Have Your iPhone 6 Repaired, Only To Get It Bricked By Apple

New submitter Nemosoft Unv. writes: In case you had a problem with the fingerprint sensor or some other small defect on your iPhone 6 and had it repaired by a non-official (read: cheaper) shop, you may be in for a nasty surprise: error 53. What happens is that during an OS update or re-install the software checks the internal hardware and if it detects a non-Apple component, it will display an error 53 and brick your phone. Any photos or other data held on the handset is lost – and irretrievable. Thousands of people have flocked to forums to express their dismay at this. What's more insiduous is that the error may only appear weeks or months after the repair. Incredibly, Apple says this cannot be fixed by any hard- or software update, while it is clearly their software that causes the problem in the first place. And then you thought FTDI was being nasty ...

You think it's YOUR phone?

[LynnwoodRooster]

In the Apple world-view - you're just borrowing their property. Never mind you paid for it, it's still theirs and they retain 100% right to do anything to it at any time, and you just have to accept it. Because, you know, It Just Works. For them...

Obvious solution is obvious.

[Locke2005]

Pay the $99/year extortion/insurance that is AppleCare, and always have your phone fixed by Apple under warranty. Then if it gets bricked, it's Apple's fault and you get a new phone. The one thing I've found that Apple does best is customer service.

Re:Context On the Issue

[adamstew]

Because there was a flaw in the security before the update that allowed you to swap out the Touch ID sensor. The update patched a flaw and then the phone noticed a problem with the trust of the hardware.

Re:Damned if you do, damned if you don't

[Sarten-X]

So, to avoid a hardware attack on the TouchID system, Apple should require using the passcode system that is vulnerable to shoulder-surfing attacks.

Excellent plan, AC!

Re:Maybe a good thing

If I sell Iphones and want to steal data, I write & install and app that does it for me. Simple, no hw needed.

If I want to extract from a stolen/bricked Iphone, I rip out the flash memory and read it directly using electronic circuits. No apple sw in my way then.

Apple always gets away with it.

[Ecuador]

Apple always gets away with it and the other vendors don't follow, because they don't have customers who will eat up anything.
Let me give you an example just from my experience. My 3rd iPhone 4S in a row has failed in the same exact way: wifi/gps disabled. Just do a quick google about the "grayed out wifi" problem, you will find thousands of posts and also a lot of iPhone 4/4S phones on ebay with that fault. Only the first of the 3 failed within warranty in my case and all three where always in an office and used once a week for testing/debugging (that's why I kept replacing it, I test on various devices). People have actually pinpointed the problem: the overheat detection of the wifi/gps module fails and the software disables it. In fact, this disabling was a "feature" introduced with iOS 6 IIRC, so people who had stayed with iOS 5 did not get the issue. For any other company there would have been a recall, since it would have been an easy class action otherwise, and even a software patch would fix it. But apple is happy with customers getting a new phone and their average customer doesn't mind much.
Ooh, another example, my boss, who you would call a dedicated Apple fan, had bought a mac mini 5-6 years ago. After 6 months it started killing his keyboards. He went through a few expensive/fancy keyboards before figuring out it was the mac mini and so he took it to the Apple store (Manhattan) where they diagnosed a faulty MB and told him it would take a week to have it replaced. He left it there, got a call about a delay and finally went to get it almost two weeks later. Instead of returning a fixed mac mini they told him they had voided the warranty because they found "dust" inside!!! And the only solution they offered was a 10%-off a new mac mini!!! And he took it!!! Bought the same thing, at a 10% discount!!! He didn't even flinch, I mean, I only found out because I asked, he did not find it interesting enough to mention. My jaw dropped when I heard it, I told him there is no such thing as warranty voided because of "dust", that if the device maker thinks they should not have dust they put a little filter in the computer intake (I do that in my custom builds), that a 6-month old mac mini in a no-pet no-smoke office would not have any dust anyway (and even if it did, why would it fail when decade old dusty components work fine). For all my arguments his response was "the apple genius told me my warranty is voided there is nothing I can do". He actually believed they were right. Even after I showed him the warranty which of course does not mentions dust he though they were right somehow...

Re:Solution!

Just to let you know... as someone IN the advertising industry targeting these devices. iOS sends consistently more data than android. Android is kindof hit or miss on data depending on where its coming from. iOS doesn't miss all that often.

Re:Maybe a good thing

[Tharkkun]

The sensor does not do the decryption or authentication. The attack vector would be a sensor that has been replaced with a mechanism that replays a snapshot of the phone owner's fingerprint and sends that down the wire to the mainboard. Apple is attempting to curtail that type of attack by authenticating the physical sensor to the mainboard.

So disable the sensor if it's found to be invalid. You don't destroy a $500 phone. What if the sensor goes bad? New phone? Seriously people.

Re:This is what real choice looks like

[ChumpusRex2003]

I agree. Think of it this way, Apple are trying to push Apple pay which makes use of the system security provided by the fingerprint scanner (the private keys for apple pay are split between the fingerprint scanner chip and the crypto engine chip on the motherboard, so that compromising one chip doesn't reveal the whole key).

At present, the OS will disable apple pay when it finds that the finger print scanner fails to negotiate key exchange correctly; this potentially ends up with a tech support call to apple, or a social media posting saying, "why does my apple pay keep screwing up?".

Now consider what happens when there are a large number of field-repaired phones with knock-off fingerprint scanners. They appear to work fine, but some features are broken in subtle ways. The customer is confused; they may not relate it to the repair they had done; it creates an impression of an unreliable product and an expensive customer support nightmare. Clearly, apple want to stop this before it becomes endemic.

With the OS doing a full power-on self test on the security infrastructure, such a fault would be detected at the first reboot after the damage occurred, or after a repair using an incorrect part was performed. The security failure can now be easily attributed to the damage/repair, even by users of social media and journalists. This ensures that repairers don't perform half-assed repair jobs which can lead to incomplete or faulty operation (on what is marketed as a premium product).

Re:Maybe a good thing

[shawn2772]

1. Steal phone.
2. Lift owner's print from the phone.
3. Replace sensor with device that sends data of your choice.
3. Feed fingerprint image to unlock device.

The owner's fingerprints are generally all over a phone.