Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Old 02-05-2016, 03:05 PM   #21
Full time employment: Posting here.
 
Join Date: Jan 2011
Location: Just North of Boston
Posts: 522
Quote:
Originally Posted by kiki View Post
I'd hate to hear the outcry against Apple if thieves were able to circumvent TouchID somehow and access people's data on stolen iPhones. I feel better knowing that Apple's restrictive policies are helping make my data a little bit safer.
+1

Imagine if someone could take apart the phone, add a non-compliant print sensor that allowed the phone to be unlocked. which is worse? A bricked phone, or a stolen phone that someone can unlock?

Apple also does not allow a locked phone to be re-formated and then used. If you do not know the apple id that the phone was registered to it is bricked. You die and your SO does not have your apple ID or phone password, there is no way for them to access the phone. Find a locked phone on the street, it is only good as a doorstop. Has reduced the amount of stolen phone.
__________________

__________________
ChiliPepr is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 02-05-2016, 03:06 PM   #22
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 16,531
So I'll be sure not to let a third party mess with my iPhone or iPad. I like the fingerprint home button and rely on the security it provides.
__________________

__________________
Well, I thought I was retired. But it seems that now I'm working as a travel agent instead!
audreyh1 is online now   Reply With Quote
Old 02-05-2016, 03:06 PM   #23
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,294
Quote:
Originally Posted by kiki View Post
...

I read the article and I'm left with the impression that you only get this error if the home button component has been tampered with. I think that's a good thing. I'd hate to hear the outcry against Apple if thieves were able to circumvent TouchID somehow and access people's data on stolen iPhones. I feel better knowing that Apple's restrictive policies are helping make my data a little bit safer.
Quote:
Originally Posted by ChiliPepr View Post
+1

Imagine if someone could take apart the phone, add a non-compliant print sensor that allowed the phone to be unlocked. which is worse? A bricked phone, or a stolen phone that someone can unlock?


Sure, but I don't understand why the phone should be 'bricked' after this? That seems like a poor option.
(and for those unfamiliar with the term, a 'bricked' device is one where the unit is locked out to the extent that it is not practical to unlock it - maybe not impossible, but it would require replacing key components, and likely re-programming some keys that only the OEM would have access to. At this point, the device is as useful as a brick, in terms of performing any electronic functions. It's dead, Jim)
I don't own any fingerprint recognition devices, I assume this is for convenience only, and that there is an alternate way in - like through a password entry (otherwise, if your hand were in a cast, your phone would be locked forever?)? So why wouldn't the phone simply fail to accept any fingerprint input from an un-authorized device, and force you to use the password? Doesn't that provide adequate protection, w/o destroying the user's phone? And as other's said, it should have given this warning earlier - getting it bricked as part of a SW upgrade is very bad form. I'd be PO'd (regardless of the manufacturer).

Edit/add: Imagine if your car alarm permanently destroyed the engine and transmission when it sensed an attempt at stealing it. Heck, you sure would not want someone to get away with your car! I think we agree, there are better options than destroying the thing.

-ERD50
__________________
ERD50 is online now   Reply With Quote
Old 02-05-2016, 03:21 PM   #24
Recycles dryer sheets
 
Join Date: Dec 2013
Posts: 125
Quote:
Originally Posted by ERD50 View Post
Edit/add: Imagine if your car alarm permanently destroyed the engine and transmission when it sensed an attempt at stealing it. Heck, you sure would not want someone to get away with your car! I think we agree, there are better options than destroying the thing.
-ERD50
My car does not have access to my credit card and bank accounts. I refuse to let anyone access all of the data on my smartphone unless they are an authorized Apple representative...and even when using that option I will be nervous over giving access to all of my data
__________________
btdt22 is offline   Reply With Quote
Old 02-05-2016, 03:48 PM   #25
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Chuckanut's Avatar
 
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 6,337
Quote:
Originally Posted by ls99 View Post

BTW fingerprint recognition can be and has been hacked, albeit not yet Iphone 6 that I know of. I have no doubt it will be done. It is not an easy task, but doable.
Of course it has. It's a game with a moving target, and no ending. Security will be increased, the criminals will find away around it, there will be another increase......... and on and on and on.........

Security is never perfect but it beats leaving the front door unlocked, open, with the alarm system turned off.
__________________
The worst decisions are usually made in times of anger and impatience.
Chuckanut is offline   Reply With Quote
Old 02-05-2016, 03:52 PM   #26
Full time employment: Posting here.
 
Join Date: Aug 2007
Posts: 894
Quote:
Originally Posted by ls99 View Post
I prefer dumb cellphone, and my new to me 4 years ago ipod touch 4th gen (it was very cheap and sold to me by next door neighbor who was fed up with apple) until it dies, then I'm done with apple. The device only contains music and videos for my figure skating endeavors. It was maximally annoying enough to deal with apple's sync feature. Fortunately VLC is a wonderful app.

Excellent. It sounds like you know what you like.

Quote:
Originally Posted by Music Lover View Post
With a couple minor exceptions, all those things can be done with any inexpensive 2 or 3 prior generations Android phone.

True. I never implied that you can't do most of these things with other, cheaper smartphones. I like the Apple experience. I come from years of Windows and have gradually converted. Apple really has a knack for small details, to the point where I find the extra cost is worth it for me.

I'll give an example. I've been trying to simplify my TV setup at home for over a decade. We have multiple TVs and haven't had cable in over a decade. I went from using a Windows Media Center computer with media center extenders to each TV for OTA, to using Amazon FireTV/Rokus. I finally ditched the media center PC with a Tablo setup, which works reasonably well for OTA content. I was never impressed with Amazon's FireTV, but the Roku we have works reasonably well and it has all the apps I need (Netflix, Amazon Prime, PBS, Tablo).

So now Apple has released an AppleTV with apps. I'm thinking this could be a great product, but it doesn't have the apps I need. But I'm curious and decided to pick one up to play around with it. After I hooked it up, I was impressed. What impressed me the most? The remote control. Go figure. Right now with our Roku, I have to use three remote controls, one for the TV, one for sound and one for the Roku. With the AppleTV all I need is the AppleTV remote. It's very slick. It controls the power to the TV and changes it to the correct input. It controls the volume on our Sonos. And of course, it controls the AppleTV.

Sure, there are cheaper options out there that work (for the most part), but Apple knows how to put together a good product so I'll pay a bit extra.

Quote:
Originally Posted by ERD50 View Post
Sure, but I don't understand why the phone should be 'bricked' after this? That seems like a poor option.

I don't own any fingerprint recognition devices, I assume this is for convenience only, and that there is an alternate way in - like through a password entry (otherwise, if your hand were in a cast, your phone would be locked forever?)? So why wouldn't the phone simply fail to accept any fingerprint input from an un-authorized device, and force you to use the password? Doesn't that provide adequate protection, w/o destroying the user's phone? And as other's said, it should have given this warning earlier - getting it bricked as part of a SW upgrade is very bad form. I'd be PO'd (regardless of the manufacturer).

When you buy an Apple product, that's part of the deal. If you don't like it, don't buy their products. I surely wouldn't buy an Apple product thinking I'm going to make 3rd party modifications to it. That would be like beating your head against the wall. I also wouldn't be surprised if they tell you this somewhere in their TOS. So in a way, they did tell you beforehand.

And yes, as a fellow engineer, I recognize there are always different designs you can use. Apple chose this one because they like their closed ecosystem. It keeps their costs down and a majority of their users are happy. If it didn't, then they'd choose something else. Sounds like a good choice on their part.
__________________
Eat, Drink and Be Merry.
tulak is offline   Reply With Quote
Old 02-05-2016, 04:55 PM   #27
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
calmloki's Avatar
 
Join Date: Jan 2007
Location: Independence
Posts: 5,460
Had a Nokia phone that was tough and light and great - but that was about it. After over 8 years of abuse it slowly gave up the ghost and I bought a pretty darn smart Windows Lumia phone brand new, no contract, for $50. Meanwhile, the gal had had a succession of iPhones, which she made do all manner of nifty tricks and kept for 3-4 years. Didn't have a problem with that - she used the heck out of those iPhones - they were serious tools. Recently her 4s was being taxed by the tasks she put it to and she was pretty much keeping it on a charger all the time because the battery was gerflunkled. Got her an unlocked refurb 5S with 64GB from Groupon for about $320. It is working hard for her, though she chooses not to use the fingerprint scanner. I found a used 16GB 5 for $150, and am about to buy an unlocked 16GB 5S from a neighbor for $100.

Apple has a pretty darn smooth environment, unlike the Windows phone there are LOTS of mainstream apps, and if you don't mind not being on the bleeding edge or having something someone else has used you don't have to pay much. (frankly, I prefer the pocketable size and weight of the 5 vs the 6)
__________________
calmloki is offline   Reply With Quote
Old 02-05-2016, 05:05 PM   #28
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,294
Quote:
Originally Posted by kiki View Post
...
When you buy an Apple product, that's part of the deal. If you don't like it, don't buy their products. I surely wouldn't buy an Apple product thinking I'm going to make 3rd party modifications to it. That would be like beating your head against the wall. I also wouldn't be surprised if they tell you this somewhere in their TOS. So in a way, they did tell you beforehand. ...
I'm not making this an Apple versus any other brand issue. They all have pros and cons, people should buy whatever they want.


Quote:
And yes, as a fellow engineer, I recognize there are always different designs you can use. Apple chose this one because they like their closed ecosystem. It keeps their costs down and a majority of their users are happy. If it didn't, then they'd choose something else. Sounds like a good choice on their part.
There are always different design approaches, sure - what I'm saying is that this appears to be a very poor one (regardless of the manufacturer - I don't care!).

I read the article now, and I see some people were far away from an authorized repair place, needed their phone so got it fixed by a 3rd party. As I said earlier - if Apple needs to validate a security key in the device or something, that makes sense. But then simply lock out the fingerprint recognition function if it fails validation, the user then just uses the passcode method to log in. <<< That's the big issue, as I see it.

And the worst part of this is there was no warning. People got this repair done, probably have no idea about security keys and such - it could be that just the button broke, not the fingerprint function, but it's all built in I assume. So replace a button, big deal. It works fine for maybe a year, no warnings, and then, to have that phone bricked when you update the SW? That's nasty.

The article states that even some people who had the button break, and reportedly never had it fixed, just decided to live w/o the fingerprint function, and their phones got bricked as well.

If I don't like it, don't buy their products? If I avoid every manufacturer that does something I don't like, I'll soon be locked out of everything. But I'm not going to write off every bad decision as "Hey, that's how they do it". People should complain, and complain loudly when things go wrong, and maybe the company will make it right.

Personally, I think these people deserve a credit for a replacement phone if it it truly bricked.

-ERD50
__________________
ERD50 is online now   Reply With Quote
Old 02-05-2016, 07:09 PM   #29
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,899
At least Apple acknowledges the error:

Apple acknowledges 'Error 53' glitch, says it's part of Touch ID security [u]

Quote:
With an unofficial repair, the representative warned, that pairing can go unvalidated and lead to Error 53 once iOS is updated, or even restored. People running into the glitch should contact Apple support, the spokeswoman suggested.

The problem renders an iPhone unusable however, and affected owners will likely have no choice but to buy a new phone, since an unofficial repair violates Apple's warranty terms.
Can somethings be too secure for their own good?
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is online now   Reply With Quote
Old 02-06-2016, 06:12 AM   #30
Thinks s/he gets paid by the post
ls99's Avatar
 
Join Date: May 2008
Posts: 4,792
Quote:
Originally Posted by easysurfer View Post
At least Apple acknowledges the error:

Apple acknowledges 'Error 53' glitch, says it's part of Touch ID security [u]



Can somethings be too secure for their own good?
Sure, I recall an advertisement for a write only memory chip. From the days of 64K nenory devices.

I guess the Iphone6 with ios9 is a close runner up.

Edit add:

Here is a fun scenario to contemplate.

You have iphone6 with ios9 installed. The phone is dropped but only the home button area is damaged such that fingerprint reader is inoperative. Yet it manages power up, presumably at boot time ios9 checks for all internal signatures and finds fingerprint reader unreadable or undetectable or corrupt.

ios9 to ensure security of your valuable data now bricks you phone.

How dou feel?

Ok I am now off to hang out at my mancave and ignore the world and technology.
__________________
There must be moderation in everything, including moderation.
ls99 is offline   Reply With Quote
Old 02-06-2016, 08:58 AM   #31
Thinks s/he gets paid by the post
photoguy's Avatar
 
Join Date: Jun 2010
Posts: 2,301
Quote:
Originally Posted by mpeirce View Post
From the moment it's turned on it's checking it's integrity at each step of the way. If it finds something fishy - LIKE SOME NONE SECURE HARDWARE - it refuses to operate.
On my old blackberry if you entered the password wrong five times it would auto wipe. It could also be wiped remotely.

I think this is more a failure of communication/update process then necessarily a bad design. If I lose my phone and some one starts tinkering with it to get in, I definitely want it bricked as soon as a possible attempt is detected.

The other lesson here is NEVER EVER run an update on your electronics when you are traveling.





Sent from my iPad using Early Retirement Forum
__________________
photoguy is offline   Reply With Quote
Error53, Iphone6 is Bricked
Old 02-06-2016, 09:47 AM   #32
Thinks s/he gets paid by the post
 
Join Date: May 2014
Posts: 3,008
Error53, Iphone6 is Bricked

I get the security concern, but why couldn't Apple remove the memory (equivalent of the hard drive) and restore the rest? The "brick" can't be donated or sold for refurbishment. I suspect most will be trashed instead of properly recycled to recover the rare earth elements. Mining those elements is rough on the environment. What a waste. It just seems punitive to me.

I could be wrong about the ability to replace a memory unit but I'm sure not going to open mine up to see and void the warranty!
__________________
athena53 is online now   Reply With Quote
Old 02-06-2016, 10:20 AM   #33
Full time employment: Posting here.
 
Join Date: Aug 2007
Posts: 894
Quote:
Originally Posted by ERD50 View Post
There are always different design approaches, sure - what I'm saying is that this appears to be a very poor one (regardless of the manufacturer - I don't care!).

I read the article now, and I see some people were far away from an authorized repair place, needed their phone so got it fixed by a 3rd party. As I said earlier - if Apple needs to validate a security key in the device or something, that makes sense. But then simply lock out the fingerprint recognition function if it fails validation, the user then just uses the passcode method to log in. <<< That's the big issue, as I see it.

And the worst part of this is there was no warning. People got this repair done, probably have no idea about security keys and such - it could be that just the button broke, not the fingerprint function, but it's all built in I assume. So replace a button, big deal. It works fine for maybe a year, no warnings, and then, to have that phone bricked when you update the SW? That's nasty.

The article states that even some people who had the button break, and reportedly never had it fixed, just decided to live w/o the fingerprint function, and their phones got bricked as well.

If I don't like it, don't buy their products? If I avoid every manufacturer that does something I don't like, I'll soon be locked out of everything. But I'm not going to write off every bad decision as "Hey, that's how they do it". People should complain, and complain loudly when things go wrong, and maybe the company will make it right.

Personally, I think these people deserve a credit for a replacement phone if it it truly bricked.

-ERD50
It might be a poor design, but it's probably a good business decision. Sure, they could solve this problem and do more. But is it worth it to them? How many customers are really affected? I'm guessing it's significantly less than 1%.

Looking at wikipedia, they've shipped over 100 million iPhone 6's as of 3/1/15. So at the low end, let's say there are 100 million of these devices out there. According to the article, they say there are around 150k hits for this error on the internet. Let's say it's 500k devices. That means this affects 0.5% of their customers. That's a small number. No product is a 100% and Apple would be silly to create a better solution for less than 1% of their customer, especially when they have something already in place.

Out of warranty repairs for an iPhone 6/6s is $299. That's over half off. So if you break your device, yeah, life sucks, but Apple is willing to replace it with a new device for a reasonable price. Problem solved.

Quote:
Originally Posted by athena53 View Post
I get the security concern, but why couldn't Apple remove the memory (equivalent of the hard drive) and restore the rest? The "brick" can't be donated or sold for refurbishment. I suspect most will be trashed instead of properly recycled to recover the rare earth elements. Mining those elements is rough on the environment. What a waste. It just seems punitive to me.

I could be wrong about the ability to replace a memory unit but I'm sure not going to open mine up to see and void the warranty!
That's hard to do. The memory is soldered onto the board. Look at the image on ifixit at step 19: https://www.ifixit.com/Teardown/iPho...Teardown/48170

The one in the big red box is the memory. That's not coming out. But we all backup our devices, right? So restoring should be a piece of cake once you get your replacement iPhone.

If you replace your device with Apple using their out of warranty service, I would be shocked if they don't recycle what they can out of your old phone. Some of these probably show up as refurbished devices for sale on their website.
__________________
tulak is offline   Reply With Quote
Old 02-06-2016, 10:23 AM   #34
Thinks s/he gets paid by the post
mpeirce's Avatar
 
Join Date: Feb 2012
Location: Columbus area
Posts: 1,597
Quote:
Originally Posted by athena53 View Post
I get the security concern, but why couldn't Apple remove the memory (equivalent of the hard drive) and restore the rest? The "brick" can't be donated or sold for refurbishment. I suspect most will be trashed instead of properly recycled to recover the rare earth elements. Mining those elements is rough on the environment. What a waste. It just seems punitive to me.
Apple introduced the "kill switch" ("bricking the phone") because there was a growing problem with iPhone theft.

Thieves are willing to tinker with stolen iPhones and if they could simply replace the flash memory to get it working again they would.
__________________
mpeirce is online now   Reply With Quote
Old 02-06-2016, 10:27 AM   #35
Thinks s/he gets paid by the post
 
Join Date: May 2008
Posts: 3,424
In New Zealand now. Finding a lot of terminals which support contactless so I've been able to use Apple Pay. A couple of cashiers were surprised I could pay with iPhone.

When I use credit card, I have to select credit and then sign for it. Then I get a long receipt showing last four digits of the card as well as my name. So I keep those receipts to dispose of later. But with Apple Pay, the receipts don't have my name or any part of my actual credit card number so I discard those right away.

The transactions are faster than standard chip card transactions. Plus I can check the transactions using apps for Citi, Chase, BofA, Schwab using Touch ID to log into those apps.

As for the third party repair ability issue, that is the trade off for the sleek and thin Apple devices. You can't even swap batteries any more. Only once took an Apple product for repair and went to the Apple Store. Would have had to have searched for a third party repair place and it probably wouldn't have been cheaper.

My father earlier this year had an old iPhone where the battery was expanding. He was out of warranty so I did find some nearby repair places and made an appointment. But he took it to the Apple Store and they gave him a new device because the state of the old iPhone was considered a hazard.

They tend to have high customer satisfaction ratings because of anecdotes like these.

As for costs, yes when you first buy a device you pay a premium but at is the case with all new phones. Those other brands tend to get discounted faster, like no money down sooner.

Other things like phone service costs are the same. I could save money by using a prepay service like Straight Talk but I went with T mobile postpaid for the international roaming. Free data in most countries, free texts and 29 cents a minute to call back to the US or to call foreign numbers. Or free if using Wifi calling.
__________________
explanade is online now   Reply With Quote
Old 02-06-2016, 10:45 AM   #36
Thinks s/he gets paid by the post
mpeirce's Avatar
 
Join Date: Feb 2012
Location: Columbus area
Posts: 1,597
Quote:
Originally Posted by athena53 View Post
...I suspect most will be trashed instead of properly recycled to recover the rare earth elements. Mining those elements is rough on the environment. What a waste.
Apple does have an easy to use recycle program. Of course you can't force people to use it.

They also offer an upgrade program which they recently extended to phones with broken buttons and screens, not just iPhones in "good condition".

They do make an effort.
__________________
mpeirce is online now   Reply With Quote
Old 02-06-2016, 12:22 PM   #37
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,294
Quote:
Originally Posted by kiki View Post
It might be a poor design, but it's probably a good business decision. Sure, they could solve this problem and do more. But is it worth it to them? How many customers are really affected? I'm guessing it's significantly less than 1%.

Looking at wikipedia, they've shipped over 100 million iPhone 6's as of 3/1/15. So at the low end, let's say there are 100 million of these devices out there. According to the article, they say there are around 150k hits for this error on the internet. Let's say it's 500k devices. That means this affects 0.5% of their customers. That's a small number. ....
I think you are missing my point. I'm looking at this issue in isolation. I'm saying it appears to be a very bad design decision, period.

I'm saying (again), a better solution would be to disable fingerprint recognition if it detects an unauthorized module, and force the user to use the alternative passcode access. I see no reason to brick the device over this, and inconvenience the user and cost them $$$. And some claim the original Apple module just failed, they never had it replaced, they just didn't use that function, and then this SW upgrade bricked their device. I could see how a failed Apple module could fail in such a way that it could not perform the security authentication hand-shake - so stop communicating with it, don't brick the phone. I would be mad about that - you wouldn't?


It not a matter of what % of the customers are affected. A bad design is a bad design, even if no one ever experiences it. I'm not trying to say this will make hordes of people stay away from Apple, or Apple sucks or anything of the sort. I'm just saying this was bad design, and Apple should credit these people somehow. Now, if the people got a warning about this, I might feel differently (Think Different?), but to just brick a phone on a SW upgrade is a bad, bad thing.

To the earlier poster regarding just soldering new memory chip or something - that is very likely not possible. I've sat in on some design reviews regarding some similar security locks on devices, and it will make your head spin. Several levels of devices talking to each other, validating their keys, and the keys are one time programmable, and everything needs to match or no-go. The other components will sense a mismatch with a new part that was not programmed at the same time the original programming took place. If it were that simple to circumvent, it wouldn't be secure.

In some cases, requiring de-soldering is 'secure enough' - mass breaches are not really feasible for that much effort. But since the phone can be used to pay for things, they are likely at a higher security level than just replacing a part and performing a "Master Reset".

-ERD50
__________________
ERD50 is online now   Reply With Quote
Old 02-06-2016, 01:27 PM   #38
Full time employment: Posting here.
 
Join Date: Aug 2007
Posts: 894
Quote:
Originally Posted by ERD50 View Post
I think you are missing my point. I'm looking at this issue in isolation. I'm saying it appears to be a very bad design decision, period.

I'm saying (again), a better solution would be to disable fingerprint recognition if it detects an unauthorized module, and force the user to use the alternative passcode access. I see no reason to brick the device over this, and inconvenience the user and cost them $$$. And some claim the original Apple module just failed, they never had it replaced, they just didn't use that function, and then this SW upgrade bricked their device. I could see how a failed Apple module could fail in such a way that it could not perform the security authentication hand-shake - so stop communicating with it, don't brick the phone. I would be mad about that - you wouldn't?
I don't agree that your solution is a better design. I wouldn't want my device to work in any way whatsoever if was tampered with. That is a security issue. How do you know that the new unauthorized TouchID that was installed isn't able to get more information than just your fingerprint? Next thing you know we'll allow the NSA to repair our iPhones. Yeah, no problem with that.

Personally, I hope that they have enough logic in the device to prevent any unauthorized tampering. What if somebody grabbed your phone, modified it, and gave it back to you with you completely unaware. Wouldn't you want it to be brick at that point? I sure would.

In thinking about the actual issue, I wouldn't be surprised if this was flagged as a bug in versions of iOS prior to iOS9, probably after they were released. Then they probably realized, hey, somebody can change out this part and iOS will keep working and that's a security bug. So they fixed it in iOS9 to pop up an error and resolved the bug fixed. In retrospect, I doubt they would have wanted this to work in iOS versions prior to iOS9, but they had no easy way to patch those version. Plus, most development teams (especially in the consumer space) don't care as much about older versions of their software.

Unfortunately, some people got burned by this. As a bug fix though, it is lacking. Instead of popping up an error53, they really should say, "We've detected that your device has been tampered with and you should take your device to an authorized Apple repair shop for repairs." Maybe even educate the user base on why you don't want your device modified by unauthorized 3rd parties, which they've done somewhat:

Quote:
This is even clear from the statement Apple provided to the Guardian:

We protect fingerprint data using a secure enclave, which is uniquely paired to the touch ID sensor. When iPhone is serviced by an authorised Apple service provider or Apple retail store for changes that affect the touch ID sensor, the pairing is re-validated. This check ensures the device and the iOS features related to touch ID remain secure. Without this unique pairing, a malicious touch ID sensor could be substituted, thereby gaining access to the secure enclave. When iOS detects that the pairing fails, touch ID, including Apple Pay, is disabled so the device remains secure.
From an article at Replacing your iPhone's home button could brick it, and that's a good thing - GeekWire.
__________________
tulak is offline   Reply With Quote
Old 02-06-2016, 01:45 PM   #39
Thinks s/he gets paid by the post
 
Join Date: Mar 2015
Location: Winnipeg
Posts: 1,323
Quote:
Originally Posted by kiki View Post
I don't agree that your solution is a better design. I wouldn't want my device to work in any way whatsoever if was tampered with. That is a security issue.
You're fine with it, but not everyone wants or needs that level of security.
__________________
Music Lover is online now   Reply With Quote
Old 02-06-2016, 02:37 PM   #40
Moderator Emeritus
 
Join Date: Oct 2007
Posts: 4,929
The "Error 53" indicates that an inconsistency has been detected in a special storage and communications system internally called the "Secure Enclave". The Secure Enclave includes its own coprocessor (A7 and later processors) with it's own secure boot process and its own verified and signed software.

The Secure Enclave coprocessor uses the System Software Authorization to ensure the integrity of it's software and prevent a class of attacks involving software downgrades or rollbacks to re-install exploitable bugs. It also uses an encrypted exchange between the Touch ID sensor and the Secure Enclave to prevent another class of attacks that can be used to 'unlock' or decrypt extremely sensitive information stored in the Secure Enclave.

If the Error 53 failure could be ignored, an attack is possible which would grant access to items normally locked away by the Data Protection keys in the Secure Enclave. Think about it. That includes your phone content if encrypted, iCloud access, iTunes Store access, those cards you've associated with ApplePay, and interesting bits of your cellphone account tied to your hardware.

The unexpected result of many people seeing Error 53, rather than it appearing only to a handful of really bad people, is the result of service techs replacing parts in the Touch ID system without going through the expected unlock/repair/re-credential process that a trained tech should be following, or fairly unusual internal damage.

If Apple were to allow a hack that ignored Error 53 and unlocked Secure Enclave content for the hacker, I suspect we would be hearing a somewhat different complaint.

Given a choice of failing securely or failing insecurely, best practice is to fail securely.

https://www.apple.com/business/docs/...rity_Guide.pdf
Quote:
The Secure Enclave is a coprocessor fabricated in the Apple A7 or later A-series processor. It utilizes its own secure boot and personalized software update separate from the application processor. It provides all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if thekernel has been compromised.

The Secure Enclave uses encrypted memory and includes a hardware random number generator. Its microkernel is based on the L4 family, with modifications by Apple. Communication between the Secure Enclave and the application processor is isolated to an interrupt-driven mailbox and shared memory data buffers.Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, entangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space.

Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key entangled with the UID and an anti-replay counter. The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor, determining if there is a match against registered fingerprints, and then enabling access or purchases on behalf of the user. Communication between the processor and the Touch ID sensor takes place over a serial peripheral interface bus. The processor forwards the data to the Secure Enclave but cannot read it. It’s encrypted and authenticated with a session key that is negotiated using the device’s shared key that is provisioned for the Touch ID sensor and the Secure Enclave. The session key exchange uses AES key wrapping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption.
__________________

__________________
M Paquette is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


 

 
All times are GMT -6. The time now is 05:43 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.