“Apple’s PR approach to the reporting of ‘error 53′ in the last week has been poor at best,” Ewan Spence writes for Forbes. “Following The Guardian’s coverage of the issue, Apple has released a handful of bland statements about security, fraudulent parts, hoping these will be enough to declare the issue closed. Meanwhile, the anger over Error 53′s root cause, Apple’s approach to customer repairs, and a lack of a cost-effective solution has been building online unabated.”
“The technical reasons for Error 53 have been partly lost in the conversation. Apple has a strong case for taking action to lock down a smartphone that has had its secure elements breached,” Spence writes. “There are technical reasons for two of the elements that caught my eye (why the lock-down only happens during the update process, and why the error message is so cryptic). Charles Arthur goes into exquisite detail on The Overspill, so I’ll direct you there for the full details.”
“But it’s not the technical issues that I find the most intriguing part of the story – it’s how the story has created its own myths, what the story says about Apple’s attitudes to users, and the question of Apple’s PR response,” Spence writes. “Apple traditionally has been a very secretive company, leaving its products to do the talking, but in the case where the product is saying all the wrong things (or people are interpreting what the product is saying in a negative way) then the artistic void should be put aside and clear facts should be released that acknowledge the situation, explain what has happened, and extend a solution.”
Read more in the full article here.
MacDailyNews Take: Apple PR drops the ball. What else is new?
Apple under pressure as lawyers pledge action over ‘Error 53’ iPhones – February 9, 2016
‘Error 53’ fury mounts as Apple software update kills some iPhones ‘fixed’ by non-Apple repair shops – February 5, 2016
I was hoping that, with Katie Cotton’s departure, they would manage issues like this more effectively. I guess the answer so far is, “not yet.”
This whole thing could be fixed in a heartbeat with a press release and a decent offer to fix the broken phones, even if they charge for parts and labor on correcting any problems caused by an unauthorized repair.
One particularly sympathetic user, a freelance photojournalist Anotonio Olmos had to have his iPhone repaired while he was in Macedonia. I don’t know what made him get the repair where he did. Perhaps he was unaware that Apple has authorized service centers in Macedonia. He could have looked one up on the Apple website.
Do authorized service centers actually service iPhones? Or do they just send it to an Apple facility to do the repairs?
When my iPhone 5 had to get its standby button replaced under recall, it wasn’t done on site, it had to be shipped off and I got a replacement for a week. And this was at an actual Apple Store.
An unauthorized 3rd party repair would offer “same day” and maybe even “while you wait” service. He might have accepted that a Home button repair might disable TouchID functionality, but he certainly wouldn’t expect it to brick the phone at a later date.
Your comment is dead-on right. I understand Apple’s need to protect the security of fingerprint system, but doing it this way, Apple blew it!
Apple is creating victims, not protecting them.
If the TouchID is compromised – why can’t the software disable that function entirely and still let the phone work in the same way as an iPhone 5?
… We’ve all been waiting 5-years, and still nothing but f*ckups galore!
Right. Things were always perfect when Jobs was there. /s
The haters and nitwits are blowing this way out of proportion, as usual. Those of us with decent critical thinking skills aren’t the ones flaming Apple about this issue, since we understand the issue and security implications involved. Newsflash: Apple doesn’t cater to uninformed, reactionary haters – never has, and hopefully never will. People like that are best ignored. In the end what matters is that Apple does the right thing by the people who are actually effected; and so far it seems Apple is doing that. Don’t get your expensive and ultra-secure Apple device “serviced” by some clueless person in a random mall kiosk if you care about your security. And if you do see this error, recognize that your data is perfectly safe rather than being potentially compromised, bring it to Apple, and they will take care of it for you. Simple.
Newsflash: most of the people in the world lack critical thinking skills, not to mention even a passing understanding of technology. This is the reason that skillful handling of PR is so important. You need to lead the conversation.
If you brick my phone without asking me or telling me, I would think that, if not hate, extreme contempt would be appropriate.
Not even a good atrempt at trolling.
I don’t think it is.
The phone was repaired months ago. An update bricked it last week. Most people wouldn’t even make the connection, and the “error 53” obviously doesn’t explain anything. One has to go find another phone (or an iPad, or a computer), google this “error 53” and discover that it is related to a home button repair. It is rather difficult to understand how was the phone able to work perfectly fine for months, only to become useless now. The logical conclusion is obviously that Apple’s update somehow bricked it.
I completely understand the underlying security story behind this, but for the few people who are affected by this, it simply boggles the mind. A $700 device that becomes completely useless after a software update, and was working perfectly fine before that — there is no convincing explanation that make sense to that unfortunate iPhone owner.
Had I not read about this problem on MDN, and had it happened to me, I would have likely been livid as well. Let us not forget, for most iPhone owners, the device is an extension of their mind, around which most of their daily lives revolve. Take it away and you have seriously disrupted their lives.
From the consummate purveyor of bile, insults, and low intelligence – silverhawk.
But you’re exemplary at being an imbecile. Now go off and collect money for Apple’s defense fund,
No, silverdick, your trolling attempts are definitely getting more and more pathetic. Why don’t you get back to sucking Cook’s little popsicle stick since all you do is attack anyone who expects Apple to act like the premier quality computer maker. Just can’t stand the truth when Timmy fucks up, can you?
Forbes’ Ewen Spence paints the issue as “any replacement parts” when it is not. It is only the replacement of the TouchID sensor, which is very unusual to be replaced. Third party replacement of the screen, batteries, or other parts which are far more likely to be replaced, will NOT have this problem, and are generally safe to have replaced by non-Apple authorized shops or as a do-it-yourself project (assuming one is somewhat skilled). As far as I know, the only paired part is that TouchID sensor.
When I read Apple’s response originally, it was quite clear. It explained it as a security issue and told people who had run into a problem to contact Apple Service, which would handle the problem by doing a re-sync of the sensor of the system to the sensor, if the user was authorized. Problem solved.
Resyncing the sensor, what a good solution. Wonder why the incident grew to become a class action suit if such a simple solution is available?
They are claiming that since only Apple can re-sync the sensors, it requires the customer only to do business with Apple. They imply that is impermissible as a restraint on the customer. Any old hack should be able to work on the iPhone under their theory.
Apple drops the ball? How?
If someone stole my phone, bypassed security by switching out a component and then accessed all my data, I would want the thing to be a brick.
There is a reason why some things should be serviced by Apple.
If the TouchID is compromised – why can’t the software disable that function entirely and still let the phone work in the same way as an iPhone 5? It would still then need a numerical passcode.
This is NOT antenna gate. Read the EULA.
Apple has PR? Get out!
They’re a branch under the software group.
Each and every Apple product needs to be shipped with a clear and obvious warning that repairs and installation of non-Apple approved components will make the device a security risk and likely make the device unuasble. However, access to emergency services from an iPhone should remain intact.
It appears more certain with each passing comment from MDN, it has been bought by Go-ogle.
You are onto something there! In this case it certainly seems like they have been assimilated by the Gorg.
What would people have said if the iPhone actually ALLOWED the security hardware to be replaced by some hacker. Then it would be some kind of bigger “security gate” or some sort.
We’re back in the arena in which no matter Apple actions or lack of actions, the hyenas come out of the woodwork barking at the top of their lungs how terrible Apple is.
And MDN cheers the hyenas on.
Yes, imagine the crap storm that would happen if Touch ID’s security features were compromised! It would be all over the media and the NYT would be looking to score a Pulitzer (undeserved or not).
You are talking about something else. Nobody is arguing that Apple allow third-party, compromised touch ID sensors, or the underlying security to be compromised.
The main point here (and it is quite valid) is that Apple didn’t develop proper process that would inform the user of the consequences of having the touch ID sensor replaced by anyone other than Apple themselves. This is a somewhat complicated technological problem. Not even genuine Apple Touch ID sensor would have worked, unless it was installed at an Apple shop, and Apple had a way of authenticating it against their servers.
There will be people who need to replace a defective Touch ID sensor. For them, Apple (and the third-party repair shops) must be able to clearly explain what can (and will) happen next time user tries to update the iOS. Regardless of whether the user paid for the replacement out of pocket, or if it was covered by warranty (or some other third-party coverage), logical expectation is that, after the repair, the device will resume working the way it always did. Because of the complex security architecture, this may not be possible, and the user must be informed BEFORE he decides to spend money to replace the Touch ID sensor. It is only normal that when a person spends money to repair the phone, they’d be angry if the phone turns into a brick later down the road, as a consequence of that repair.
Read Charles Arthur’s piece referred to in the article. It’s very technical but covers most of the myths and misunderstandings being bruited abroad.
Apple’s only fault IMO is that their PR department has not “led the conversation”. But then, it is a very technical issue. Most iPhone users have little understanding of the security issues inherent in the use of Touch ID for ApplePay. I have a better understanding having read the article.
I bet Forbes.
I think the main thing to be taken away from this is that error codes on their own cause confusion.
You wouldn’t want them bloating up the OS with helpful information (in all 7000 languages), would you? Where would they put all of the emojis? 🙂
I consider it case closed! If they are Apple authorized, why are they using cheap third party products to repair the phone then? Sounds like another over blown story.
It doesn’t matter whether the Touch ID sensor was ‘cheap third-party’ part or genuine Apple part; the exact same problem happens. No third-party authorised repair shop can successfully replace Touch ID sensor and make it work. It requires the sensor to be properly authenticated with data on Apple’s servers, and apparently only Apple can do that. Most of the world’s users don’t have an Apple shop nearby, so this is a serious problem.
“When iPhone is serviced by an authorized Apple service provider or Apple retail store for changes that affect the touch ID sensor, the pairing is re-validated.”
So apparently there are indeed authorized service providers – other than Apple retail stores – that can do the pairing.
The question now is, are Apple authorized service providers able to re-validate pairing after the OS update and error 53 is encountered?
The PR department, like the software department, does know how to play ball, but it’s soccer.
All they have to do is correct the “bricking” of the phone if the hardware has been messed with… AND BRICK THE FINGERPRINT SENSOR instead! Why brick the whole phone?
Worse comes to worse, I have to keep inputting my password. At least, that gives me a chance to get the phone “re-authorized” or whatever.
Because it means that someone is futzing around with the iPhone, trying to get into it. That is a security issue.
Perhaps instead of bricking then a few days of not being able to access (like when you enter a wrong passcode) would have sufficed. Allowing the phone to continue to work and bricking the phone at the update and not at activation after the repair seems to be the big problem with the TouchID argument.
Apple PR has been in coma for a loooooooong time now.
Another red herring. People here are acting as if this problem only comes up when someone replaces the factory button with a cheap nonstandard part. It actually happens anytime the physical connection between the scanner and the enclave is interrupted. The most common situation is when someone has a cracked screen repaired.
Apple has a secret method of restoring the pairing. Outside techs don’t, even if they use Apple parts, including the original button that came with the phone. Not even Apple can fix the device once it has been bricked. The disabled secure enclave is required to decrypt the code that runs the OS and apps. Replacement with a new phone is the only remedy. So blaming this on not using original parts is a red herring.
Framing this as an effective security measure is also a red herring. Anyone trying to hack the phone will likely do so as soon as it has been compromised. They will not wait until after the next software update, which is when the bricking occurs. To get that far, they will have to have physical possession of the phone + the device ID or pass phrase + access to the users’ iCloud account. Apple itself considers that as adequate security for everything but Apple Pay.
But because of that ApplePay, financial institutions demand that the authentication/authorisation of the sensor connected to the enclave be challenged if hardware has been tampered with. So, this isn’t really about overall iPhone security; it is specifically, and very narrowly defined, security of the link between the Touch ID sensor and the secure enclave used to store financial information for ApplePay. Nothing else.
No, that is not it. If it were, the iPhone would stop working as soon as the connection were broken. There is a means of re-syncing the parts. Apple is the only one who can do that.
Stop talking about stuff you know nothing about, especially claiming that it requires at the replacement of the iPhone with a new one, thats Bull Shit. You are blowing smoke up everyone’s ass. The original button that comes with the phone will still work. It’s replacement that won’t work.
Speaking of things you know nothing about, it does not matter if they use the original button that comes with the phone if it becomes unpaired with the secure enclave. That is what sets up “Error 53” at the next system upgrade or backup restore.
Of course there is a means of re-syncing the parts. As I specifically said, any Apple authorized shop can do it because they have access to the company’s servers and proprietary methods. No independent shop, no matter how competent, has such access.
So independent shops cannot safely do any repairs such as routine screen replacements that might affect the connection. If you live in an area without an authorized shop nearby (within a few hundred miles), your only remedy is to mail your iPhone in and hope it comes back within a reasonable time in a reasonable condition.
Not even an Apple company store can fix “Error 53” after a system upgrade has bricked the phone. I didn’t make up the bit about the only way to fix the problem being the replacement of the phone. That is what Apple is telling its affected customers. If that is B.S., blame them for blowing smoke, not me.
Yes, you are making that up. Apple is NOT telling their customers the only way to fix an Error 53 is to replace the iPhone. Where did you get that piece of mis-information? The 3rd party button can be replaced with a correct Apple replacement part and then re-synced to the Secure Enclave. You ARE blowing smoke if you claim such a BS statement as “the only way to fix the problem being the replacement of the phone” is coming from Apple.
Nor is routine replacement of a screen a risk for third party repair shops. It does not require replacement of the home button/TouchID system. You are pulling this stuff out of your ass. The connection can be disconnected and re-connected without a problem. The problem is attaching another one that has a different internal identifier. If the TouchID units were identical, it would simply not matter. Ergo, they are not internally identical.
The solution is very simple, don’t let an unauthorized service provider repair your iPhone. They do not have the proper equipment
to do the job correctly. As far as I know Apple does not authorize 3rd party service for any of there iPhones.
Apple has authorized service locations, with trained technicians, but also can do a two day turn-around using overnight delivery services.
Not in large areas of the world where iPhones are sold!
How do you know?
If this was truly a security issue the phone would brick upon repair and not wait until an update.