Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
If they can detect it they can disable access to secure enclave, and touch id and still allow users to revert to password/pin.
 
There's a reason

So stick with your Android if you're going to be emotional and irrational with the vitriol. Apple doesn't disable devices with third party screen repairs. Modifying the phone's security is completely unacceptable. If they followed your indifferent ways, what would stop malicious companies and governments from just swapping out the touchid to allow access to the phone? Exactly. Get lost.


If government want to hack into your phone, your tosses anyway, there is nothing stop them to do so if they really wanted to.

How can you trust a company that disables your phone when you change TouchID by yourself? How could you guarantee that Apple would not go next step disable your iPhone when you do any third party repairs?

They could easily argue that change third party components will likely damage your phone. They have millions of reason to do so and they certainly has that incentive to do so.
 
  • Like
Reactions: Demo Kit
I think 'void the warranty' and 'turns your phone into a paperweight' are not necessarily the same thing! :)

True.. I'm just staying that if the manufacturer says "Don't do this," and you do it, you get what is coming to you.

And this is coming from someone who jailbreaks their iPhone and removes the DEF and cats from my brand new truck. You have to weigh the risks.
[doublepost=1454698505][/doublepost]
It's funny

People have expensive secured iPhones and they give their iPhones to non approved repairers.

Why is this front page news about idiots.

Exactly. It's like taking your new Mercedes to that shady auto shop for an oil change.
 
  • Like
Reactions: vista.john
Except that you can get a new keyfob if it doesn't work from Honda and drive your car, you are not forced to buy a whole new car!
Exactly. From Honda. Like what should have been done in the first place for such a component.
 
Speaking as a software engineer, this does not make sense from a security standpoint, and Apple's logic here is flawed. I could understand if Apple selectively disabled the Touch ID feature when this check fails, but to completely brick the entire phone? There's absolutely no need to take it to that level.

Are you a software engineer for Apple working on iOS? I'm not a software engineer at all, and I'm sure you know way more about software more than I do. All I'm suggesting is that you're not really in anymore of a position to analyze the security standpoint of this than the software engineers actually working on it.
 
Having just learned of this from the British press I think one major gripe from users is clear. Apple have provided no warning of this. To me that is unreasonable and a poor reflection on how they view customers. I own an iPhone 6 myself and am a fan of sorts of their products. I have always applauded their customer service, in fact I've credited them in the last few days for this. This is very disappointing to read.

I understand security fears with third party components but why is fingerprint data stored in the physical hardware (the button scanner) rather than the software that reads it? Perhaps I don't understand it enough which is highly likely. I know car manufacturers are not allowed to monopolise repairs, or 99% of independent garages would go out of business. How are Apple allowed to do the same with a product that requires repairs with age? My nearest Apple Store is 25 miles away and I am closer than many.
 
First, if you RTFA, Apple says there is no hardware or software fix for the error 53. So, no, an Apple repair center cannot restore the phone.

Second, it makes zero sense from a security standpoint to brick the phone. Wiping all user date from the phone makes sense. Permanently destroying the phone makes zero sense, and I look forward to the class-action lawsuits.

It makes sense if a company want to force the sale of products.

Never had an Apple product of mine bricked yet. If I do it will be the last Apple product I purchase.
 
  • Like
Reactions: JamesPDX
I guess Apple should have a big option: "Reduced Security." This option allows you to run your iPhone in a less secure manner, so that law enforcement or others can bypass your phone's security protection.
 
We protect fingerprint data using a secure enclave, which is uniquely paired to the touch ID sensor. When iPhone is serviced by an authorised Apple service provider or Apple retail store for changes that affect the touch ID sensor, the pairing is re-validated. This check ensures the device and the iOS features related to touch ID remain secure. Without this unique pairing, a malicious touch ID sensor could be substituted, thereby gaining access to the secure enclave. When iOS detects that the pairing fails, touch ID, including Apple Pay, is disabled so the device remains secure."

I don't know how many people actually read this. When TouchID pairing, TouchID is disabled. Henece, ToucbID related stuff will not work, ie Apple Pay, and people will not able to use TouchID at all. It is basically iPhone 5 with iPhone 6 or iPhone 6S spec.

I don't know why people make such bkg deal about hacking or anything, when TouchID does not work, it does not work. There is no reason for Apple brick the phone entirely with software update.[/QUOTE]
 
Why?

If my iPhone is out of warranty, then I should be able to have it repaired by who ever I want.

I can see why it might be a good thing to avoid circumventing the security on stolen phones, but from a user standpoint who wants a repair, apple repairs aren't exactly the cheapest, or in the UK and other countries where apple stores are only in big cities, its a pain in the rear not being able to take it to a local phone shop.

You don't have to go to an Apple Store, Apple has authorized repair dealers, you can go to any one of them.
 
The Apple Genius Bars in London recommend that people take their iPads to third parties for screen repairs, as Apple effectively has no process to do so other than swapping the device out, for a cost that is actually slightly more than buying a new iPad from Amazon.

So I can see a huge wave of (successful) small claims court cases against Apple for the likes of this. It's a shittily designed policy.
TBF it's not just London stores that do it. I went to the Apple Store here in Norwich to see if I could get the SSD upgraded in my macbook pro and the genius bar staff told me to look online for compatible drives.
 
Why?

If my iPhone is out of warranty, then I should be able to have it repaired by who ever I want.

I can see why it might be a good thing to avoid circumventing the security on stolen phones, but from a user standpoint who wants a repair, apple repairs aren't exactly the cheapest, or in the UK and other countries where apple stores are only in big cities, its a pain in the rear not being able to take it to a local phone shop.

Good idea, be mad at the phone manufacturer and not the person who was improperly trained to work on a phone.
 
You don't have to go to an Apple Store, Apple has authorized repair dealers, you can go to any one of them.


I used to live in a city in China where there is no Apple Store and no Apple authorized repair dealer. We brought our phone from local carrier or through Taobao or Tianmao.

If TouchID fails, I have to take bus and wasting entire day to nearest authorized retailer in other city. Tell me now, how am I not gonna upset when Apple do this.

Now I am living in Canada, I may not have problems with finding Apple Store in my city, but for people where there is no Apple Store or Apple authorized retailer, how are they going to repair their iPhone?

Don't assume Apple store and Apple authorized reseller are everywhere
 
Speaking as a software engineer, this does not make sense from a security standpoint, and Apple's logic here is flawed. I could understand if Apple selectively disabled the Touch ID feature when this check fails, but to completely brick the entire phone? There's absolutely no need to take it to that level.

Speaking as a software engineer, I believe the opposite. Our professions can only lend us so much insight.

IMO, attempting to allow access to the phone while disabling only Touch ID would create a not-so-fun a cat and mouse game where the loser is no one other than the consumer, who would actively be losing data to exploiters leaving Apple attempting to patch around an issue thats broader than it has to be.

Bricking the phone at a low level in this manner prevents the exploiter from guess-and-try tactics to use a modified Touch ID sensor on an individual phone to slide between the layers of hardware to software encryption mechanisms which are heavily intertwined in this process. I understand their reasoning to attempt to lock the data in cases which hardware has been modified in an unauthorized way since they have no clue if it was a repair or an attempt to actually steal data with physical access.
 
Honestly this practice by them makes no sense. The secure enclave doesn't transmit your fingerprint back to the scanner. That means it cannot be retrieved by changing the TouchID.

And since you require sending your print to the Secure Enclave through the Touch ID sensor the fingerprint is itself verified as a match inside the Enclave and not on the Touch ID scanner.

So this begs the question why link the two at all? Doesn't really make any sense. The Secure Enclave performs all the security functions the Touch ID is just a basic finger reader. It's akin to a CCTV camera on a building, all the magic happens in the box the CCTV camera is plugged into.
 
  • Like
Reactions: Dave.UK and dnsp
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.