find , if its not something confidential or otherwise ill see what I can post.

 

[BaldiMac]

1. They were in all stores, see the Guardian article, it's only now that a negative reaction has been brewing in the media and with consumers that they've reacted and started offering repairs.

Yep. So what's to complain about? Again, they had no obligation to fix them. They decided to support them when it became a significant issue. Sounds like they dealt with that well.

2. They don't have to repair third party parts, but they can replace them and fit first party ones in their place, you're paying them not asking them to do it for free. We can go back to the over used car analogy, if I use a third party part in my car during its warranty period it can "possibly" void my warranty, that's fair enough, however my dealer/manufacturer would still repair the car at a cost even if third party parts had been used previously.

The also can give away free iPhones to everyone! What they can do is irrelevant. They are doing a nice thing for customers that were screwed by uninformed third-parties. Why the negative response?

 

[H2SO4]

Tell you what , let me check my resources and let me see what I can find , if its not something confidential or otherwise ill see what I can post.

I would be extraordinarily careful what I post in a forum even if it isn't deemed confidential........

 

[AppleGroundZero]

I would be extraordinarily careful what I post in a forum even if it isn't deemed confidential........

Indeed , I try to post only reliable information but I can't guarantee I know too much more than anyone else here unfortunately , but I believe that most of the truth has already been posted and the steps given on resolving the issue , the debate at this point may be more business ethical than needed facts.

 

[Keirasplace]

No tampering. As I've said many times, Apple doesn't care whether it has been tampered with. You can put in a 100% untampered touchid sensor in there and it will throw this error. You can literally take a brand new touchid sensor from a brand new iphone straight from the shrink-wrap, put it into another iphone, and this error will disable the phone.

I forgot which exact version of iOS introduced this error. I know it was somewhat recent. Sorry for giving Apple the benefit of the doubt.

Man, you have no clue at all what you're saying. Bye.

 

[I7guy]

I'm going to just come out and say: Idiocy.
Show me one instance this has or could take place. It can't. When you reboot your device what does the device ask for? Passcode. Not TouchID. A Passcode.

and btw, this also happens using original brand spanking new OEM parts.
[doublepost=1455040778][/doublepost]

Huh? He swapped out the working parts and the devices worked fine. So how is it "not working"? TouchID will work fine until you update the OS.
What am I missing?

It may work fine on IOS 8, but on IOS 9 the requirements were changed from what I can gather? Then what is this pairing that is talked about?
[doublepost=1455052481][/doublepost]

Bricking your phone for no reason (when wiping the data is an option if you care that much about security) is in the best interest of the consumer?

It is blatant punishment for daring to not give Apple their tax on a repair.

I don't know if it's for no reason? While I can't condone it, maybe there is an underlying reason.

 

[danranda]

This was made public knowledge by people realizing their phones no longer worked and that the thing they had in common were third party repairs. Apple can't stop the hackers. This sin't even slowing them down. What this has done is screwed over folks who thought they were getting their devices repaired, now they have a bricked device that Apple will likely even refuse to touch due to it having been worked on somewhere else.

There are measures you can go through for security. These are not them. And I'll remind you that some are receiving a similar error just for a screen replacement. vut if we are stuck on touch ID security, how hard would it be to pop that error up and wanr the user an unauthoirzied touch ID sensor has been installed and therefore that feature can not continue to be used? We can all turn touch ID off. I am sure that people who had their buttons replaced that are seeing this message would much rather have the OS disable the sensor than their entire darn phone!

While your suggestion of just disabling the sensor and warning the user about it holds merit, do you not think these very same people would complain just the same? Mostof the arguments here are based on the belief that "I should be able to have anyone I want repair my phone, especially if they are cheaper or more accessible than an apple store".
I tend to think those very same people will be equally pissed off at apple for their phone being crippled by a botched repair.

 

[carrrrrlos]

#enclavegate

 

[AppleGroundZero]

https://www.apple.com/business/docs/iOS_Security_Guide.pdf

This might give some extra insight into how the security system works from a more technical standpoint , it does not completely address the question at hand but if anyone wanted more knowledge on it , this will give it.

 

[danranda]

Warranty is just an agreement with the manufacturer what they will repair and what they won't for a specified time. It has no real relevance as to what will work or not. It is not there to say that only OEM parts can or will work at any point in the lifetime....in fact anything that deliberately voids the use of non-OEM parts would be illegal. As always caveat emptor and so there is a risk with any repair...even from Apple themselves but this is not really a discussion about faulty workmanship by a 3rd party - which would not need a discussion at all

The second point is why TouchID only works with the original parts. That is fine as far as it goes. Touch ID is not a 'must' for phone operation though and so there is no justification to brick a phone with a working home button but no TouchID....the security argument keeps getting thrown out there but I haven't seen any real evidence that it is the case...many people who know more than me are arguing it out

Fair enough. I also do not know everything about how the security pieces work together.

 

[dk001]

Makes me miss using my Message Pad. I'll look for the battery carrier again. Wish I could find it.

This what you need?

 

[N47H]

Yep. So what's to complain about? Again, they had no obligation to fix them. They decided to support them when it became a significant issue. Sounds like they dealt with that well.


The also can give away free iPhones to everyone! What they can do is irrelevant. They are doing a nice thing for customers that were screwed by uninformed third-parties. Why the negative response?

They weren't willing to do nice things until the media caught light of it, and even then it's a very loose use of the term "nice". If charging you for a repair, when your previous repair is already satisfactory, is your idea of nice... Then I'd hate to be your family at Christmas, your presents must be absolutely awful, what do you give them? A swift kick in the gonads?

This isn't an issue made by the customer or the third party repair centre, it's entirely manufactured by Apple, and they're profiteering from it.

Perhaps you're from the US and your consumer rights are far less than ours in Europe, but preventing third party repairs or in fact just bricking someone's phone is entirely against all consumer legislation going.

Just go back to my list of questions again, how can you defend this when its so beyond extreme it's hard to believe this is a real issue? They could just wipe your data or block out TouchID, they're bricking phones for "your benefit". There is nothing Apple could say to excuse what they're doing, and yourself and everyone else unwilling to believe big loving, caring Apple could do no wrong.

I've spent well over £10000 (approaching $20000) on Apple products, I'm posting this from my iPhone 6S plus, the original comment was posted from my MacBook Pro Retina, so believe me when I say I'm far from an Apple hater, quite the opposite in fact, but just because I like their products doesn't mean I should defend their every action, nor should anyone else.
[doublepost=1455053799][/doublepost]

While your suggestion of just disabling the sensor and warning the user about it holds merit, do you not think these very same people would complain just the same? Mostof the arguments here are based on the belief that "I should be able to have anyone I want repair my phone, especially if they are cheaper or more accessible than an apple store".
I tend to think those very same people will be equally pissed off at apple for their phone being crippled by a botched repair.

Then don't cripple a feature, just wipe any confidential and payment stuff locked behind Touch ID off the phone or wipe the phone entirely and the issue of fraud/data theft is alleviated.

That same consumer could still moan, but certainly far less than if their entire phone becomes unusable, and they could at least then use the security get out clause with some degree of believability.

 

[Heltik]

Even if the repair facility is authorized....how does that guarantee their not skimping out and using 3rd party parts?

Surely if they do, they are then in breach of the terms of business with Apple, forfeiting such authorised status.

 

[sualpine]

Even if the repair facility is authorized....how does that guarantee their not skimping out and using 3rd party parts?

Because AASPs bill AppleCare for the parts. The parts come straight from Apple.

 

[oneMadRssn]

You're describing a scenario that would enable me to steal your phone and swap out your TouchID module for mine, giving me full access to whatever is on your phone. That would be a critical breach in security.

That is a huge and unsupported logical leap. There is no proof that this is true. I agree it would be a critical breach in security - which is why it's a good thing it doesn't work this way. Swapping touchid sensors does not also swap the memorized fingerprints.

 

[dk001]

I'm very confused by your argument. Are you saying that fixing a vulnerability before it is exploited is somehow bad?

How is it a vulnerability? If it is, Apple has bigger issue with their design.
[doublepost=1455054382][/doublepost]

I have no doubt that being credentialed can be a issue , I am a senior advisor for the iOS side of things and I admit I don't know everything about getting credentialed as a AASP (Apple Authorized Service Provider).

And believe me , when it comes to customers being inconvenienced because of sometimes having to travel a good distance to get these repairs done , we understand , we have these issues on a daily basis , but the unfortunate part of everything is that there is no perfect solution to everything , we have multiple service options offered to fix most issues , and we do try to make it as painless as possible , but you can only make some things so painless when peoples lives are built around these devices.

However issues caused by anything third party is not a new issue , this has been going on a long time , from third party software ( apps and jailbreaking ) too third party replacements of hardware , but the fact of the matter is , how can WE guarantee the quality of any of our devices , if all of our most closely guarded secrets , that being our security , could be in the hands of anyone who can qualify as a AASP.

That is why for anything sensitive like this , we do it ourselves if we can.

Then again , this is just a general stance , my overlord bosses could have a different outlook , but I believe this is pretty close.

Are you referencing 3rd party parts or 3rd party repair centers?

 

[BaldiMac]

They weren't willing to do nice things until the media caught light of it, and even then it's a very loose use of the term "nice".

Someone doing something that they are not obligated to do when it is brought to their attention seems nice to me. Expecting people to do something for you when they don't have to doesn't seem reasonable to me.

If charging you for a repair, when your previous repair is already satisfactory,

It wasn't satisfactory. It introduced a security hole.

Then I'd hate to be your family at Christmas, your presents must be absolutely awful, what do you give them? A swift kick in the gonads?

This isn't an issue made by the customer or the third party repair centre, it's entirely manufactured by Apple, and they're profiteering from it.

Perhaps you're from the US and your consumer rights are far less than ours in Europe, but preventing third party repairs or in fact just bricking someone's phone is entirely against all consumer legislation going.

Just go back to my list of questions again, how can you defend this when its so beyond extreme it's hard to believe this is a real issue? They could just wipe your data or block out TouchID, they're bricking phones for "your benefit". There is nothing Apple could say to excuse what they're doing, and yourself and everyone else unwilling to believe big loving, caring Apple could do no wrong.

Perhaps you could respond to any of the explanations that I've already posted in this thread instead of asking me to repeat myself again while you ignore the answers and make up my motivations to fit your irrational fanboy stereotype. Is it really crazy to be more concerned about the security of the device than the ability to get third-party repairs on some parts that have never failed for me?

 

[dk001]

Thus iOS 9 fixed this vulnerability. You are arguing both sides. Apple should not have a security hole, but they also shouldn't fix it?

So Apple fixed this undocumented unposted "vulnerability" on my out of warranty 6+ by bricking it. That's not even legal AFAIK.

Note: my 6+ is still original and working fine. It is out of warranty.