
Apple Apologizes and Updates iOS to Restore iPhones Disabled by Error 53 - aj_icracked
http://techcrunch.com/2016/02/18/apple-apologizes-and-updates-ios-to-restore-iphones-disabled-by-error-53/
======
baldfat
> Apple Apologies

I am an Apple hater BUT I have to say very proud of the new Apple and actually
saying they made a mistake and apologizes. This and the fight for security are
both things as a self proclaimed Apple Hater applaud Apple for doing. Good
job!

~~~
Zezima
If you've already pre labeled yourself as a "hater of X" they you're throwing
away your ability to create new opinions and judgements when situations
change.

This is not a healthy mentality to have about anything.

~~~
rnernento
Sometimes a company takes actions I consider to be pretty terrible (e.g. Apple
Maps, Sony removing functionality from the ps4). At that point I feel
justified in becoming a "hater" of that company. Going forward I lean towards
skepticism of the company and put the onus on them to win me back. Maybe I'm
crazy but this feels perfectly reasonable.

~~~
DonHopkins
Yeah, there's Bad, and there's Apple Maps Bad. [1]

[1]
[https://www.youtube.com/watch?v=tVq1wgIN62E](https://www.youtube.com/watch?v=tVq1wgIN62E)

~~~
givinguflac
It was really bad at launch, but I find it better than google maps for
navigation, though still trailing a bit on specific POI searches.

------
illumin8
This seems like the right thing to do - disable the unauthorized Touch ID
sensor, but don't brick the phone. The secure enclave is still intact and
secure, and if you want Touch ID back, you can get it repaired with authorized
parts.

~~~
chinathrow
The car industry played the same game a while a go and failed badly.

Allow repairs of the device you OWN with parts you decide and not the
manufacturer.

~~~
illumin8
Yes, but if you stored all your bank accounts, credit cards, and private
photos in your car, and any repair shop could connect a USB thumb drive and
download the contents unencrypted, wouldn't you want a little bit of
cryptographic insurance that that wasn't possible?

~~~
qb45
> Yes, but if you stored all your bank accounts, credit cards

I wouldn't be surprised if Apple Pay was the actual reason behind all this
stuff.

Malware is bad, but malware which can "authorize" payments is a whole new
level of bad and would cost Apple actual money. So they run Pay on a separate
CPU whose communications with the fingerprint scanner are encrypted to prevent
the main CPU (which relays those communications) from replaying user's
fingerprint many times to "authorize" unwanted transactions. Hence the
"pairing" of home button to the phone.

------
mbrd
Anyone else get the impression that the head of PR at Apple was on vacation
and returned this week to put out all the fires?

Seriously though, this seems like a consumer-friendly decisions, as was the
iOS backdoor/San Bernadino press release yesterday and it's nice to see.

------
roddux
Nice move, it's pretty cool of them to offer reimbursement to people who
bought replacement phones in the meantime.

~~~
deckar01
So, anyone who dropped the cash to buy a new iPhone gets it for free (with a
working touch ID sensor), but anyone who couldn't afford to buy a new iPhone
has to pay for an official touch ID sensor? Ouch.

~~~
rconti
To be fair, I'm not sure a new touchID sensor is expensive. I cracked the
screen on my 6 the other day, and was investigating DIY screen replacements.
$100 for screen+digitizer not so bad, but I hear the replacement is a bit of a
bear.

Fortunately a friend overheard my conversation and recommended I just take it
to Apple. Sure enough, screen replacements are something like $105 out the
door. The replace the screen and digitizer.

When I went back for my phone, they told me they tried 2 new
screens+digitizers and neither one worked, so they just gave me a new phone
for the "screen replacement" price.

Needless to say, I was quite happy I didn't try to DIY. I had no idea the
"official" Apple repairs would be so cheap. I guess things have gotten a lot
more consumer friendly since the bad PR days of cracked screens.

I'm not sure if the home button is replaced in a screen replacement, but I
can't imagine it's particularly expensive vs a screen+digitizer replacement.

~~~
chris_wot
Wtf? I cracked my iPhone 5S and took it to an Apple Store and they told me it
was impossible to repair, and sold me a new iPhone for $400!

~~~
schrodinger
They can only repair it if the frame isn't bent. Yours must have been.

~~~
rconti
Also, in the early days, Apple basically said "buy a new phone". They got some
bad PR about it and came up with the repair program. I think it well predates
the 5S though.

------
jasonjei
Some part of me believes that the old Apple that Steve Jobs was in control
would have stood his ground with "Error 53." The Tim Cook Apple is a lot more
compassionate with respect to these sort of things.

~~~
ratfacemcgee
i used to work as a genius, and left a few years back. When i left, the genius
role basically became 60-70% display replacements for iphones, and no macs at
all.

When you get a display replaced, the phone goes through 2 machines, one of
which calibrates the phone by launching some weird firmware while in the
machine (actually kinda neat, its like a DFU mode but it doesn't wipe the
phone in the process)

Since every phone has to run through the machine, it creates a backlog of
phones that are waiting. These phones _work_ without being put through the
machine, but sometimes the displays are fucked and the machine detects that
(and the phone then gets a new display, etc etc).

The machine also pairs the display with the phone, so that Applecare have a
record of what display is currently on what phone.

If you take your phone in again, they do a spot check to make sure that
display matches and they're good to go. If it doesn't, then they're supposed
to refuse service (cause its likely that it was done at a dodgy repairer).

HOWEVER! I've seen phones get stuck in weird loops as soon as they're
restarted if they haven't been put through the machine yet. The phone
basically is fucked at that point and needs replacement. Remember, this is a
legit repair that has caused this, and happens way more than you think (maybe
1 in 20 when i left, its probably better now).

Therefore, they are probably taking this route because they can't be sure that
they aren't the cause of the fuckups.

------
CountSessine
Maybe this is a silly question, but does anyone know how secure the TouchID on
the iPhone is compared to the 4 digit pin? I remember from a comment in the
Android source that the android 5 face recognition is about equivalent to a 3
digit pin. Is TouchID more secure or less secure than the 4 digit pin?

Is it more tractable or less tractable for someone to brute-force the 4 digit
pin than the TouchID? I.e. if someone wanted to get into my phone, and they
removed the official TouchID sensor and now it falls back on a 4 digit pin,
does that do them any good?

I wonder if I could get the old behaviour back - if someone was tampering with
my phone by removing the sensor, is there any way of bricking the phone until
I can get it to an apple store?

~~~
HappyTypist
FYI, it's slightly difficult to brute force the touch ID, because the secure
enclave will wipe the derived PIN key (that it holds in internal memory, after
receiving a signed message from the touch id sensor) in a reboot or after 48
hours.

~~~
MBCook
Or a certain number of incorrect attempts.

------
aj_icracked
I am a little torn on this given there isn't a cited source and I don't know
if Apple would give TC (or anyone) an exclusive on this. If it's true we're
dancing in the streets though!

~~~
tehwebguy
> Update: A new support document on Apple’s site has been issued that details
> the causes and repair methods for Error 53.

Links to [https://support.apple.com/en-
us/HT205628](https://support.apple.com/en-us/HT205628)

~~~
wfunction
Last Modified: Dec 21, 2015?

~~~
mikeash
It shows "Feb 18, 2016" for me. Maybe something was momentarily out of sync
somehow.

~~~
stordoff
I'm also seeing "Last modified: Dec 21, 2015", as is the Google Cache of the
page and the Web Archive. I'd assume it was published with the wrong date, and
the correction hasn't fully propagated Apple's CDN/cache.

------
gradients
Wow- this is great for me. I have been sitting on iOS8 for some time now
because of this.

I broke my screen and home button and had them replaced before I went on
vacation. Luckily I had read about the error 53 issue before attempting to
upgrade my jailbroken device.

I'm very surprised Apple would respond so well to an issue typically caused by
3rd party repairs.

~~~
Ezhik
Apparently OTA updates don't suffer from this, so you could try soft-restoring
your device (there's a Cydia tweak for that), then doing the OTA update to
9.x.

------
iBzOtaku
Boy, lately things haven't been going well for Apple.

------
TazeTSchnitzel
> This test was designed to check whether Touch ID works properly before the
> device leaves the factory.

Does that mean Error 53 stemmed from Apple having distrust in their supply
chain? Interesting.

~~~
jonknee
Not a bad tack considering where the iPhone is made.

~~~
TazeTSchnitzel
It's a reasonable precaution no matter where it might be made. You never know
who might alter the device in transit.

------
maerF0x0
Anyone else find it suspicious that this comes the day after court order to
backdoor their devices?

~~~
hyperpape
Not me (seriously...it's an odd coincidence, but I don't see the connection.)

------
profeta
So they pleased users and complied with that judge order in one bat?

;)

------
jsudhams
Does apple make lot of money or loose lot of money on repairs? Or else they
should let third party repairs.Typically for product companies it is better if
they have ECO system of repairs/service by third party so that they them
selves don't have to support for long which costs lot of money. Other than
life safety devices others should allow customer who want to repair their
product should be allowed.

~~~
rconti
I made another comment, but screen+digitizer replacement for my 6 cost $105.
Not bad at all IMO. The parts alone cost $100 online.

~~~
ericabiz
The part cost wholesale (ordering 100+ of them at a time) is $74-$78 currently
for a high quality LCD+digitizer for an iPhone 6.

Note that Apple doesn't sell parts directly, and any third-party repair store
that says differently is lying to you. There are, however, plenty of high-
quality replacement parts available from other distributors.

------
wfunction
Who actually buys the explanation that this was not intended to leave the
factory?

~~~
exw
Anybody with common sense. Do you really think that Apple, who prides
themselves on having outstanding customer satisfaction, would deliberately try
to brick their customers phones through something this obvious?

Apple definitely looks out of their own interests, but they jump through a lot
of hoops to protect their customers from bad experiences, especially since the
obvious implementation was to just disable the fingerprint sensor if can't be
trusted.

Edit: additional info from the TC article: <<The update is not for users who
update their iPhones over the air (OTA) via iCloud. If you update your phone
that way, you should never have encountered Error 53 in the first place.>>
Your conspiracy theory would really require that they brick phones through
both the OTA and iTunes update.

~~~
wfunction
> Do you really think that Apple, who prides themselves on having outstanding
> customer satisfaction, would deliberately try to brick their customers
> phones through something this obvious?

Yes I do think that they would attempt to discourage unauthorized repairs in
such a way for less-than-noble reasons.

If you think it was a mistake, then can you explain why Apple wasn't bothered
to do anything until someone ran an article on it and publicized it?

~~~
__jal
A thought experiment: suppose you are in charge of handling repairs for a
multinational fleet of hundreds of millions of devices.

One thing you'll probably do is triage: by looking at the numbers of devices
that fail in various ways, you can optimize your parts channels, training,
processes, etc. in various ways. This is business 101.

Now try to guess how many people have been experiencing this error. My guess
is it is a pretty small percentage of several hundred million. I also guess
that there are a number of other failure modes affecting similarly small
groups of users. In a device as complex as the iPhone, with a population that
large, there has to be.

But wait! Now the press is hammering you over one of those small-population
failure modes. Everything else equal, you're an idiot if you don't handle that
one first.

Of course, thought, this is Apple. So the reasonable, simple explanation makes
no sense and instead Occam's Second Exception indicates that when Apple is
involved, skullduggery and shenanigans are the only reasonable explanation.

~~~
mmmBacon
Triaging by data is just the first step. Once you decide it's an actual
problem you have to be able to reproduce it. To confirm this is happening, you
have to get production phones, then do an out-of-process rework, then do this
for different OS versions, OS upgrade methods, iTunes version, etc...
Reworking this sensor is not an easy task so you have to have someone do it
for you and get their time, etc... It's actually a pretty big project to do
this correctly.

------
dismal2
If you have a smartphone and think you have any sort of privacy, you're
delusional

------
chris_wot
Yes, well, it probably helps to know that the Australian Competition and
Consumer Commisioon (ACCC) was investigating Apple for abuse of market power
over this issue.

The last time this occurred, it was over illegally claiming iPhones and other
Apple devices were out of warranty when they weren't, and misleading consumers
that to get any form of warranty service after one year they would need to
purchase an Apple extended warranty. They were not only fined millions, but
were forced into printing a humiliating retraction on their website and in the
press - one that basically was reported on worldwide.

I'm not at all surprised they backed down this quickly this time around. It's
almost certain they would have been found to have committed the offence of
third line forcing, to which there are very, very steep fines.

------
hackaflocka
But wait, they earlier said it was an intended security feature. Now they're
saying that it was a factory test not intended to go public?

New personal rule: never update the phone again... ever.

~~~
joshstrange
It is a security feature that your TouchID is disabled when the phone detects
a non-official/verified sensor but it wasn't intended to brick the phone, just
disabled TouchID. There was a bug that ONLY affected people who update using
iTunes (this is rarer than you might think) as it's a diagnostics tool they
use in factories where they WANT to get the error 53, they didn't intend that
to get out to customers.

