Users Facing 'Error 53' Bricking Message After Third-Party iPhone 6 Home Button Repairs

[furi0usbee]

I am ALL for this as long as Apple doesn't go out of their way to keep parts from third party repair shops. The home button and fingerprint sensor should be held to the highest of security standards. I would only want a genuine part to be used. Having said that, it would be nice if Apple made it easier for third party shops to purchase the supplies they need.

 

[applezulu]

Let's sum this up.

1. iPhone user takes phone to shadetree workshop, gets TouchID button replaced with aftermarket parts, voids warranty and current user agreement, and now owns what amounts to an insecure, hacked device. Categorizing the workshop as shadetree "shades" you narrative negatively. The guys repaired phone worked. Hacked device? Again more shading. Afaik nothing nefarious was done. The introduction of the doom and gloom came primarily from comments. Not the actual story. Introduction of the voided warranty and UA throws a red herring into the narrative that, again, wasn't relevant to the story. It's like how a magician uses misdirection to perform a trick.

2. User then connects said hacked, voided hardware to Apple and requests free software upgrade (for improved utility and security updates!), clicks 'I Agree' on user agreement that the hacked, voided hardware (by definition) violates. Did he request a free software upgrade? How exactly do you go about requesting a software upgrade? Continued use of hacked and voided furthers the magician slight of hand.

3. New software detects hacked, voided hardware, and shuts it down. Still ignores the phone was fixed and working properly.

4. User is then upset that Apple did not accommodate the violation of user agreement by writing code that provides a workaround to enable hacked, voided hardware to still function in a security-breached mode. This is the most disingenuous part. The guy was upset his repaired phone was bricked only after an update. Afaik, he didn't make any warranty claims or even mention the warranty. Seems his complaint was about not having any warning that updating the phone would brick it. Why would there be an assumption that a repaired phones that works properly would be bricked by an update?

1. Nonsense. A "shadetree mechanic" is a common terminology used for someone who does repairs without the requisite training. I don't really care if you don't like the tone of my comment. It doesn't change the facts one way or the other. The guy went to an unauthorized/untrained repair shop. The voided warranty and UA are not red herrings. There are very much central to the story. They are agreements specifically broken when the user chooses to have the device repaired by an unauthorized/untrained repair person. By breaking those agreements, the user has de-obligated the manufacturer. This is common practice for most devices you might own. The difference in this case is that after voiding those things, the user went back to the manufacturer for further service (in the form of a software update), expecting the manufacturer to still be obligated by the same agreements the user has already broken. That brings us to the next point.

2. How do you go about requesting a software update? You respond in the affirmative by clicking the 'software update' button on the phone's screen (or in iTunes on a device tethered to the phone). The next thing you have to click in order to proceed is 'I Agree' button for the User Agreement, which once again warns about unauthorized hacking of hardware or software. The user broke the previous UA with the visit to the unauthorized repair shop. The user then repeats the same violation by clicking 'I Agree' to a fresh UA with the same prohibitions.

3. The user was tempting fate. He was lucky that the device worked at all after the repair by the unauthorized shop. That fact does not obligate the manufacturer to assure that the device will continue to function with further updates. The manufacturer apparently included in the code for the update a check to confirm the validity and security of the phone's hardware. In this case, the phone failed the check, because it did indeed have unauthorized tinkering in what is supposed to be the most secure part of the device.

4. There was perhaps some snark, but no disingenuousness in this point. You refer repeatedly to the warranty in this part, but I didn't refer to the warranty in this point at all. I only referred to the UA. You ask "Why would there be an assumption that a repaired phones that works properly would be bricked by an update?" I can only respond to that with a similar question. Why would there be an assumption that a phone that has been repaired in violation of the manufacturer's terms that the manufacturer would be obligated to continue to provide software updates and guaranteed continued functionality?

I obviously have a different perspective from you on the facts of the case, but I didn't create any new facts, as you claimed. Thanks for playing, though.

 

[Mascots]

This was the quote in full: "Error-53 kicked in when he responded to the request to update his phone. If he hadn't updated, he could still possibly have a working phone, with unauthorized parts. I understand the security rationale behind Apple's explanation. I agree with the rationale as well. It just didn't work until the guy updated. If that update is required before the security kicks in, that's not exactly security in the purest sense."

Simply put, you're wrong. You took a single line from my quote out of context, and built a narrative of Apple choosing to ignore unauthorized components. That's not what that meant, and my full quote reinforces that. Even out of context, that's not what that line meant.

"Wrong" lol

Then please enlighten me to what you mean because clearly I misunderstand at a fundamental level.

 

[emm386]

Anyone here remembers the AARD - code?

A typical strategy : broaden your user base, lock people in, make your fees or license terms unreasonable (which allows third party manufacturers to step in in the first place) and finally them lock them out...

Microsoft has been doing it for decades. Apple utilizing Microsoft's old methods, just to stay in the game though is new to me...

from a security standpoint it makes no sense for numerous reasons. one of them being, that fingerprint data is not stored on a chip of the fingerprint reader itself, but rather on the iPhone. if you, as a hardware manufacturer, abide by common sense guidelines of security (handshakes, hash checks, data exchange or verification over encrypted data channels) there is absolutely no reason to lock third party suppliers out... from a security standpoint at least.

 

[XanderCrews]

Having it repaired by anyone out of warranty and using non-standard parts is a bad thing. Having it repaired out of warranty should be a choice. It's the parts that are the problem, not the choice.

It's not about using "non standard" parts. It's about not using Apple's parts. Big difference.
Apple makes money off of repairs made at the Apple Store. They don't make money off repairs made in 3rd party shops. And well know that Apple is all about making money as much money as possible.
Apple can try to rationalize it any way they like. But in the end, they absolutely shouldn't be bricking phones if someone goes to a 3rd party repair shop...which could be 100% reputable and on the up and up. How there haven't been lawsuits over this yet, I have no idea...I'm sure you'll see a class action suit at some point...and rightfully so.
But there are so many other ways Apple can go about handling this. Which is why it is foolish to think that Apple is touting this as a feature that they planned from the start, when it's so much more likely a bug that they are trying to stupidly turn into a feature.

 

[andreyirra]

Conspiracy theory: The timing of this update and the talks about the government and Congress making preassure so there are backdoors...

 

[YourAgain]

If you are upset about this, just think how the NSA feels about it...

 

[Capt T]

That's just wrong.
Apple bricks the devices on purpose via software.

Apple did not force them to upgrade the software...so no, it is not Apples fault the owner used non authorized parts and their phone no longer works

Let's not forget this is a secure part they replaced, not a screen or battery or the likes

 

[AbSoluTc]

I agree in principle, however, the error message should provide better communication to the user, not just Error 53. You know something like "iOS has detected a security issue with Touch ID. Please visit an authorized Apple repair location. Error 53."

I agree. I understand what and why it's done. It's just not informative to the end user. I would not trust my device to a third party for repir. Ever! My iPhone is an extension of my brain, wallet and life.

 

[EricTheHalfBee]

1. Nonsense. A "shadetree mechanic" is a common terminology used for someone who does repairs without the requisite training. I don't really care if you don't like the tone of my comment. It doesn't change the facts one way or the other. The guy went to an unauthorized/untrained repair shop. The voided warranty and UA are not red herrings. There are very much central to the story. They are agreements specifically broken when the user chooses to have the device repaired by an unauthorized/untrained repair person. By breaking those agreements, the user has de-obligated the manufacturer. This is common practice for most devices you might own. The difference in this case is that after voiding those things, the user went back to the manufacturer for further service (in the form of a software update), expecting the manufacturer to still be obligated by the same agreements the user has already broken. That brings us to the next point.

2. How do you go about requesting a software update? You respond in the affirmative by clicking the 'software update' button on the phone's screen (or in iTunes on a device tethered to the phone). The next thing you have to click in order to proceed is 'I Agree' button for the User Agreement, which once again warns about unauthorized hacking of hardware or software. The user broke the previous UA with the visit to the unauthorized repair shop. The user then repeats the same violation by clicking 'I Agree' to a fresh UA with the same prohibitions.

3. The user was tempting fate. He was lucky that the device worked at all after the repair by the unauthorized shop. That fact does not obligate the manufacturer to assure that the device will continue to function with further updates. The manufacturer apparently included in the code for the update a check to confirm the validity and security of the phone's hardware. In this case, the phone failed the check, because it did indeed have unauthorized tinkering in what is supposed to be the most secure part of the device.

4. There was perhaps some snark, but no disingenuousness in this point. You refer repeatedly to the warranty in this part, but I didn't refer to the warranty in this point at all. I only referred to the UA. You ask "Why would there be an assumption that a repaired phones that works properly would be bricked by an update?" I can only respond to that with a similar question. Why would there be an assumption that a phone that has been repaired in violation of the manufacturer's terms that the manufacturer would be obligated to continue to provide software updates and guaranteed continued functionality?

I obviously have a different perspective from you on the facts of the case, but I didn't create any new facts, as you claimed. Thanks for playing, though.

Can't upvote this enough. Absolutely100% correct.

 

[kdarling]

Speaking with The Guardian, iFixit's Kyle Wiens said that the issue, while still unclear, appears to be Apple ensuring only genuine components are being used for repairs.

If that's true, then doesn't it run afoul of the Magnuson-Moss Warranty Act ?

An Apple spokeswoman commented on the issue, referring to protective security features intended to prevent "malicious" third-party components from potentially compromising a user's iPhone as the main reason for the "error 53" message.

Wait. Apple is claiming that someone can use a modified fingerprint sensor to access someone's phone?

That's a pretty big security hole, if true. But it makes no sense as a security item, unless it checked for a modified sensor each time... instead of waiting for an OS update to do so.

 

[XanderCrews]

Apple did not force them to upgrade the software...so no, it is not Apples fault the owner used non authorized parts and their phone no longer works

Let's not forget this is a secure part they replaced, not a screen or battery or the likes

Are you listening to yourself? That's ridiculous.
Apple offered them the software knowing full well of what it does to a phone with a 3rd party part, and they aren't warning anyone. This needs to be stated upfront before folks update their OS.
So yes, it most certainly is Apple's fault.
People have commented in here, "that's why I buy Apple...always looking out for me." Blah, blah, blah...that's complete BS. They don't care about you or anyone else. If they did, they wouldn't be smashing your phone from 2000 miles away just because you had it fixed in your local phone repair shop. There are literally, oh, I dunno...a hundred better ways to handle that!

Users have the right to use 3rd party parts on their phones at their own risk. I repeat...at their own risk. They may void the warranty if it's under warranty and they may face a security risk (probably never happened though), but they do so at their own risk.

It's not up to Apple. They shouldn't have a say. But that isn't the Apple way, we all know that.

 

[doelcm82]

from a security standpoint it makes no sense for numerous reasons. one of them being, that fingerprint data is not stored on a chip of the fingerprint reader itself, but rather on the iPhone. if you, as a hardware manufacturer, abide by common sense guidelines of security (handshakes, hash checks, data exchange or verification over encrypted data channels) there is absolutely no reason to lock third party suppliers out... from a security standpoint at least.

Of course it makes sense. The fingerprint reader is what sends the fingerprint data to the chip. If the fingerprint reader is replaced with one that has the ability to record a fingerprint and then send it on demand without the actual finger being present, then the fingerprint reader security is compromised. It makes perfect sense for the handshaking between the fingerprint reader and the chip to check whether the fingerprint reader is authorized to send the fingerprint data.

But there are so many other ways Apple can go about handling this. Which is why it is foolish to think that Apple is touting this as a feature that they planned from the start, when it's so much more likely a bug that they are trying to stupidly turn into a feature.

If the earlier version of iOS allowed a compromised iPhone to operate, despite the fact that it had a security hole, and the updated version closes the hole (bricking the phone if the fingerprint authentication can no longer be trusted), then you're right. It is a bug, which Apple fixed in the new version of iOS. Something they overlooked in earlier versions, putting your data security at risk, but now they have it fixed.

 

[applezulu]

Here's some food for thought for those who are upset at Apple for this issue, and ready to take their business elsewhere.

The other day, I helped someone set up a Kindle Fire Android device. After putting just a few things on it, I went to set up their email account, using the native email client. After fumbling around with it for a few minutes, I got it to connect to the person's email account. Thinking everything was going swimmingly, I then went to open up the email client and make sure everything was showing up. I was immediately faced with a screen indicating that their email host had a list of demands to create security settings if access to email was to be granted. The bottom line for these demands was that if the user failed a relatively small number of times to input the correct lock-screen PIN, the entire device would be wiped. I would guess that the people who don't read Apple's UAs probably don't get too detailed with the permissions lists that pop up on Android either. So, you know. Surprise!

Mind you, this was for a university email account, not for access to top secret, national security content. We decided the kindle really didn't need to have email.

So if you think it's harsh that Apple would drop the hammer after unauthorized tampering with fingerprint security hardware, well, you've got another thing coming. Android's OS lets not just app developers but email hosts drill so deep into the OS that they have the liberty to set the rules and lay waste to your entire device if you don't meet their terms. I don't think they can brick the device, but they (and apparently just about anyone else who produces apps or email or content or whatever) can render it just as useless. Now that's harsh.

 

[SlipperySlop]

Why?

If my iPhone is out of warranty, then I should be able to have it repaired by who ever I want.

OK, let's just look at this. Anyone, including you, could set up shop as an apple repair center with no knowledge of what you are doing. Apple doesn't authorize you to make repairs because you aren't trained and don't know what you are doing. But you feel you should be able to take your phone to your repair shop and if things don't work out, you want to hold apple responsible. The new society we live in--where just because you were born means you are entitled to anything and everything. Personal responsibility doesn't mean anything anymore. And you have a right to do anything you want to do just because. Wow.

 

[Newjackboy]

And you forget that security is compromised by a third-party finger print sensor no matter how far away the next Apple Store is.

So disable Touch ID. No problem with out. But to brick the phone?

 

[Capt T]

Are you listening to yourself? That's ridiculous.
Apple offered them the software knowing full well of what it does to a phone with a 3rd party part, and they aren't warning anyone. This needs to be stated upfront before folks update their OS.
So yes, it most certainly is Apple's fault.
People have commented in here, "that's why I buy Apple...always looking out for me." Blah, blah, blah...that's complete BS. They don't care about you or anyone else. If they did, they wouldn't be smashing your phone from 2000 miles away just because you had it fixed in your local phone repair shop. There are literally, oh, I dunno...a hundred better ways to handle that!

Users have the right to use 3rd party parts on their phones at their own risk. I repeat...at their own risk. They may void the warranty if it's under warranty and they may face a security risk (probably never happened though), but they do so at their own risk.

It's not up to Apple. They shouldn't have a say. But that isn't the Apple way, we all know that.

I read what I write...
How is Apple to know they had an unauthorized part in their phone? Until the software check. It is not like the person told them. You agreed to the terms...as did the person who broke them...not apples fault if their phone is not in compliance with the security updates. The user should have looked into it prior to updating the software...

By the way, Apple is not the only company with this policy.

 

[yaxomoxay]

Users have the right to use 3rd party parts on their phones at their own risk. I repeat...at their own risk. They may void the warranty if it's under warranty and they may face a security risk (probably never happened though), but they do so at their own risk.

Exactly as it is Apple's right to make a new software work with authorized parts, and only authorized parts.

 

[0004838]

I am sure if I replace figureprint sensor on Nexus 6P, I will not brick that phone.

Android is not a platform that has historically placed the security of customer data first and foremost (I'm not sure it places it highly at all), so I believe that you would be correct. It's taken Google to Marshmallow to make FDE mandatory for compatible devices, or to give users the ability to override app permissions.

 

[kemal]

The fingerprint sensor is part of the secure enclave. If you replace the sensor you should also replace the SoC. Can any third parties do that? Nope.

 

[mrjayviper]

I am sure if I replace figureprint sensor on Nexus 6P, I will not brick that phone.

Admit it, Apple just want your money

and poor insight from Google/Huawei. They just seriously compromised your security since anyone can use whatever fingerprint scanner and get in to your phone

 

[Black Belt]

I am sure if I replace figureprint sensor on Nexus 6P, I will not brick that phone.

And we all know how secure Android is. BWHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

 

[SusanK]

For him to be dead now, he must have been alive at some point in the past. When he was alive, he held the same attitude towards third party repairs as Cook does now. Why criticize Cook for something and not Jobs? I don't understand why we can't admit that Cook isn't the worst human being on the planet and that maybe Jobs wasn't God.

I made the reference to Cook. Nothing about Steve. You brought a dead man into a conversation about an issue that postdates his death.

 

[LovingTeddy]

and poor insight from Google/Huawei. They just seriously compromised your security since anyone can use whatever fingerprint scanner and get in to your phone

It is just excuse for Apple to make sure they can monopolize iPhone repairs. It is absoultely not necessary to brick the whole phone.

And you think it is OK for a company rendering someone's phone useless without give users any warning?

And we all know how secure Android is. BWHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

Hahah... Pictures of Hollywood stars looking really good. Oh, malware from app stores are well forgotten by Apple fans.

On other hand, our Android users gets monthly security updates.

 

[applezulu]

Hahah... Pictures of Hollywood stars looking really good. Oh, malware from app stores are well forgotten by Apple fans.

On other hand, our Android users gets monthly security updates.

You understand that it was an iOS software and security update that triggered all this angst, right?