Slashdot Mirror
Have Your iPhone 6 Repaired, Only To Get It Bricked By Apple (theguardian.com)
New submitter Nemosoft Unv. writes: In case you had a problem with the fingerprint sensor or some other small defect on your iPhone 6 and had it repaired by a non-official (read: cheaper) shop, you may be in for a nasty surprise: error 53. What happens is that during an OS update or re-install the software checks the internal hardware and if it detects a non-Apple component, it will display an error 53 and brick your phone. Any photos or other data held on the handset is lost – and irretrievable. Thousands of people have flocked to forums to express their dismay at this. What's more insiduous is that the error may only appear weeks or months after the repair. Incredibly, Apple says this cannot be fixed by any hard- or software update, while it is clearly their software that causes the problem in the first place. And then you thought FTDI was being nasty ...
This error occurs if the repair involves the TouchID sensor. Sense this stores data required for the fingerprint authentication, the device will refuse to function for security reasons if it thinks it's been tampered with, which seems to be a reasonable precaution for a device component that can authenticate you across the device and also external services including financial transactions.
A better option would be to instead disable TouchID if tampering is suspected, but this isn't a case of Apple just arbitrarily making iPhones not work if you get a third-party repair like the story suggests.
We have a law like that in the US too (and for all products -- which should include iPhones -- not just cars): the Magnuson-Moss Warranty Act.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
It's not the fingerprint sensor itself that decides. The fingerprint sensor sends an image of the fingerprint to the Secure Enclave, which is a chip on the device that handles all of the encryption. The secure enclave itself does the analysis and makes the decision. This line of communication between the fingerprint sensor and the secure enclave is encrypted with a key exchange between the sensor and the secure enclave. This pairs your specific secure enclave with the Touch ID sensor. There is anti-replay techniques involved here as well.
The point of pairing the sensor to the secure enclave is so that someone can't open up the phone, install a sniffer on the bus between the secure enclave and the sensor to then collect the fingerprint data for later collection and replay it to the secure enclave to get it to unlock. It also prevents someone from just replacing the touch ID sensor to provide a known good fingerprint to the secure enclave via a hardware hack. You have to, in theory, have an authorized finger pressed up against a trusted sensor.
It's not a question of ownership. It's a question of warranty. He still owns his (now-bricked) phone.
In this case, the dude dropped his phone, gets it repaired at some no-name shop with dodgy parts, then complains when the security loophole the dodgy parts used got closed. If anything, the fault lies with the shop that did the repair.
Hell, Apple told him they'd do out-of-warranty replacement for it (not sure what that costs, but likely still less than full price), and that's because the problems began when he dropped it (which is not covered under warranty anyway, though some 3rd-party sellers do offer such warranty protection for a nominal fee).
Fair warning: If I bought anything from any other OEM and went through the same rigamarole, I'm certain that I'd get the same (or worse) treatment from the OEM... so this isn't just an Apple thing.
(...and this boys and girls, is why I buy just-behind-bleeding-edge Android stuff, so a total loss of the phone is only like $200, not $600 or more).
Quo usque tandem abutere, Nimbus, patientia nostra?
False analogy: Lotus didn't exploit security vulns to run. The dodgy fingerprint sensor did.
Quo usque tandem abutere, Nimbus, patientia nostra?
The federal minimum standards for full warranties are waived if the warrantor can show that the problem associated with a warranted consumer product was caused by damage while in the possession of the consumer, or by unreasonable use, including a failure to provide reasonable and necessary maintenance.
There is clearly an implied warranty that updates won't be malicious, even after the warranty period. The phone wasn't damaged by the consumer - Apple chose to brick it willingly. Even if the phone was out of warranty, they don't have the right to purposefully damage it, any more than a car company can claim lack of responsibility because an oil change was done at a competitor, unless they can show that the product's failure was because of the competitor's actions.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Apple already treats the PIN as more secure than Touch ID. If you find an iPhone with the fingerprint reader, try opening it with your finger. After a while the phone will lock into "Touch ID disabled" state and require the PIN. At this point the only way to reenable Touch ID is with the PIN.
That's not bricking. Bricking would be MS rendering components in the computer or the entire computer unusable.
Warrantors cannot require that only branded parts be used with the product in order to retain the warranty.[7] This is commonly referred to as the "tie-in sales" provisions,[8] and is frequently mentioned in the context of third-party computer parts, such as memory and hard drives.
Why should the touch ID sensor need to, or be actually doing, store any data or provide authentication?
Because the encryption key for the device is stored in an NVRAM knapsack in the touch sensor. The CPU uses a public key to establish an encrypted connection via the bus which connects it to the touch sensor, and then sends a block down to decrypt the contents of the knapsack, and then uses that to decrypt the user data key that's stored in the NVRAM attached to the CPU, and then uses that to decrypt the user data.
By forcing a pairing of the touch sensor with the CPU, it means you can not do a two stage attack by topping just one chip, you'd have to top both chips, and if you did that, your half-of-a-key-pair that you obtained wouldn't work with another device.
The way Apple handles this in the repair cases is it just replaces your device guts with completely new device guts (so that your cheesy engraving is not taken away -- and neither are your scratches in non-critical areas), and pops a new sensor chip (with an uninitialized PROM) into the device, and sends those guts to someone else as a refurbish.
But that does mean that third party repair for either of the two components is theoretically possible, but practically speaking, Apple will not sell you the chip you need to replace to do the same repair that an authorized service center would do. On the other hand... it means that Apple won't get the blame if you put in some third party battery or charging circuitry, and burn down your damn house because you wanted to save $5 or whatever.
I had someone email me about this nine months ago, and I suggested he go to an Apple Authorized service facility.
He replied and said the nearest one is a six hour, $1200 flight away.
No home button for him I guess.
Good luck decrypting it without the keys from the secure enclave, skippy.