Apple Says Sorry For iPhone Error 53 and Issues IOS 9.2.1 Update To Fix It

Mark Wilson writes: Apple has a lot of support at the moment for its stance on encryption and refusing the FBI access to an iPhone's contents, but it's only a couple of weeks since the company was seen in a less favorable light. There was quite a backlash when users found that installing an update to iOS resulted in Error 53 and a bricked iPhone. Apple initially said that Error 53 was caused 'for security reasons' following speculation that it was a bid to stop people from using third party repair shops. iFixit suggested that the problem was a result of a failure of parts to correctly sync, and Apple has been rounding criticized for failing to come up with a fix. Today the company has issued an apology, along with an update that ensures Error 53 won't happen again. But there's more good news ... If you were talked into paying for an out of warranty replacement as a result of Error 53, you could be in line to get your money back.

It's a trap!

[xombo]

Stealthily pushing out an update that will make cracking the Secure Enclave easier in future FBI investigations?

Re:It's a trap!

[bobbied]

We will never know for sure.

Re:It's a trap!

[sjames]

Complete nonsense. If there is reason to suspect the fingerprint scanner, it should be ignored, that is all.

Re:It's a trap!

wouldnt help them with the current investigation as they would need to unlock the phone to update it otherwise restore it and wiping out all data with it

Re:It's a trap!

Stealthily pushing out an update that will make cracking the Secure Enclave easier in future FBI investigations?

Try loosening the tin foil. It's cutting off too much blood.

Re:It's a trap!

[BronsCon]

Now what will happen is you'll use a insecure sensor, apple will still allow the phone to boot, and a bunch of dumbasses will go ahead and use the phone with a compromised sensor

You mean, what happens now? You do realize that Error 53 doesn't happen immediately (it would possibly be a security feature if it did) but, instead, happens weeks or months later when software updates are applied. A proper security feature would be deactivating power and data pins for the sensor if it fails to authenticate itself at boot, permanently disabling it after a set number of failures. No need to disable the entire phone; the non-working sensor should alert the user to the problem.

Re:It's a trap!

[myowntrueself]

The other great part about this is ... its because people are cheaping out on a repair for a $650+ device. People are idiots. Buy a cheap repair, you deserve your phone bricked for stupidity.

You are travelling and in some 3rd world location, it might be for your job. You might need your phone for survival (trust me, if you travel in out of the way places a smart phone really can be a survival accessory). The screen breaks. Shipping it to a certified Apple repair place might take months and cost rather a lot, what with secure shipping etc. So you get it repaired locally. It happens and its not 'cheaping out'.

Re:It's a trap!

[110010001000]

If you are depending on an iPhone for your life then you might want to reconsider your life.

Re: It's a trap!

The iphone will refuse to allow TouchID. So in your example, the spybuilt sensor grabs his fingerprints, but no longer can gate access to his phone at all.

Re: It's a trap!

[Applehu+Akbar]

It falls back to authenticating with passcode in this case.

Re:It's a trap!

[beanpoppa]

Except it's not that the phone will fail to boot following a sensor replacement. The phone will continue to boot, and the sensor will continue to take fingerprint scans happily for days, weeks, or months until such a point that the user chooses to accept the next software update, or performs a wipe. So Apple's FUD about this being a way to lock out a potentially insecure link in the chain is BS.

Re:It's a trap!

[uncqual]

The court order specifically specifies that:

Apple's reasonable technical assistance may include, but is not limited to: providing the FBI with a signed iPhone Software file, recovery bundle, or other Software Image File ("SIF") that can be loaded onto the SUBJECT DEVICE. The SIF will load and run from Random Access Memory ("RAM") and will not modify the iOS on the actual phone, the user partition or system partition on the device's flash memory.

So, an ordinary install of a crippled version of iOS would not meet the requirements anyway.

Re:It's a trap!

[burtosis]

I regularly work with these kinds of devices and technologies. A few tiny screws, heat sensitive adhesive, and some flat flex cables will not and have not deterred me from fixing the phone for $2-12 instead of a ridiculous $100 and a long wait or some just as ridiculous maintenance plan.

Re:It's a trap!

Boy, how many ways can you get this wrong?

Now what will happen is you'll use a insecure sensor, apple will still allow the phone to boot, and a bunch of dumbasses will go ahead and use the phone with a compromised sensor

Ummm, lets see? Device continues to work so why should your so sensitvely described "dumbasses" know they have a possible issue?

people will yell at Apple because some douche booted his phone with a compromised sensor ... and continued to put his thumb on it again and again so it could be scanned again and again

Once again, how is a non tech person supposed to know their repair may eventually trigger bricking, let alone have any idea their repair has introduced a theoretical security issue? (Theoretical since apple would have made a huge thing out of *actual* compromised phones with *actual* losses and damage, and apple has made no such huge thing.)

The phone shouldn't boot, it should be entirely unusable so no one ignores the warning and tries to use it anyway.

And, when people really need their phone and it's a brick, will you display this same deep concern for their well being? You really might want to consider a career in human services.

Then, best story of all ... it'll once again by Apples fault that they didn't disable the sensor completely.

No, it's apple's fault they disabled people's *phones* for no good reason when all they needed to do was disable the fingerprint sensor and demand entry of a password. Anything beyond that was disgusting gratuitous damage.

The other great part about this is ... its because people are cheaping out on a repair for a $650+ device. People are idiots. Buy a cheap repair, you deserve your phone bricked for stupidity.

Good thing most people know to pay as much as possible for stuff.

Once again, your sensitivity is wasted here. Think about the helping professions, maybe priest or counselor?

Re:It's a trap!

[BitZtream]

You're missing his point.

You can not update a locked phone, at best you can wipe it. Even if Apple provides what they want, the ONLY way to get it on there, is to wipe the device.

To install new software on the phone, it requires that you unlock it, so that people can't do exactly what the court is requesting (though I doubt Apple had the courts in mind and probably was thinking general malicious code.

Re:It's a trap!

[Silicon-Surfer]

If you're in an isolated 3rd world location, and so dependant on your iPhone, you might consider not smashing it! Maybe a quality cover to protect your vital piece of equipment would be a wise investment?

Re:It's a trap!

[marcansoft]

You jest, but they can already crack the Secure Enclave. Even if the FBI were asking them to crack a phone that actually had it, it would make no difference, because the Secure Enclave is just a security processor. It's not a tamperproof HSM and Apple can sign and load whatever code it wants into it at any time.

Re:It's a trap!

[marcansoft]

The sensor will not take fingerprint scans. Having a replaced TouchID module means TouchID won't work (due to pairing failure). It'll still boot though. The old recovery mode installer just barfed on this expected condition instead of working around it like the regular OS does.

Re:It's a trap!

[marcansoft]

Uhm, no. You can just run code from RAM via DFU mode. Every jailbreaker knows this. That code can do whatever you want.

Re:It's a trap!

[sociocapitalist]

The other great part about this is ... its because people are cheaping out on a repair for a $650+ device. People are idiots. Buy a cheap repair, you deserve your phone bricked for stupidity.

You are travelling and in some 3rd world location, it might be for your job. You might need your phone for survival (trust me, if you travel in out of the way places a smart phone really can be a survival accessory). The screen breaks. Shipping it to a certified Apple repair place might take months and cost rather a lot, what with secure shipping etc. So you get it repaired locally. It happens and its not 'cheaping out'.

Even moreso, if you pay 655+ for a device that device should be your own to get fixed where you want to get it fixed.

Re:It's a trap!

[stealth_finger]

The other great part about this is ... its because people are cheaping out on a repair for a $650+ device. People are idiots. Buy a cheap repair, you deserve your phone bricked for stupidity.

You are travelling and in some 3rd world location .

The third world contry with enough power points to keep your phone charged all the time while travelling and has a bunch of iphone repair shops all over the place.

Re:It's a trap!

[uncqual]

Yes, YOU (the consumer) can probably only wipe it. If you open the phone, use JTAG et al, you can almost certianly do much more. You notice Cook didn't say "we can't do this", instead he said something like "it would be a bad idea for us to do this".

BTW, the court order indicates the phone is a 5C so has the A6 SOC, not a 5S (or later) with A7 or later. I believe more of security, including some of the unlock logic, moved into the chip/firmware in A7 but was more accessible in A6 models.

The order prohibits installing a new version of iOS - so that obviously is not the expected solution.

I'm sure that FBI has a number of iPhone/iOS experts at it's disposal and also knows much more about iPhones and iOS based on disclosures from Apple than the general public has. It's pretty clear the FBI (who, obviously, wrote the court order the judge signed - as is the norm in cases like this) is pretty sure Apple can do this because they have provided quite specific instructions on one way to do it.

Re:It's a trap!

Almost all third world countries have power points. Not sure why you'd think otherwise. Also, 3rd world countries tend to have the highest adoption of cell phones coupled with the lowest adoption of Apple hardware, meaning plenty of places capable of repairing iPhones but very few official Apple stores.

Re:It's a trap!

[AmiMoJo]

This is actually a pretty common scenario for people who follow route guidance in Apple Maps.

Re:It's a trap!

[AmiMoJo]

You can not update a locked phone

Look carefully at what the FBI is requesting. They want software that runs from RAM, loaded via the DFU. The DFU, or Device Firmware Update, is a special bootloader designed to be used at the factory for programming. It's a common feature with ARM processors, and usually burned into a ROM somewhere so that software can be loaded at the factory without a special programmer using existing ports.

If you check the instructions for accessing the DFU (hold some buttons while turning the device on), you can see that no pass code is needed. Obviously the flash memory is encrypted so you can't do an OS update, but you can load arbitrary code into RAM and execute it. That means you can update the software on the Secure Enclave to remove the delays between PIN attempts and the attempt limit, and then execute a brute force attack, all in RAM.

The FBI has found a way in, they just want Apple's help to exploit it. They know Apple can do it, because Apple has demonstrated the ability to update the Secure Enclave firmware in the past, and the DFU is well documented. It's just a genuine security screw-up on Apple's part.

Re:It's a trap!

[Maritz]

Well look at you doubling down. I figured all the people defending the error 53 stuff would melt away into the shadows.

Re:It's a trap!

[Maritz]

You've just revolutionised the world of phone repair and put tens of thousands out of work. People - stop breaking your phones. Thank you.

Re:It's a trap!

[Maritz]

No, it's apple's fault they disabled people's *phones* for no good reason when all they needed to do was disable the fingerprint sensor and demand entry of a password. Anything beyond that was disgusting gratuitous damage.

That right there is the bit you won't even be able to get him to acknowledge, let alone concede - even though Apple themselves appear to have done so.

Re: It's a trap!

Oh, by third world, you must mean, outside of any major city in the us of a. And not everyone can get away from work long enough during the workday to take their i phone to an authorized shop, but there are the other phone shops that have a simular, as in made by the same company, in the same plant, in the same run, etc but put on a different phone, at half the price, and installed for maybe even less the half the price. Damn, that sounds familiar...

Re: It's a trap!

[myowntrueself]

Oh, by third world, you must mean, outside of any major city in the us of a. And not everyone can get away from work long enough during the workday to take their i phone to an authorized shop, but there are the other phone shops that have a simular, as in made by the same company, in the same plant, in the same run, etc but put on a different phone, at half the price, and installed for maybe even less the half the price. Damn, that sounds familiar...

The USA is a 3rd world country with a bunch of 1st world city-states.

Re: It's a trap!

And, no where, did the phone or apple acknowledge, something is wrong, please come into a shop for repairs?

Re:It's a trap!

[myowntrueself]

The other great part about this is ... its because people are cheaping out on a repair for a $650+ device. People are idiots. Buy a cheap repair, you deserve your phone bricked for stupidity.

You are travelling and in some 3rd world location .

The third world contry with enough power points to keep your phone charged all the time while travelling and has a bunch of iphone repair shops all over the place.

Absolutely. But not, typically, ones that have been blessed by Apple to repair the Holy Apple Hardware. Hence the bricking.

Re:It's a trap!

Time to buy a second iPhone that you keep synced. Screen breaks, change the SIM to the other iPhone and away you go.

Seriously, if you're depending on a phone for your survival.... you better have more than one, dolt.

Re: It's a trap!

And they apparently trying to trap someone. You were mentioned, viewed on this phone. Apparently, you cannot capiture a forensic image without breaking the encryption? Not the correct investigative technique. Not legally binding. Any first year legal e-legal aught to defend against that. I have read, in other articles, that apple assisted many times. Why the change now? Profile? Or they cannot do it? Hmmmmm?

Re:It's a trap!

Obviously you would have a portable solar charging device such as a backpack with a solar panel that can charge as you hike. Stop and think for a second before knee jerk reaction to something you haven't thought through.

Re:It's a trap!

[sh00z]

No, just introducing another security flaw in general thanks to the mass number of ignorant people who think this is a good idea..

It's not just the fingerprint sensor. My daughter had her screen replaced AT AN APPLE STORE. Update 9.2 gave Error 53. I'll try 9.2.1 this weekend, and then take it in if that doesn't fix it,

Re:It's a trap!

Then let them enjoy their efforts to exploit it, and ma'azel tov.

Apple is off the hook here, and need go no further.

Unless They (tm)(r) decide to cripple/outlaw encryption (again).

Re:It's a trap!

'them' in first sentence is FBI; just for clarity.

Re: It's a trap!

Did you factor in the cost of your time?

Re: It's a trap!

[KGIII]

I'm gonna guess that you've never actually been to a "third-world" or impoverished nation? Why? I have. I've also explored the US in great detail - well and above that which is normally seen and very seldom in the urban areas. If you expect your comment to be taken seriously, you might want to make some serious adjustments. I can assure you, the US is much better than you seem to think. Get out of the city in South Africa, go to Nigeria, visit Haiti, go to the more remote areas of even Mexico - then compare and contrast. Hell, there are parts of *Canada* that are fucked up in multiple ways.

Re: It's a trap!

[Cochonou]

I do not know about the cost of his time, but mine is certainly free when performing work for myself.

Re: It's a trap!

[myowntrueself]

I've lived and worked in 3rd world nations.

Re: It's a trap!

[KGIII]

Then you have a very strange definition for third world or are hyperbolic and should know that you're being disingenuous.

Sorry for what?

[bobbied]

Being caught or making a mistake that messed up your customers' phones?

I'll believe you are truly sorry about messing things up if you now turn around and *fix* those phones which are now useless because they may have had non OEM parts installed. Otherwise, I'm going to believe that you are just sorry for getting caught.

Re:Sorry for what?

[bobbied]

OK... Before I get savaged.... They ARE refunding anybody who has paid Apple to repair their phone.... No mention of those who just purchased a new phone though...

Re:Sorry for what?

[sims+2]

"This update will restore phones âbrickedâ(TM) or disabled by Error 53 and will prevent future iPhones that have had their home button (or the cable) replaced by third-party repair centers from being disabled." From the article on techcrunch.

I'm sorry Mr. Hipster!

I'm sorry Mr. Hipster,
I am for real!
Never meant to make your iPhone die!
I apologize a trillion times!

Ohhhhhhhhh!

I'm sorry Ms. Hipster,
I am for real!
Never meant to make your iPhone die!
I apologize a trillion times!

wait a second

[davecotter]

i thought the point of this error 53 was to purposely render your data inaccessible in the case where the touchID had been tampered with? when i read about it, i was like, the people that are whining about this don't fully understand security, that this bricking thing is actually good, cuz a bad guy could replace a real touch sensor with a compromised one, then unlock the phone with a fake fingerprint. now, with this "fix", it seems a bad guy could do exactly that? i'm sure i'm missing something.

Re:wait a second

Probably the threat of a class action lawsuit against Apple for breaking consumer protection laws.

There's no way they're doing this out of the kindness of their hearts. It's Apple. They don't have hearts. The only reason they'd be doing this is for legal liability reasons, and it's probably because someone pointed out that bricking the phone because a third party repaired it is illegal.

Does it also break the security of the device? Oh, probably, but it's Apple. Apple sells on being "user friendly" and "user friendly" is the exact opposite of secure.

Re:wait a second

[Anubis+IV]

This update doesn't re-enable TouchID. It simply allows people to unlock using their passcode.

More or less, the Secure Enclave can be accessed via user passcode or TouchID. Error 53 was a means of securing iPhones against possible breaches resulting from the use of untrusted TouchID components, but the approach was overly heavy-handed, since it also prevented users from using their passcode. This update restores that ability, while still disabling the untrusted, third-party TouchID components.

Re:wait a second

[AmiMoJo]

The security claim made no sense to anyone who understood how fingerprint scanners work. Apple spun some bullshit line and Apple fans bought it, inventing elaborate and ridiculous explanations to back it up.

Hint: Much easier and more effective than building a custom fingerprint sensor that records the fingerprint data, just passively snoop the touchscreen data lines which are analogue and unencrypted. Capture the user's PIN/password.

Re:wait a second

i thought the point of this error 53 was to purposely render your data inaccessible in the case where the touchID had been tampered with?

Wasn't the problem that people were getting error 53 after performing an update? How does that help security?

Re:wait a second

[gweihir]

A sufficiently competent "bad guy" could already do that. The whole thing is a trade-off. Apple apologized for being too restrictive, possibly without any real security benefit.

Re:wait a second

[gweihir]

Indeed. Passive snooping on analog sensors is not that hard.

Re:wait a second

[sumdumass]

A lot of people just don't care. They either do not or perceive that they do not need this level of security. Most likely they do not.

So a bad guy can get into my phone. What can he do besides ravage my contacts? I don't trust apple enough to use the pay. The kids already watch the pin code so email is password prompted. So is in app and store purchases. I guess they could read my text messages but those are deleted often.

Re:wait a second

[davecotter]

okay, THAT makes much more sense.

Re:wait a second

[BronsCon]

You would potentially have thought correctly if not for the fact that Error 53 crops up weeks or months after the repair, when software updates are applied. If it were immediate, it might be a security feature; but, then, that the sensor and phone are paired and a replacement sensor shouldn't be able to work at all without Apple's blessing should be enough to prevent such an attack.

Re:wait a second

[BronsCon]

If that is, in fact, what the update is, then I applaud Apple for doing it. There really and truly is no reason to disable any more than the sensor in this case.

Re:wait a second

[myowntrueself]

i thought the point of this error 53 was to purposely render your data inaccessible in the case where the touchID had been tampered with?

If that was the case it would take effect after the hardware change not months later when you get a system update.

Re:wait a second

The security claim made no sense to anyone who understood how fingerprint scanners work. Apple spun some bullshit line and Apple fans bought it, inventing elaborate and ridiculous explanations to back it up.

Hint: Much easier and more effective than building a custom fingerprint sensor that records the fingerprint data, just passively snoop the touchscreen data lines which are analogue and unencrypted. Capture the user's PIN/password.

Their "bullshit line" was that about half of smartphone owners, at the time, did not use a PIN/password:

* https://www.youtube.com/watch?v=X5zt1V7H88I

Why? Because if you're checking your phone many times a day, then it's a hassle. So these people had no security. So the Apple introduced TouchID because in their thinking, a little bit of security is better than no security.

I think all of use techies can agree that most fingerprint readers can be bypassed. But you know what's even easier to bypass? No security at all. I personally have a 10+ character on my iPhone 6, but you're crazy if you think I would want to type that in regularly, so I use TouchID for convenience (fully knowing the trade offs).

Re:wait a second

While a good concept, bricking the phone is a vast over reaction.

Just disable the touch-ID. At least until you go to an official Apple store and/or some other process to validate the new hardware.

Re:wait a second

[Cramer]

So what exactly makes the sensor "untrustable"? It's not sequencing DNA; it takes a freakin' picture of your finger and "securely" communicates it to the SE. (i.e. a camera accessed via SSL from the SE) I'm pretty sure a fingerprint can be suitably replicated to fool the TouchID system. ('tho I do hope it's not a simple as licking a photocopy...)

Re:wait a second

[Anubis+IV]

Not untrustable, just untrusted. And it's my understanding that they uniquely pair each Secure Enclave with each TouchID sensor, that way the sensor can't be replaced with one that intentionally returns false positives. As you said, there are ways to circumvent a "trusted" sensor, but they require techniques that are a bit more complicated than wetted paper on a finger. ;)

Re:wait a second

[RatherBeAnonymous]

The sensor doesn't return a positive or a negative. It just returns an image to the CPU for it to compare to the stored images.

Re:wait a second

[RatherBeAnonymous]

"cuz a bad guy could replace a real touch sensor with a compromised one, then unlock the phone with a fake fingerprint."

No, he really couldn't. The touch id sensor is essentially a camera that takes a picture of your fingerprint. Apple has said that due to unique properties of each sensor if you change out a sensor you have to re-enroll your fingerprints. I don't know if that's because the sensor salts the image data, or if there is just minor variability between the sensors. But in any case, you can't just hack a sensor. If a bad guy is going to make a fake finger he will be better off leaving the original sensor in place.

Re:wait a second

[Anubis+IV]

Quite right, as you suggest, it's actually a matter of the sensor producing an image, which, in turn, results in the Secure Enclave producing a false positive. That is definitely an important distinction in this case, so I should have been clearer. Thanks for the fact check.

Re: wait a second

[rasmusbr]

In general, if you detect that an input device has been tampered with you can save the user by disabling it, especially if you cut the power to it completely. A fingerprint sensor might have an embedded radio that phones home and sends any fingerprints that it captures to the attacker and an embedded battery to power the radio, so it's not 100% airtight.

An output device is much more serious. Imagine if someone switched your screen for one that contains an embedded computer and an embedded radio. The screen could potentially even detect and reject any warning messages that the system attempts to display.

Re:wait a second

The REAL sensor securely communicates a picture to the SE. A compromised sensor could also send it somewhere else. Or could store it and replay the image later. You can trust the genuine part, but all bets are off for a replacement.

Re:wait a second

Yes, that's because it was a security check introduced in the update. Old version doesn't have a security feature, new version does. Phones that trigger the feature boot on the old version, but not the new version. Phones that have the sensor replaced after updating will fail to boot immediately.

Or should Apple never introduce new security features?

Re:wait a second

[Falconnan]

This never made a great deal of sense when you consider how not secure a fingerprint really is. Everyone is so worried about the security sensor being hacked (pain in the butt) when it is far easier to just copy a fingerprint and use the pre-existing sensor. This was never a valid security concern. Without dual-factor authentication this was never going to secure a phone.

Re:wait a second

[BronsCon]

You might have missed when this issue first hit the news, months ago, but it did. And, at that time, Error 53 only popped up during a software update. It certainly wasn't a security feature then, when it allowed a would-be attacker to replace the sensor and have it keep working (which also should not have been possible given how Apple claims the sensor works with the Secure Enclave) for weeks or months. And, most likely, that was a bug in the first place.

I was wondering why it was suddenly getting so much attention in the news when is barely got a mention last year; another poster went as far as buying a brand new iPhone to test with and found that it now does trigger the error immediately. Now, that is newsworthy and, most likely, also a bug as Apple has issued an update to fix it and only disable the sensor (e.g. what the story we're discussing here is about in the first place), which is all that is necessary if the sensor is potentially compromised.

Re:wait a second

There are far easier ways for others to get you fingerprint that replacing the fingerprint sensor on your iPhone, likewise there are also easier ways to present a fake fingerprint to your iPhone than replacing the fingerprint sensor. I'm all for security when it is worthwhile* and meaningful, but this is neither.

*This level of security on my phone isn't worthwhile, I don't place a high level of trust in my phone, although I appreciate others may consider it worthwhile. Although if I really needed my phone to be secure I wouldn't rely on the fingerprint scanner to secure it, they are too easy to fool.

Walled Garden

The entire point of Error 53 (and most of this security) is to protect the walled garden. The primary purpose of security and encryption on iPhones is to protect the walled garden. The only encryption and security that do not contribute is that required to be compatible with (though not comply with) GSM and LTE cells.

Bricking the phone still isn't a good solution

[Chuck+Chunder]

Even if you are defending against a potentially dodgy fingerprint scanner all you need to do is pop up a dialogue on boot saying there's a problem with the fingerprint scanner and that the phone won't accepting fingerprints from it.

Personally I can't imagine what sort of attack it's supposed to prevent, any adversary capable of replacing the fingerprint sensor in your phone is going to be an adversary capable of obtaining and replicating your finger print to the sensor.

If it's just the risk of cheap knock-off parts compromising security by doing something like sending the same "fingerprint" when touched without actually reading the surface then that is a good reason to stop trusting the fingerprint scanner, it's not a good reason to brick the phone.

Re:I don't support them on encryption

Tim cook will change tune after a few days in san quentin

My wife got a free new phone due to this bug

[leonbev]

The Touch ID sensor died on my wife's iPhone 6S, and it prevented the iOS 9.2.1 update from installing even after doing a factory reset.

The Apple Store couldn't fix the issue, so she got a brand new phone out of the deal. Good thing the phone was still under warranty!

Most likely to install

The FBI back door.
He that protest to much.

I din not install it

And it is already installed? That is the back door for sure.

Have it both ways

[Garybaldy]

I wonder how many complained about this and wanted this security feature removed. That are now supporting Apple's side against the FBI.

FBI. great! we can now put our modified fingerprint sensor in that allows us into any phone.

Re:Have it both ways

[sims+2]

Nope keys don't match touch sensor is disabled and you are back to using a password like the rest of us.

Re:Have it both ways

How exactly is disabling a phone weeks to months after the sensor has been "tampered with" a security feature?

Re:Have it both ways

[Garybaldy]

Maybe the first article i read else wear had it wrong. It mentioned replacing the sensor by third party vendors will be supported in the update. As well as the screen.

Put two and two together

[Dcnjoe60]

Put two and two together -- Apple puts out an iOS update just after a court order to put a backdoor into their phones. A court order that legal experts say is valid and Apple will be found in contempt if they fail to comply.

Re:Put two and two together

[gl4ss]

meh. it's not so.
it's not about that at all.

however the court order is valid. because that case is on 5C...

Security? Really? BS

It's not about security, it's so that you can't share a phone, therefore doubling Apple revenue and carrier revenue. It's not at all about protecting you. Apple,security is all about keeping you trapped by the walled garden.

Re:Security? Really? BS

Heh. What happens when you and your 'phone partner' visit different places and need to speak with each other?

Wrong!

[boarder8925]

The latest version of iOS is in fact 9.2.1—but it was released on 19 January 2016. (Screenshot for archival reference.)

Re:Wrong!

[boarder8925]

All right, I'm partially wrong. iOS 9.2.1 is from Jan 2016, but Apple pushed a new build of 9.2.1 on 18 Feb 2016 to fix the Error 53 issue. The /. headline says 9.2.1 came out today, which is why I was confused.

Also, to get the new build of 9.2.1, you apparently need to download it through iTunes, not over your iDevice's Wi-Fi connection.

Re:Wrong!

[Bing+Tsher+E]

So there's a new build of 9.2.1 without any sort of a version bump at all? That's a little weird. Why isn't there a version bump so people can easily verify what they're running?

Re:Wrong!

[dgatwood]

Apple does this quite frequently when they make a minor mistake in an update, silently releasing a new build with the same version number. What this signifies is that for 99.9999% of users, there's no functional difference between the two builds, so they didn't feel the need to turn a new build number and force everyone to update over something that affects probably a single-digit number of users.

By turning the build, they're ensuring that no new users encounter the problem going forwards, and providing a mechanism for the few affected users to get their devices up and running again (by manually reinstalling the current update). It wouldn't be an automated update anyway, because the devices won't let you use them, so for affected users, bumping the version number gains them nothing. And bumping the version number for everyone else would have resulted in everybody downloading a patch that they really don't need, and worse, would have caused anybody upgrading from 9.2 to (for example) 9.2.1a to get hit with a much larger combo update because they skipped the quirky 9.2.1 build.

When the next OS release happens, everybody will be back in sync, and until then, the differences are minor enough that they really don't matter for the most part.

With that said, if you want to know which version you are running, go to Settings > General > About, and look at the Version field. If it says 9.2.1 (13D15), you're running the older build. If it says 9.2.1 (13D20), you're running the newer build.

Re:Wrong!

[dgatwood]

Also, to get the new build of 9.2.1, you apparently need to download it through iTunes, not over your iDevice's Wi-Fi connection [macrumors.com].

Supposedly (though I can't imagine why this would be the case) updating OTA to the earlier 9.2.1 build didn't cause the error to appear. So there may be no need to rev the OTA update.

With that said, I seem to recall that over-the-air updates require additional carrier approval because they're big and they can be DLed over the cellular network (depending on the carrier and the size of the update). So for an emergency update revision like this one, the OTA update could lag behind the normal release. If that recollection is correct, then the OTA update might get revved to match the normal iTunes downloadable update in a few days.

Re:Wrong!

[dgatwood]

Actually, I think I understand why there's a difference. The OTA updates look like they run inside iOS, similar to the way minor OS X updates work, whereas the non-OTA updates seem to involve booting a from a separate installer root like major OS X upgrades work. So if that install DMG's OS contained a bug, it would affect the non-OTA updates during the upgrade process itself, but would have no impact on OTA updates.

That also means that you ought to have been able to get around the problem (albeit without being able to complete the upgrade process) by doing whatever the iOS equivalent of an NVRAM reset is. Does entering and leaving DFU mode have that effect, by any chance?

A Louisville Slugger

Time for Mr. Louisville Slugger to say "hello" to Mr. Tim Cook's skull.

An on the back of Mr. Cook's dead body with a pile of "Goo" where his head was, write, "Error 53".

Ha haaaa

It does happen immediately.

[Brannon]

If you are running iOS 9.2 and swap out the fingerprint sensor you will immediately get Error 53 and it will wedge your phone.

The intention here was security, Apple clearly didn't anticipate or test against phones that got unauthorized sensor replacements and thus the unintentional bricking. The new update just renders the replaced sensor inoperative but otherwise allows the phone to be used normally.

Re:It does happen immediately.

[KGIII]

How about just using a separate profile, with the original data still being encrypted, until a proper device is in place? I understand that iOS doesn't allow separate profiles but it shouldn't be that hard. The second profile would still allow use but there's no risk of their being a private data spill if it's done properly. The second profile could then be used until a proper repair is made, the data can be merged with the original profile, and the new sensor can have a fuse that burns and locks it to the new device.

Am I missing something?

Prevents 'fake fingerprint' attacks.

[Brannon]

The real sensor takes some effort to ensure you are pressing something like a finger to the sensor (a picture of a fingerprint won't work). A fake 'sensor' could just pass images from a database.

It's not undefeatable, but security has nothing to do with perfection, it has to do with making something harder and more expensive.

Made perfect sense to me.

[Brannon]

Having the fingerprint scanner in the secure enclave makes it harder to (a) remotely record somebody's fingerprint, and/or (b) apply a fingerprint image from a database to a hacked iPhone with the sensor swapped out.

Pointing out that there are "other possible ways" to hack an iPhone is a clear indication that you don't understand how computer security works. Here's a hint, it has absolutely nothing to do with perfection.

Re:Made perfect sense to me.

Having the fingerprint scanner in the secure enclave makes it harder to (a) remotely record somebody's fingerprint, and/or (b) apply a fingerprint image from a database to a hacked iPhone with the sensor swapped out.

No it doesn't.

That's because there are easier ways of doing both those things that doesn't involve doing anything to the fingerprint sensor.

Or maybe you don't know how to read.

[Brannon]

As of iOS 9.2.1 Apple disables a tainted fingerprint sensor and reverts to passcode security. We eagerly await your retraction.

Re:Or maybe you don't know how to read.

[Garybaldy]

Maybe i read a different article and maybe i don't work in IT and maybe you are a FUCKING ASSHOLE.

Re:Or maybe you don't know how to read.

[AmiMoJo]

So back to the standard level of asshattery, where third party cables/parts are disabled by OS updates. Because fuck you consumer, trying to buy a USB cable for less than $30!

Do you even care that you sound like an idiot?

[Brannon]

Are you just happy to be considered profound by other idiots? Because that is fucking stupid.

Re:Do you even care that you sound like an idiot?

[Dcnjoe60]

Are you just happy to be considered profound by other idiots? Because that is fucking stupid.

Why yes, yes, I am. :)

Re:Do you even care that you sound like an idiot?

What you said was wrong because you don't understand what you are talking about.

I suggest you read this fine article over at The Register to get a better technical understanding of what's going on with the FBI court order.

Any wedged device needs to recover via iTunes

[Brannon]

If it can't boot then it can't do a device-only update.

There's a really simple explanation.

[Brannon]

Apple never tried the security update on a phone that had received a third-party repaired fingerprint sensor. Why would they?

People complained, Apple realized that it wasn't all that rare for people to have their home buttons (including sensor) repaired by third party shops, and then realized that they needed to more gracefully handle this case.

I'm sure you are able to anticipate every possible technical consequence of every line of code you write, but you can't expect everyone to live up to your god-like perfection.

Re: There's a really simple explanation.

I think you're full of shit. This was a deliberate sabotage, and they got caught.

Re: There's a really simple explanation.

Called planned obselence.

That's a nice story and all, it's just not true.

[Brannon]

The problem was people who had their phone serviced at an unauthorized shop and then later updated to iOS 9.2.1. That version of iOS included a more thorough check of the fingerprint sensor.

hack

[Smiddi]

So can someone now steal an iPhone, change the fingerprint scanner/button and "hack" into the phone?

Re:hack

[dgatwood]

No more so than they could without changing the scanner. This change doesn't enable fake fingerprint scanners. It just lets you continue to use the device with a passcode as though the fingerprint scanner weren't there.

Apple = abhorrent cunts

[stimpleton]

Apple are abhorrent scum. They are filth. Lying, dirty bastards. They wouldn't know what ethics is. They got caught, and only now begrudgingly fix the issue.

access to phone

A lot of people just don't care. They either do not or perceive that they do not need this level of security. Most likely they do not.

So a bad guy can get into my phone. What can he do besides ravage my contacts? I don't trust apple enough to use the pay. The kids already watch the pin code so email is password prompted. So is in app and store purchases. I guess they could read my text messages but those are deleted often.

He could take pictures of children and then call the cops on you.

Interesting use of the word "rounding"

I would at least ask for an adverbial ending.

Certified third party cables exist for $5.

[Brannon]

Apple only locked out the un-certified counterfeit ones. If you recall there was a counterfeit cable that started a fire that killed someone in China, that's when they started cracking down.

They've released a fix.

[Brannon]

That makes the phone functional again, just disables the non-compliant fingerprint sensor and thus you are forced to use your passcode. That seems like a reasonable compromise.

Re:They've released a fix.

[KGIII]

That probably is for the best. I could think of a few cases where it might be handy to still have the functionality but with a different profile only. I'd think that would be optimal, if possible.

Works on bricked phones?

[MoarSauce123]

Will this work on phones that are already bricked?