Slashdot Mirror

← Back to Stories (view on slashdot.org)

Have Your iPhone 6 Repaired, Only To Get It Bricked By Apple (theguardian.com)

Posted by timothy on from the cheap-is-expensive-don'tcha-know? dept.

New submitter Nemosoft Unv. writes: In case you had a problem with the fingerprint sensor or some other small defect on your iPhone 6 and had it repaired by a non-official (read: cheaper) shop, you may be in for a nasty surprise: error 53. What happens is that during an OS update or re-install the software checks the internal hardware and if it detects a non-Apple component, it will display an error 53 and brick your phone. Any photos or other data held on the handset is lost – and irretrievable. Thousands of people have flocked to forums to express their dismay at this. What's more insiduous is that the error may only appear weeks or months after the repair. Incredibly, Apple says this cannot be fixed by any hard- or software update, while it is clearly their software that causes the problem in the first place. And then you thought FTDI was being nasty ...

4 of 410 comments (clear)

  1. Context On the Issue by Galaga88 · · Score: 5, Informative

    This error occurs if the repair involves the TouchID sensor. Sense this stores data required for the fingerprint authentication, the device will refuse to function for security reasons if it thinks it's been tampered with, which seems to be a reasonable precaution for a device component that can authenticate you across the device and also external services including financial transactions.

    A better option would be to instead disable TouchID if tampering is suspected, but this isn't a case of Apple just arbitrarily making iPhones not work if you get a third-party repair like the story suggests.

    1. Re:Context On the Issue by pushing-robot · · Score: 5, Informative

      Apple's response, by way of MacRumors:

      An Apple spokeswoman commented on the issue, referring to protective security features intended to prevent "malicious" third-party components from potentially compromising a user's iPhone as the main reason for the "error 53" message.

      We protect fingerprint data using a secure enclave, which is uniquely paired to the touch ID sensor. When iPhone is serviced by an authorised Apple service provider or Apple retail store for changes that affect the touch ID sensor, the pairing is re-validated. This check ensures the device and the iOS features related to touch ID remain secure. Without this unique pairing, a malicious touch ID sensor could be substituted, thereby gaining access to the secure enclave. When iOS detects that the pairing fails, touch ID, including Apple Pay, is disabled so the device remains secure.”

      She adds: “When an iPhone is serviced by an unauthorized repair provider, faulty screens or other invalid components that affect the touch ID sensor could cause the check to fail if the pairing cannot be validated. With a subsequent update or restore, additional security checks result in an ‘error 53’ being displayed If a customer encounters an unrecoverable error 53, we recommend contacting Apple support.

      --
      How can I believe you when you tell me what I don't want to hear?
  2. Re:Damned if you do, damned if you don't by adamstew · · Score: 5, Informative

    It's not the fingerprint sensor itself that decides. The fingerprint sensor sends an image of the fingerprint to the Secure Enclave, which is a chip on the device that handles all of the encryption. The secure enclave itself does the analysis and makes the decision. This line of communication between the fingerprint sensor and the secure enclave is encrypted with a key exchange between the sensor and the secure enclave. This pairs your specific secure enclave with the Touch ID sensor. There is anti-replay techniques involved here as well.

    The point of pairing the sensor to the secure enclave is so that someone can't open up the phone, install a sniffer on the bus between the secure enclave and the sensor to then collect the fingerprint data for later collection and replay it to the secure enclave to get it to unlock. It also prevents someone from just replacing the touch ID sensor to provide a known good fingerprint to the secure enclave via a hardware hack. You have to, in theory, have an authorized finger pressed up against a trusted sensor.

  3. Re:Solution! by l.a.rossmann · · Score: 5, Informative

    I had someone email me about this nine months ago, and I suggested he go to an Apple Authorized service facility.

    He replied and said the nearest one is a six hour, $1200 flight away.

    No home button for him I guess.