Hacker News new | past | comments | ask | show | jobs | submit login
iPhones 'disabled' if Apple detects third-party repairs (theguardian.com)
438 points by noobie on Feb 6, 2016 | hide | past | favorite | 341 comments



I posted this earlier today, but the current article (from bbc.co.uk) does a poor job covering the issue. In summary, Apple iOS uses a validation system to ensure Touch ID sensor is not maliciously replaced or modified. The Touch ID sensor has access to the iPhone Security Enclave, where fingerprint data is kept. A malicious sensor could, hypothetically, steal fingerprints from an iPhone user unknowingly. This could be used to unlock the phone and make purchases through Apple Pay without the owner's permission. To prevent this, Apple uses a validation system whenever the Touch ID sensor is repaired. When iPhone is serviced by an authorised Apple service provider or Apple retail store for changes that affect the touch ID sensor, the validation paring is updated. Third-party repairs to the sensor will not update the pairing, and will fail validation when using Touch ID. This validation error is shown to users as the mysterious "Error 53".

If the validation fails, the device will function mostly fine, although with Touch ID disabled. However, the device will be prevented from restoring or updating to a new version. Restoring from backup still works. I'm not too sure why restoring or updating is blocked, but my guess is that they want to prevent malicious software from being uploaded in this process.

From the Daily Dot article, if a user encounters this error, Apple's current resolution is a full device replacement. It may be overkill I don't think Apple expected many people to encounter this issue, so it seems reasonable why they chose this option.

This is a great security feature for users, and I'm really glad Apple engineers considered this situation. Unfortunately the media is blowing this and leaving crucial details about what's happening and the reasoning behind it.

Here is Apple's statement on the matter:

We take customer security very seriously and Error 53 is the result of security checks designed to protect our customers. iOS checks that the Touch ID sensor in your iPhone or iPad correctly matches your device's other components. If iOS finds a mismatch, the check fails and Touch ID, including for Apple Pay use, is disabled. This security measure is necessary to protect your device and prevent a fraudulent Touch ID sensor from being used. If a customer encounters Error 53, we encourage them to contact Apple Support.


What you didn't mention is that this verification only happens on a software upgrade. In the meantime either one of these two things could happen (I don't know which): 1. The sensor could do all the malicious things you mention 2. The sensor is blocked from accessing the security enclave.

The former doesn't seem like a secure solution that one should be really glad of. The latter would also be possible after a software upgrade so there is no need to disable the device completely. In short, they didn't choose a good solution.

Simply disabling a phone at some point well after a repair is just bad.

Edit: The parent post was edited a bit, so my point is now mostly covered. I still don't see a security-related reason to disable the complete device on a software upgrade. Maybe it could enable an attacker to modify the OS somehow in the process. However, I don't agree that this issue is "overblown". This presents a real problem for users that now have an unusable phone. It's important to note that Apple doesn't offer repairs everywhere in the world so many users now can't repair their phone at all.


My mistake, added that part into the parent post. The coverage of this story is all over the place and it's hard to keep track.

You are right though, allowing users to update/restore but disabling the sensor is a better solution. I'm not too sure why Apple chose this route. They haven't commented on the technical reasons behind it so it's hard to say for sure.


> The Touch ID sensor has access to the iPhone Security Enclave, where fingerprint data is kept. A malicious sensor could, hypothetically, steal fingerprints from an iPhone user unknowingly.

No, the CPU reads encrypted data from the sensor and sends them to the SE for decryption and analysis. See the PDF linked here by somebody. What a malicious sensor could do is store user's fingerprint for retrieval by unauthorized parties.

> If the validation fails, the device will function mostly fine, although with Touch ID disabled.

On iOS 8. Once the device is updated to v9, it turns into brick. Quoting from OP:

"They repaired the screen and home button, and it worked perfectly." He says he thought no more about it, until he was sent the standard notification by Apple inviting him to install the latest software. He accepted the upgrade, but within seconds the phone was displaying “error 53” and was, in effect, dead. When Olmos (...) took it to an Apple store in London, staff told him there was nothing they could do, and that his phone was now junk. He had to pay £270 for a replacement and is furious.

> If a customer encounters Error 53, we encourage them to contact Apple Support.

This may be a media-friendly euphemism for "it's dead", unless this London staff was clueless.


What a malicious sensor could do is store user's fingerprint for retrieval by unauthorized parties.

Of course, taking advantage of the exploit in question requires the phone to be stolen by an extremely sophisticated (if not state-level) bad guy, altered by installation of a malicious sensor that has never been documented to exist in the wild, then recovered by the owner, and then stolen again at a later date. All to acquire personal biometric data that could just as easily be obtained with a piece of Scotch tape.

A simple application of Occam's Razor suggests that Error 53 isn't a "security feature" at all, it's just Apple being a rent-seeking asshole.


> * A simple application of Occam's Razor suggests that Error 53 isn't a "security feature" at all, it's just Apple being a rent-seeking asshole.*

I don't think you understand Occam's Razor.


There's always more to learn. What am I missing?


Occam's Razor says that you should select the hyposthesis with the fewest assumptions. Saying Apple is a "rent seeking asshole" assumes that Apple did this maliciously, which is a huge ball of assumptions when they've literally put out a security paper[1] on how Touch ID and Security Enclave works.

[1]:https://www.apple.com/business/docs/iOS_Security_Guide.pdf


Does that document explain Apple's motivation for bricking phones that never had the fingerprint reader enabled, and that didn't even use traditional lock passwords?

No?

Well, then it makes sense to look elsewhere for that motivation. Additional data appears to be needed. Lacking such data, assumptions are all we have.


Possibly you're stretching for Hanlon's Razor, except you've got the wrong end of it. Hanlon's is the one that says "never assign to malice what can be assigned to stupidity". This feels like a screwup. The reason why it happens is consistent with security. But the effects are maddening.


Looks like you got this one right, and I'm glad to admit it.


Could be. At least your assumption, unlike mine, is testable. If it's an unintentional bug, the policy behind "Error 53" will become more consumer-friendly in an upcoming iOS update. If it doesn't... well, Occam wins the day.


Today's state-level agency is tomorrow's small town police department, and next week's street criminal. Attacks only get better.

Also, Apple is not only designing phones for you and me, but for businesses who nowadays are the target of state-level security agencies.

Clearly Apple fudged the implementation of this feature, and it's a PR nightmare, but all evidence points to their intentions being genuine.


Exactly this.

Do you really think Apple hasn't been shocked/annoyed at how China/US/et al have actively tried to hack their customers including attempt to compromise their own servers ?


What if the "owner" of the device, i.e. the person who paid her hard-earned wages to "own" it, is not interested in using the "TouchID" feature?

Is there an untapped niche for a similarly-sized single board computer (not several computers, baseband processor, SIM card that runs code, etc. jammed into a hermetically sealed casing that is worthy of being in the Museum for Modern Art) that just does simple simpler, "boring", useless things like send and receive packets, read, write and store files, etc.

A pocket-sized computer that a user can not just rent but _pwn_, that does not make gratuitous network connections to some "mothership" and allow for easy monitoring and remote control by a third party, and that does not brick itself if it's casing is opened. A computer that can be, to the fullest extent possible via open source software, controlled entirely by the user.

Who knows maybe a person could turn such a small computer into "a device for sending and receiving text, images, sound and video over a network, such as the internet."

Nah, there would be no use for such a thing. Only a device _that can handle payments_ is worth using to send and receive text, images, audio and video.

What is the point of a device used to communicate, e.g., a "phone", if it cannot also be used to spend money?


> A pocket-sized computer that a user can not just rent but _pwn_

Then don't buy an iPhone. Simple. You and the other dozen people on the planet will surely be missed.

The rest of us absolutely want Apple to be as aggressive about security/privacy as they possibly can be. Especially with even moderate countries e.g. UK, Australia being equally aggressive about invading privacy.


Looks like we got a fanboy.


When people visit countries and come back finding screws on their laptops removed, they don't need to be "fanboya" to want more security.


> A malicious sensor could, hypothetically, steal fingerprints from an iPhone user unknowingly. This could be used to unlock the phone and make purchases through Apple Pay without the owner's permission.

Why in the hell would anyone bother with this, if it's trivial to get persons fingerprints and reproduce them to unlock the device ? [1] Even if you lack the touch ID, the device is still encrypted by the PIN and is functioning (and is secure) normally without it.

Either it's really over-engineered or is what it is - scare tactic to bring people to Apple repair centers.

I wish they'd use rather this media attention to inform the public that fingerprint authentication isn't there for security, but conveniency first. Apple Pay would function just fine without it. But would it have it's appeal of easy payment ? Probably not.

[1] https://www.youtube.com/watch?v=2u4ZLGsw1zo


I'm not sure it was over-engineered. Recall when Touch ID was introduced there was huge media backlash: Apple is stealing our fingerprints, how do we know there isn't an NSA backdoor to the fingerprint storage, and so on.

The Secure Enclave system was set up exactly to counter those concerns.

Interestingly, when other phone vendors later implemented fingerprint unlocking there was far less outrage. Even when the fingerprint images themselves were found as unencrypted raster images on device storage.


I think it is definitely over-engineered. If it is a scare tactic to bring people to Apple repair centers why isn't this happening with other Apple products?


Oh you mean apart from all the glue and solder, non-replaceable batteries and the like?


Not sure if I understood you correctly but replacing batteries yourself in your Macbook does definitely void warranty but does not brick the device.


Wouldnt it be more logical to simply disable the Touch Functionality and treat it like a Pre-TouchID button when not replaced by Apple with an OEM part?


From the Daily Dot article, it looks like what you described is what happens (TouchID is disabled) and the phone will function mostly fine, but the author also encountered other bugs possibly related to the issue. However, the bigger problem was whenever he tried to restore or update the device, Error 53 occurred and it failed. Restore from backup still worked though. So essentially, his iPhone was locked to that iOS version and could not be modified.

http://www.dailydot.com/technology/what-is-error-53-iphone/


I don't think that would solve the underlying problem of the TouchID sensor being compromised. The device would potentially be venerable to software based attacks that re-anbled the compromised TouchID sensor.


Why? Then the user is left guessing why their phone is acting like it has no TouchID when it does.


Would you rather guess why Touch ID isn't working or have a completely unusable phone?


If you get your phone repaired and TouchID no longer works when you get it back then it's not going to take a genius to put two and two together and figure out that it might be related to the repair.


It's a well known issue and every independent repairmen will warn you before replacing this part or else they would quickly get sued out of existence.


We don't know the technical details behind. For all it's worth, the button might be like one of those thunderbolt ports that has direct memory access and can alter the firmware during a software upgrade.


Don't worry. If there's any bullshit in the article, I'm sure Apple will help us discern which parts are true and which parts are false, the expensive way. Every time.


Is enclave a standard security term? Does apple publish technical details on what sort of security the touch id uses?


https://www.apple.com/business/docs/iOS_Security_Guide.pdf


Damned if they do, and damned if they don't.

"Anyone can access your private photos and emails! Just replace the home button with one programmed with your own fingerprints!"

Can you imagine the comments if that were a story?

The problem here is that Apple didn't find a way to tell repair shops and users that this could be an issue.


It doesn't have to be either or. Apple could provide a better fail over behavior for the home key, including a way for a consumer to validate the changed hardware.

For instance: "IOS has detected a change in your Secure Home Key. Please contact apple secure support to confirm that your device is still secure!" add a 1-800 number and some security questions. Or automate it by requiring a login to your Apple account, email validation, and email notification of the change.

Bottom line, when one authentication method fails, you need a fail over to something more difficult.


> Please contact apple secure support to confirm that your device is still secure

There's no way the customer or Apple can do that with third party hardware installed. The only solution I can see is to disable all of the features relying on Touch ID.


If they can issue an auth code for apple hardware then presumably it's possible to issue one for non apple hardware. They just have to make some effort to confirm the owner of the phone has it rather than a thief.


I'm sure no nation-state level actor would ever infiltrate this process..


At which point you have much bigger problems than a compromised iPhone.


Therefore... Apple shouldn't try to protect you?


Only to the extent I protect my own data. If I don't use the fingerprint scanner (or even a simple password), don't brick my phone because the fingerprint scanner failed validation.

Really, this seems pretty straightforward. "Security," while always a noble cause, is not an excuse to add gratuitous points of failure to a system.


The bad guy can then walk the user through that security verification process, and the user is screwed. Think it through.


Let's extrapolate this to UEFI/Secure Boot.

If a motherboard displayed an error when a piece of hardware from a different manufacturer was inserted and failed to operate, we'd cry bloody fucking murder. Instead, we expect users to take responsibility and if they compromise their own machine / want to take a risk then that's their business.

Just because it's an Apple phone shouldn't reallign our morals concerning user control and responsibility.


Wouldn't touchID get disabled until the verification process was finished? They would need the user's password.


If you're targeted by a "bad guy" at this level of play, you have much bigger problems than an untrustworthy fingerprint sensor.


They could invent another architecture which doesn't tie a mechanically failible element with an identity system.


Then the user would still need to input their passcode after the button was replaced before anything could be stolen.


That works, if and only if you already know the user's pin to unlock the phone.

This attack you suppose Apple is defending against is not possible.

The only attack Apple is really defending against is the attack of non-Apple phone repair companies.


I highly recommend reading up on Apple's Security white paper that details how it all works... https://www.apple.com/business/docs/iOS_Security_Guide.pdf


It's totally dumb that a functioning phone is bricked by an update because of repairs done in the past. Imagine the same thing happening to your car. "Sorry sir, the software update done to your car has now disabled the vehicle because in the past someone not related to x (insert name of car company here) has repaired it, your car is now junk (you can't even resell it) and you'll have to buy a new one".

It's just petty revenge because you had to temerity to go to another party other than apple to get your phone repaired and maybe even saved some money in the process. So now, in retaliation we'll destroy your phone in software. I'm sure this will go down well with the various EU courts.


Seems more like short sightedness than "petty revenge."

The new home button hardware can't be securely validated, and a future OS update fails on the unexpected condition of invalid Touch ID hardware. I can imagine that this wasn't a prioritised testing scenario, likely not even considered by Apple when developing iOS.

It's a lousy way to fail — the phone should just disable Touch ID and Apple Pay, and anything that relies on the secure co-processor.

But it feels far more like there's an `else` branch sitting in the iOS codebase somewhere where a programmer has written:

//NOTE: This should never, ever happen

//.. code that triggers error 53


There's a lot of stuff that depends on the secure element - in fact the phone would be quite useless without it.

In fact, when you first reboot your phone, even contacts cannot be accessed until you authenticate with your passcode to unlock the secure element. Incoming text messages only show the phone number.

You're right, however - a Touch ID sensor that cannot be verified should not brick the phone. Apple should just disable Touch ID and sever any link between the sensor and the secure element.


> There's a lot of stuff that depends on the secure element - in fact the phone would be quite useless without it.

Disclaimer: I don't own an iPhone with Touch ID.

However, it seems to me that the phone should still work if you logged on with your PIN instead of with TouchID. It should therefore be as useful as most phones that didn't have TouchID in the first place (which happens to be all my Android and iOS smartphones).


Correct. In fact, a passcode is always required the first time after you reboot your phone. The passcode secures the Secure Element, which contains the fingerprint data used by Touch ID.


On TouchID phones, the PIN is held in the same secure enclave as the TouchID data.


OK, thanks! Can you reset the PIN without knowing the original?

If you can't, there's no need to brick the phone...


The issue is Apple cannot verify a secure touch ID replacement over a compromised touch ID replacement. Without knowing if your replacement is secure the change potentially compromises the security of the whole device.

IMO bricking on touch ID issues is extreme, but maximises the security of the device.


>IMO bricking on touch ID issues is extreme, but maximises the security of the device.

We are all smart people here and there are several ways to have security without bricking expensive hardware.

First, the update can wipe the device instead of bricking it.

Second, Apple can provide an option to replace the fingerprint chip and charge, $150-$200 or whatever it costs for it.

There would be several better solutions that the most profitable company in the world could figure out if they wanted to. It's funny how their particular solution happens to make them even more money through shutting down third party repairs and making people buy new phones.

This is like your home alarm software(made by the home builder) remotely burning down your house and telling you to build a new one because someone may have tampered with home access and could possibly enter your home.


  Second, Apple can provide an option to replace the fingerprint chip and charge, $150-$200 or whatever it costs for it.
At the end of the article, it said that affected customers should contact Apple Support. Are you sure they are not offering a hardware fix at that point? It doesn't sound to me like they're just letting people hang.


From a different article:

>When Olmos, who says he has spent thousands of pounds on Apple products over the years, took it to an Apple store in London, staff told him there was nothing they could do, and that his phone was now junk. He had to pay £270 for a replacement and is furious.


There is a failure in the apple stores vs phone support. I went to two Apple stores to try to get my watch band replaced or fixed under warranty and was told by both of them "no way no how" - but phone support had no problem replacing the band.

I find the stores are somewhat inconsistent in their application of policy. (Particular if the policy isn't well defined ahead of time, as in this case)

(As an aside, the practice of requiring an appointment to talk to a support person or even just drop off a broken computer is maddening.)


Alternative interpretation -- "A custom voided his warranty by installing some rando third-party aftermarket parts, and is furious that it didn't work out."


Yes. Just as destroying the phone with a hammer maximizes the security of the device. Effective but entirely useless.

The phone would still work perfectly fine and safe if Touch ID would be disabled and input from the sensor wouldn't be trusted.


> The issue is Apple cannot verify a secure touch ID replacement over a compromised touch ID replacement. Without knowing if your replacement is secure the change potentially compromises the security of the whole device.

What are you even talking about?

If the fingerprint scanner is suspicious, just disable it and leave the rest running. And this is in fact what happens, until a software update is installed and then the phone suddenly decides to brick itself completely.


Does the 911 feature still works on these phones? 911 should work even without a SIM card and without any other authentication, to purposefully disable a phone in this way may have bigger repercussions than just 'security'.


How? TouchID is the less secure authentication than password/PIN anyway (which is shown by the fact that you need to enter PIN/Pass right after boot). How would just disabling TouchID auth be a worse option?


>TouchID is the less secure authentication than password/PIN anyway (which is shown by the fact that you need to enter PIN/Pass right after boot).

The fact that you need to enter PIN right after boot, just shows that they use "two factor authentication" to make it even more secure.

It doesn't IN ANY WAY show that TouchID is "the less secure authentication" method of the two.


You can do anything you want on the phone without using Touch ID at all. The fingerprint sensor is not a necessary factor in their implementation, while the passcode is.


> You can do anything you want on the phone without using Touch ID at all

I believe ApplePay requires TouchID.


I can't try because Apple Pay isn't available here yet. According to this support document it works without Touch ID (emphasis mine):

> To help ensure the security of Apple Pay, you must have a passcode set on your device and, optionally, Touch ID. [...] To send your payment information, you must authenticate using Touch ID or your passcode.

https://support.apple.com/en-us/HT203027


Fingerprints are impossible to change and can be brute-forced. Therefore, fingerprint security is less secure than a password that can be changed.


Brute forced with what? Trying different fingers?


A fingerprint, like any piece of data, is handled at the lowest levels as a number. A number with some constraints, but a number.

By feeding numbers into the scanner instead of fingers, you can accomplish the same effect as feeding random strings into a password box. Further, it's also possible to take fingerprints through social engineering, or by getting at the database of a company that uses fingerprints as security. Five bucks says someone's already storing a bunch of fingerprint data as plaintext.


>By feeding numbers into the scanner instead of fingers, you can accomplish the same effect as feeding random strings into a password box.

Isn't this exactly why they DON'T allow you to use the iPhone with a potentially tampered with HW/TouchID -- e.g. the very feature/issue we're discussing?


Well, yes.

I'd argue that fingerprints for security are just silly to begin with.


> The issue is Apple cannot verify a secure touch ID replacement over a compromised touch ID replacement. Without knowing if your replacement is secure the change potentially compromises the security of the whole device.

The correct solution there would be to pop up a warning saying the TouchID hardware has been tampered with, and giving the user an option to validate it.


That wouldn't really be a good idea. Someone could steal your phone and replace the TouchID hardware. Then this popup comes up and they say, oh yeah this hardware is totally legit! Then they get your data, impersonate you, charge stuff etc.


The prompt would have to be after you authenticated your phone in some other way, like via the passcode.

I think it's totally OK not to accept authentication from an unvalidated device, but a legitimate user should be able to do the validation.


I think the post is referring to a hotel maid scenario.


Fingerprint scanners are useless for security. My fingerprints are everywhete, especially all over my phone. Touch id merely buys time, which can increase security but if they get my fingerprints, make a dummy finger then they need very little time to open my phone. If they are determined they'll do it. If they are not, probably they won't care about the data in my phone.


They have at most 48 hours (or perhaps 24?) and 5 tries to find your fingerprint and unlock the device. TouchID will discard the keys and require a passphrase if it is not used for a while or after the fifth invalid fingerprint attempt. The window of opportunity is not that big. I would not characterize it as useless at all.


> The issue is Apple cannot verify a secure touch ID replacement over a compromised touch ID replacement.

Couldn't they just ask the user? Use the backup password to authenticate.

If it's my device, I want to be the one who chooses what I trust.


In fact, when you first reboot your phone, even contacts cannot be accessed until you authenticate with your passcode to unlock the secure element.

I don't have a password on my iPhone. I don't need one, because I don't store any critical data on the phone, or spend any significant time in environments where it's likely to be stolen. And I guess I'm naive enough to assume that no one from the NSA Tailored Operations department is going to sneak into my bedroom at night and install a malicious fingerprint sensor.

So, no, there is absolutely no reason for Apple to brick my entire iPhone if the sensor fails validation. They should act to maintain the level of security chosen by the user... no more, no less.


That's true. I meant to say it should disable any hardware that was directly tied to the secure element, such as Touch ID and Apple Pay's NFC chip. I didn't mean to imply all encryption services in iOS should be disabled.


The scenario they're protecting against appears (to me) to be a bad actor changing the hardware. If the Touch ID sensor is bad, and you propose falling back to a PIN, who's to say the digitizer isn't compromised too and is recording touches?

Sounds a bit like a downgrade attack if they didn't fail fast and hard at the earliest opportunity.


> If the Touch ID sensor is bad, and you propose falling back to a PIN, who's to say the digitizer isn't compromised too and is recording touches?

So why not brick the phone out of the box? Even if the finger scanner is original, somebody may have compromised the digitizer anyway.


I don't think they are protecting against that scenario so much as not accounting for it. I expect Apple's assumption is that they provide all components for their devices. People who install unauthorised third party components can no longer have those devices serviced by Apple — so it no longer matters to Apple whether those devices are compromised, because they aren't really "Apple" devices at that point anyway.

This botched handling of replaced hardware that hasn't been paired with the Secure Enclave ties into the above. Apple doesn't expect people to replace such hardware through a third-party, so they don't think to engineer their software to fail gracefully when it happens.


There's no need to be so hostile and assume malice when there's plenty of perfectly sound explanations otherwise.

Apple is a fairly security conscious company now so security tradeoffs should not be a surprise.


Assume malice? How do you mean?


There is only one valid reason to authenticate the fingerprint scanner before using it, and that is to prevent the use of aftermarket replacements.

No matter what the motives behind this mechanism were, it was put in place exactly to prevent 3rd party scanners from working.

And if they implemented authentication and didn't even test what happens if it fails, then well... how do they know it works at all?


If you have a secure enclave within the device, then any hardware which has a direct connection to that secure enclave must be authenticated. It doesn't matter about aftermarket replacements.

The entire purpose of the secure enclave is defeated if it trusts any hardware connected to it.

I'm not saying they didn't test what happens when it fails. I'm saying they didn't do user testing on what happens when it fails. I'm sure the engineers tried out the hardware authentication system. They just didn't test the whole scenario once iOS was sitting on the end product.

So yes, it was put in place to stop any hardware that could not be trusted from accessing users' secure data. But no, it was not done to prevent aftermarket replacements.

The only reason I can see Apple caring about aftermarket replacements is because they are often low quality, and cause customers to go back to Apple with unauthorised repairs. (I've witnessed this more than once in an Apple store, someone coming in who had their screen replaced outside Apple and the touch digitiser was failing. Apple just sends them away.)


> If you have a secure enclave within the device, then any hardware which has a direct connection to that secure enclave must be authenticated.

Consider reading the description of iOS security features linked somewhere in this thread.

Because what you are describing is a disaster, not security. If some off-chip sensor had access to fingerprint data or crypto keys, anybody capable of installing such chip would also be able to simply dump all the data himself in the comfort of his lab.


If I understand this correctly (not an iphone person), the touch ID sensor is just a fingerprint scanner?

As a standalone measure, biometrics make a shitty password substitute because you can't change a finger print if it's compromised, so shouldn't the iphone be secured on the premise that the finger print scanner is already compromised, hence losing it should not qualify as a downgrade attack?


Touch ID is a fingerprint scanner, but the Touch ID system is paired with the "Secure Enclave" in Apple's AX chips.

Secure Enclave is a separate coprocessor running its own L4-based microkernel. This hardware is directly paired with security-sensitive hardware (Touch ID, Apple Pay NFC chip, etc). It provides all cryptographic operations for data protection key management and maintains the integrity of data protection even if the kernel has been compromised.

So when you stick a third-party Touch ID sensor in an iPhone it's obviously not going to be paired with the secure coprocessor. It doesn't really matter whether biometrics are shitty passwords, the iOS update process realises there is compromised hardware touching the Secure Enclave and fails in the worst possible way for the user.


Does this mean your fingerprint never leaves the scanners coprocessor and is inaccessible to iOS and the other processors and OSs within the phone?


Basically, yes. The Secure Enclave is hardware isolated from the rest of the chip.

Apple's own security guide explains it best [1]:

> The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor, determining if there is a match against registered ngerprints, and then enabling access or purchases on behalf of the user. Communication between the processor and the Touch ID sensor takes place over a serial peripheral interface bus. The processor forwards the data to the Secure Enclave but cannot read it. It’s encrypted and authenticated with a session key that is negotiated using the device’s shared key that is provisioned for the Touch ID sensor and the Secure Enclave. The session key exchange uses AES key wrapping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption.

Regarding the actual fingerprint storage, it looks like the encryption key is kept in the Secure Enclave and the entire decryption and verification process occurs within the Secure Enclave. However the encrypted data itself may be stored outside the Secure Enclave:

> The raster scan is temporarily stored in encrypted memory within the Secure Enclave while being vectorized for analysis, and then it’s discarded. The analysis utilizes sub-dermal ridge flow angle mapping, which is a lossy process that discards minutia data that would be required to reconstruct the user’s actual fingerprint. The resulting map of nodes is stored without any identity information in an encrypted format that can only be read by the Secure Enclave, and is never sent to Apple or backed up to iCloud or iTunes.

[1] https://www.apple.com/business/docs/iOS_Security_Guide.pdf


Yeah, there's the source of that quote, 'sub dermal ridge flow angle mapping', which at the time was described as 'how we know it's really your finger', along with supposedly measuring 'micro RF fields' to ensure it was a live finger.

Except it could be defeated by a laser printed fingerprint on a piece of paper (initially).


Yes, at least according to Apple: https://www.apple.com/business/docs/iOS_Security_Guide.pdf (page 7).

"The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor, determining if there is a match against registered fingerprints, and then enabling access or purchases on behalf of the user. Communication between the processor and the Touch ID sensor takes place over a serial peripheral interface bus. The processor forwards the data to the Secure Enclave but _cannot_ read it".


Yes. The OS can only tell if the fingerprint matched or not. The checking is done solely in the secure enclave. Presumably the OS also gets told which fingerprint matched too?


I'm pretty sure there was no direct malice here (except for the usual Apple disregard for 3rd party components), but the security reasoning behind this move is still questionable. The only danger of a compromised Touch ID sensor, is that it could record your fingerprint and let the attackers replay that fingerprint to access all your encryption keys on Secret Enclave.

That would be a huge vulnerability, if there hadn't been thousands of other ways to record your fingerprint, and while most of them are less accurate than a trojan Touch ID, they're also much easier to pull off.

And at the very worst, if a sophisticated malicious actor got the chance to meddle with your phone, they could just skip the Touch ID sensor altogether and install a stealthy fingerprint digitizer in the touch screen or on the back of the phone.

So in short, Apple's security measure, if my understanding is correct, does absolutely nothing to protect the user.


THE critical security system of your phone has been tampered with. PIN data, TouchID data, crypto data and everything else related to security is on that same bus. You do not detail secure info over that channel.


Aha, that makes more sense.


Too bad the compiler doesn't raise a fatal error for comments like that.


It may even be against the law in Europe because the phone was working perfectly after the repair and only the later update locked the phone without the ability to unlock it.

To keep with the care maker example, in Germany, the car makers used to void the 10 years guarantee on the painting of the car if the regular checks were done by an independent car shop. This was then declared as illegal.

I suppose Apple will soon release an update and declare that this was "a bug".


How will affected users get the "new update" if their phone is already broken by the previous? I mean, I hope that, in the case of already broken phone caused by their own update, apple _at_least_ give them a new iphone for free, else they are gonna get rape-sued here in EU


No, the phone did not work perfectly after the repair. The fact that the user didn't realise it didn't work perfectly doesn't change that. The repair compromised the security of the device.

Image if you have your tires changed by an independent car shop and a month later one of your wheels falls off on the highway. Do you start complaining about it to the car's manufacturer because 'it worked perfectly before'. No you don't.

The repair shop didn't repair it properly, if it was repaired properly the new TouchID sensor would be securely paired with the Secure Enclave and this issue would not occur.


Your analogy is way off.

This is more like your Tesla car's keyfob misfunctioning and you get it repaired by a non-Tesla dealer. The dealer could've put in a backdoor to get into the vehicle.

Tesla releases a big new update for their car software and now your Tesla is completely bricked and Tesla refuses to repair it, saying you have to buy a new car.

Is that acceptable?


In regards to warranty repairs automakers can (and often do) deny coverage due to the presence of non-OEM parts. Outside of warranty / safety repairs they are certainly not obligated to perform service.


Almost, except the Tesla store just says you have to buy a new (authentic) key fob rather than a new car.

Apple or other authorized repair shops can still fix phones that have been disabled due to security chain errors.


I don't think so, see my other comment.

https://news.ycombinator.com/item?id=11048311


Hunh. My bad, I was under the impression (based off some other comments) that replacing the home button/finger scanner with a legit one and updating the security pair would make the issue go away, but looks like I was wrong.


and how can I be sure that in the Apple store they are fixing the phone with a thrustworthy component? and so on... Apple excuses make no sense this time.


Except that the wheels didn't fall off the phone. This lockup happens due to code proactively added by Apple. You are confusing three different issues: the design of the system, the legality, and how security should work. In this case, none of those three items align. This is Apple's problem - they chose the easiest option for themselves, not what would benefit customers legally, functionally, or by securing the device properly.

You are fundamentally misunderstanding the threat model. What is the exact threat that Apple is guarding against? Is it an evil maid attack planting new sensors, switched devices, someone's fingers being cut off? All of these require different mitigations - none of which for a general purpose consumer phone are to brick the device when upgrading.


It would be definitely illegal in France which has a law against planned obsolescence - but EU doesn't have it yet. https://en.m.wikipedia.org/wiki/Planned_obsolescence#Regulat...


Only if it was "planned obsolescence" and not "a security measure".


I don't think you can excuse something as "a security measure" when it is clear that it is not a reasonable security measure and the reason for disabling device is something else.

Anyway, this confirms that I'll stay away from Apple stuff.


>Imagine the same thing happening to your car.

That sort of exists now. There are parts, like the throttle control on Volvo's, ABS units on BMW's, etc, where the unit is coded to your vehicle.

You can't, for example, swap an otherwise identical throttle from a junkyard into a Volvo. It puts the ECU into limp mode, and the car is essentially useless.

Now, that's not the result of an over-the-wire firmware update, but that's really the only piece missing. When/If vehicles start regularly updating firmware over the wire, you'll start seeing stuff like this.


How is this the top comment?

We can see that it is clearly nothing to do with 'revenge' or 'retaliation'. The evidence clearly contradicts that.

Apple makes strong promises around security and Touch ID in particular. This is clearly designed to maintain the integrity of that system.

It's certainly a terrible failure mode - the error message should explain what the problem is.

But imputing these bizarre motives just reveals bias on the part of the commenters.

The alternative would be at some point a headline like "compromised Touch ID sends fingerprints to bad actor".

[this was obviously going to be downvoted, but for the record nobody has either made an argument for, or provided evidence for the 'revenge' motivation, while the 'poorly implemented security policy' explanation is clearly supported by the evidence.]


> The alternative would be at some point a headline like "compromised Touch ID sends fingerprints to bad actor".

There would be no such headline. Before update to iOS 9, the affected phones functioned normally, but with disabled Touch ID.

And if you have to know why people come up with theories like that - either Apple didn't think what happens to users who already had this hardware replaced or they thought about that. Maybe those who accuse them of malice simply overestimated their competence - after all, they make big claims about high quality, attention to detail and whatnot.

Not to mention that the first part of this comment makes sense and probably expresses well how people feel about this screwup.


> Before update to iOS 9, the affected phones functioned normally, but with disabled Touch ID.

This is irrelevant. The problem is that those affected phones could still have had compromised fingerprint sensors.

Apple did the right thing in protecting people from this, but did communicate about it poorly.

The only malice in this situation is on the part of the people accusing apple of being motivated by 'revenge'.


> This is irrelevant. The problem is that those affected phones could still have had compromised fingerprint sensors.

... which wouldn't be used after the phone determines it's an aftermarket part. Equally well the attacker may have installed a malicious piece of brick inside.

> Apple did the right thing in protecting people from this

Sure, they protected users from using phone with replaced home button and disabled fingerprint scanner by bricking the phone completely.

Hard to tell in what proportions malice and/or stupidity were involved in this case, but either way it wasn't "doing the right thing".


Stop saying they bricked the phone. It's untrue. The phone is producing an error message and the problem can be rectified by visiting an Apple Store.


Maybe something has changed after this article, I'm not going to make such claims anymore without verification.

However, you have to understand that when I posted this, I knew about cases (including TFA) when the problem had indeed been "rectified" by visiting a store (sorry, couldn't resist ;)) but no case when the device had actually been fixed and data recovered, whether this is technically possible or not.


>Imagine the same thing happening to your car.

Given that apple is working on an iCar, it's just a matter of time I presume.


This whole fiasco makes me wonder if the link between the TouchID sensor and the rest of the phone is so fragile and easily spoofed that they are concerned a fraudulent sensor could be trusted implicitly by the phone, and therefore used to inject malicious data ("here, I am sending you [USERS] thumbprint").


What if that "repair" was done by NSA, CIA, etc? Should the phone boot like nothing happened? Seriously?


Looking at teardowns, like the one at ifixit [1], the touch id sensor seems to be a pretty standard imaging sensor that heads to an NXP chip. I'd be willing to bet that the encryption of the print happens on the nxp chip instead of the imager, so if the NSA/whoever were doing a "repair", they'd probably just put an MiTM chip on that insecure path for later playback. Against a state actor, Touch ID is a triviality.

[1] https://www.ifixit.com/Teardown/iPhone+5s+Teardown/17383


Maybe they want to move encryption onto the sensor chip in future generations, because the scheme you described is indeed a joke.

But to be honest, it's not like fingerprints are such a hard to obtain secret in the first place.


Fingerprint scanner disabled due to unauthorized modification. Please contact support or type "I want hackers to steal my data" 10 times to reenable.


Hell, they could, on boot, display a message with something like "This phone contains contains a non genuine apple part"

Then the question is, could the NSA/CIA/etc trick the phone into thinking the repair was valid?


Almost certainly so. Decap the chip, pull the flash contents out to get the key, etc, flash a new backdoored chip, you're done. Hobbyists have been decapping chips and pulling flash for a while, so this is certainly not beyond the abilities of the NSA/CIA/etc. You wouldn't need the exact same make of chip, just one that presents itself as the same.


On boot? Many naive users never boot their phones after the first time they open the box.

So then, what, if not on boot, show it all the time, with no option to suppress? If you offer a way to suppress it, that will be used by the bad guys.


I say show a message whenever Touch ID is activated. Then again that would be really freakin' annoying. Still better than bricking the phone.


LOL, given how those organizations work they wouldn't do the "repair" they would ask Apple to install it for them.

I'm sure they already did that assuming they don't have better ways.


My thoughts exactly.


Remember the woman who proved that Apple consistently slows down sold iPhones with "updates" right before the launch date of a new model? [0]

Apple is in the business of selling (overpriced/overengineered) hardware. Their tactics make that very clear.

The only problem with that is that there is no real competition in mobile phones anymore, it's just a giant duopoly. Sure, you can switch to Google/Android, which as the giant ad company (in other words: personal data hover/mass surveillance company) is just as bad.

My only hope is for Ubuntu to make the right moves soon.

[0] A source: http://www.dailymail.co.uk/sciencetech/article-2709502/Does-...


Remember the woman who proved that Apple consistently slows down sold iPhones with "updates" right before the launch date of a new model?

No, because that never was a fucking thing.

Seriously, this is supposed to be a community of reasonably well-informed tech-oriented people. Step back for a second, take a deep breath, and think before you spread nonsense like this. Jesus.


Thank you! This shit is getting out of hand.


That does sound ridiculous.

But please don't comment like this and https://news.ycombinator.com/item?id=11047606 on HN. That just makes the threads worse. Instead, please stay civil even when some people are being silly.


You are, as ever, totally right; there's no reason to be rude. Sorry.


> You are, as ever, totally right

Good lord no. But thank you for the polite response and intention to change. It really is a collective effort.


That was frankly horribly researched. They started off with a supposition, and ignored any data that didn't help prove it.

They completely ignored that a new handset release tends to come in lockstep with a new OS release. This is relevant because it means many, many people are changing the operating characteristics of their existing handsets at the same time - leaving their phone not only not a "known constant", but potentially creating the same results even if a new generation of phone hadn't just appeared at the same time.

Seriously, if you take their graph and replace the labels for each 3g, 3gs, 4, 4s etc, with ios2, 3, 4, 5 .. the data is still accurate, but the take-away assumptions change entirely.

They ignored that geekbench scores show that scores for any given generation stay roughly constant over the phone's lifetime. That's a fantastic set of data that isn't coloured by changing expectations over time.

And they were quite happy to brush off that the samsung numbers showed exactly the same changes over time, as they didn't spike around releases. Completely ignoring that Android has entirely different update strategies (having to wait until your telco 'blesses' the update, etc).

If you look at their graphs, and think of each label as an OS release rather than coinciding with a new handset (which is still accurate), the story it now tells is that ios updates receive much larger adoption in hurry, when compared to adoption of android updates.

Which we already knew. Apple's update strategy is that every compatible handset is able to update "today", whereas android updates are staggered by various levels of support from different mffrs and different providers.


> Remember the woman who proved that Apple consistently slows down sold iPhones with "updates" right before the launch date of a new model?

No. Story linked from daily mail (that's not a "source") is more nuanced.

http://www.nytimes.com/2014/07/27/upshot/hold-the-phone-a-bi...


From the link: "The important distinction is of intent. In the benign explanation, a slowdown of old phones is not a specific goal, but merely a side effect of optimizing the operating system for newer hardware"

When we try to judge intent we do judge the context. So let's look at the context: people do know that iPhone updates will probably slow their device(even though Apple doesn't tell them that). And there's no way to stop the nagging update notification (aside from jailbreaking).

So let's not be naive. Maybe it's hard to prove at the legal level, but there's a pretty decent chance that this is intentional by Apple.

EDIT: if you upvote, please explain why you think this is wrong.


Software getting slower with updates is a fact of life. It's been an obvious and expected thing since I started being aware of computers and updates in the late 1980s and I'm sure it was a thing even before that. The odds that Apple is doing this on purpose, rather than as a standard side effect of cramming ever more features into their stuff, are so low it doesn't bear more than a moment's consideration.

What's next, people say Apple deliberately destroys batteries after a few years, rather than being a natural consequence of battery chemistry? Apple deliberately makes their screens shatter when dropped?


I'm not arguing against the update making the device slower. But the fact it's built so people would upgrade(via irremovable nagging), even when it's clearly not what's best for them.


Huh? Of course you're not arguing against the update making the device slower. You're arguing that the update not only makes the device slower, but that this is a deliberate action by Apple to make older devices slower. And I'm saying that's ridiculous since it happens to pretty much all software anyway and all Apple would have to do to make this happen is just develop updates the same way everyone else does.


"Remember the guy who proved that Apple consistently slows down sold iPhones with "updates" right before the launch date of a new model?"

No, I don't, but I'd like to read more about it. Got a source?


>> Sure, you can switch to Google/Android, which as the giant ad company (in other words: personal data hover/mass surveillance company)

While on the iPhone: Do you use Google search ? Do you use Google maps ?

Well, if you do , there's not much sense in hiding from Google. And if you use Android, you could use tools like cyanogen's "privacy guard" to hide your data from all/most app authors , which i don't think you can do in iOS.

Also , unless they target you specifically, so long that you use an alternative keyboard - i don't think Google on Android collects your key press data - so you can use anonymity apps for special circumstances, But i could be wrong about that. Same goes for encryption keys, unless your targeted.


With Microsoft shutting down Windows Phone, Blackberry giving up on making it's own OS, Palm's WebOS now just a TV interface and Firefox OS rightfully shut down, the market has very clearly proven that there is no room for a third mobile OS.

Hell, there's barely any room for a third manufacturer, let along operating systems http://www.theverge.com/2016/2/3/10894200/android-smartphone...


No, it doesn't -- It just shows that people google "iPhone slow" more when new models come out / Apple releases major versions.

> No matter how suggestive, he says, the data alone doesn't allow anyone to determine conclusively whether their phone is any slower.

> There are other explanations for why an older model iPhone may slow down, he claims.

> For instance, the latest version of the Apple operating system, iOS, is always tailored to the newest device and may therefore not work as efficiently on older models.


Do you have a source for that? Curious to read it.


Well, regarding hardware and UI styles you actually have a lot of choices on the Android side.

And it is really hard to argue that Google intentionally slows down old Android phones.

The source is available for everyone to study and you can root most devices and install Android versions that don't even use any Google software.


I could maybe see as a good thing from a security point of view, although I'm not sure if bricking is the right solution here. If my self-driving car gets hacked (whether physically or its software), I'd rather it stopped working than let it drive hacked.


Where did the hacked self driving car come from?


This is still not as bad as the newer laptops in which TPM is soldered onto motherboard and the OS won't boot if it's damaged. You can't even get it repaired, even by the manufacturer without getting a brand new motherboard.

Hardware level security is important, but one must know that whenever you involve hardware into the equation you must allow for collateral damage.

Trusting trust is hard. You can't expect the verifier to verify the security module you got changed from the guy in a basement. Might as well get the OS and kernel from the same guy too.

The reason this disables your phone is the same reason you see a red page when using self signed certificates. The guy vetting you isn't vetted himself. Now there is a case to be made that Apple should just show you a warning and let you use the phone. But this isn't about protecting your privacy, this is about protecting privacy of the guy whose phone you found.


How often do you damage a chip on your motherboard? Or need to replace non-capacitor parts on it?

This is such a problem because it's stuck to the screen, and people need to replace screens all the time.


This only affects the home button. If you replace the screen and keep your original home button, there is no issue.

I co-own a repair shop. We have known about this for a while. We won't replace home buttons for this reason. But we replace hundreds of screens a month with no issues.


Apologies if this sounds rude, because that's not the intent. How can you be sure that people whose screens you've replaced don't then get an "error 53" when they later come to do a software upgrade? Because that's the only time it shows up. Would they know to come back to you about it (possibly shaking fist)?


Sorry for the late response--I just now saw this. We've fixed thousands of screens at this point--we'd have an angry mob if screen replacements caused the issue!

Yes, we have had people come back with Error 53; that's how we knew it existed a while ago. All of them had either had their home button replaced or water damaged. We were able to successfully recover one of them after the Apple Store told the guy there was nothing they could do. It was a water damaged home button and we were able to clean the corrosion off of it by soaking it overnight in a special solution. It came back the next day. If your original home button stops working, though, you are screwed.


Out of three things -- thin phone, hardware level security, and cheapness of repairs -- you get to pick two.

FWIW, I've lost 2 chromebooks to TPM failure in 18 months.


I was under the impression that it wasn't hard to keep the old module when replacing a screen, just that people hadn't always done it.


Alternative: Apple stops NSA, China, crooks meddling with TouchID during repair.

https://twitter.com/charlesarthur/status/695709113964195840


Alternative alternative: Apple wants you to pay Apple a premium to repair your device.


The stated rationale is that it's reasonable for a security-critical device to self-destruct if it thinks it may have been tampered with. Unfortunately this is a phone which costs a lot of money and has much of the user's life stored on it. I wouldn't be surprised to see Apple sued over this; I don't know what the interaction of the Sale of Goods Act and remote-bricking is.

I was thinking along similar lines recently when someone sent me an email to an old PGP key - I was able to dig up the key, but had long since forgotten the password. Do you want your computer security system to fail-open (leaking your stuff and potentially exposing you to fraud) or fail-closed (losing data which may be irreplaceable and of emotional significance)?. It's not obvious. But if you store your photos on your phone, you should probably back them up to the cloud - and to a different system that is not under the same account, either locally or another cloud. User-friendly crypto may be possible, but user-friendly key management is a total nightmare.


Apple have been accused of copper-bottoming the rules when relatives want to get access to a dead person's phone.

Apple only really need a death certificate and certificates of probate; but Apple insist on different court orders.

So I'm not sure if SOGA etc will affect Apple here.


> Apple have been accused of copper-bottoming the rules when relatives want to get access to a dead person's phone.

> Apple only really need a death certificate and certificates of probate; but Apple insist on different court orders.

Huh? Why should next of kin automatically be entitled to all someone's personal information?


> has much of the user's life stored on it

Stores life in fragile device

Fragile device breaks

Dies


You may not like it, but this is how non-techy users use computers and phones.


We techy people have let them down, in that case. It should be safe to crush any of my terminals under a tyre and lose nothing.

I learned 15+ years ago that the OS should have that as standard, with no privacy issue either. It is crazy that it is not baked in already. It's not even difficult.


Albeit necessary to check the authenticity of components such as the TouchID sensor for security reasons, bricking the phones seems extreme. Why not simply disable Touch ID? This is them asking for a lawsuit.


I wonder if it's really bricked -- could a downgrade to the previous OS version help? (Admittedly, it's not that straightforward for normal consumers.)


It is frustrating the the language of MA 'right to repair' doesn't extend to devices. https://en.m.wikipedia.org/wiki/Massachusetts_Right_to_Repai...


All these comparisons to car warranties, and more specifically how in some countries there may be a question of legality. The U.S. has similar laws that car dealers can't deny warranty coverage because of third party repairs. IANAL, but it would be interesting to see how this translates to phones (or any other similar asset).

http://www.consumer.ftc.gov/articles/0138-auto-warranties-ro...


Later updates from Apple have said that they'll replace the touch sensor and other hardware if necessary.

I'm curious; although auto makers can't decline warranty coverage, does an "authorized maintenance" shop change the dynamics?


Has someone made unintentional medical joke with this error? It reminds me of https://en.m.wikipedia.org/wiki/P53, which is responsible for apoptosis - programmed death of cell.


Could be intentional.


The way they've reported on this seems a bit misleading. Isn't it just that the third-party repairers haven't reset the security mechanism after replacing the home button?


If third-party repairers can reset the security mechanism, then the security mechanism won't protect against actual attackers.


The problem is, Apple refuses to reset the security mechanism after such repairs have happened.

Ergo, Apple is bricking phones as some sort of misplaced revenge-like behavior.


This doesn't follow. Apple refuses to reset the security mechanism because it can't verify the integrity of the repair.

Call it revenge like behavior is just you attacking Apple. It's certainly incompetent or unanticipated and poorly handled, but it's an attempt to maintain their security promises.


The phone is still useful without the finger print reader, it should just degrade.

I don't know anyone who uses the fingerprint reader or the purchasing functionality.


Should it matter?


Wouldn't a better idea be to simply display an error message to the effect of "your phone has undergone untrusted changes, please bring to your nearest Apple store" rather than bricking the whole thing?


This, or simply allow it to be completely reset a la Android or Chrome.


Or just after you enter your PIN (which can override the fingerprint reader anyways) notify you that the sensor has been replaced and reset it.


People in the US should be complaining to the FTC. In the very least, for phone's under warranty, Magnuson-Moss should apply if Apple isn't fixing these problems for free.

https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warranty...


I think it's utterly reasonable for the device to shut down if it detects what looks like tampering with a high-security component. It's frustrating, sure, and the error message is beyond poor, but the behavior makes sense. It's not about preventing third party repairs.

It is unfortunate but true that high levels of security ultimately require trust, and that means that some things we used to take for granted will fall by the wayside. Third party repair of what are now secure components may be one of those things.


I guess "iPhone 'disabled' if Apple detects key security component replaced with unauthorized version" wouldn't get as many clicks.


I'm not sure I understand what exactly happened here. Was it previously possible for non-apple engineers to replace the home button or was it not? The guardian's article seems to suggest it was: "Indeed, the phone may have been working perfectly for weeks or months since a repair or being damaged."

If that is the case and it was possible to replace these sensors before, apple's narrative that the "error 53" code was introduced for security reasons doesn't seem to make a lot of sense: If the hardware sensor wasn't designed with secure authorization (e.g. via asymmetric cryptography) in the first place, all they could do now in a software update would be to add some kind of cosmetic device ID check.

However, any such newly introduced check in software could not actually prevent "malicious sensor" attacks but would only add a (possibly trivial) additional step to the attack where you have to spoof the correct device id.

Or maybe my reading of the guardian article is imprecise and replacing the home button has always meant loosing access to at least some security-relevant features?


You can get the button exchanged, but since each one is coupled with the secure enclave co-processor, touch ID doesn't work anymore. But home button still works, so does the phone encryption, you just can't identify yourself with the fingerprint anymore. If you go and try to add a fingerprint, it behaves like you have a muddy finger and can't scan it. But this ain't an issue since encryption is done by a PIN code first, then fingerprints are used as a more convenient way to unlock.

Frankly the device bricking is BS, since the encryption PIN code is still there and unknown to a possible attacker. You just can't use the victims fingerprints to unlock it anymore, or attach a hacked fingerprint reader, because it still won't be able to access the secure enclave to open and get the PIN code.


Third-party repair shops have never been able to correctly replace the TouchID sensor.


Now might be a good time to make a donation to the EFF.

https://www.eff.org/issues/right-to-repair


Could this be a protection against selling stolen iPhones? As I remember a "broken TouchID" rates pretty high as a shady phone. Does anyone know how does this work? Can you reset a stolen phone or do they just sell those as parts nowdays?


This would be a great theft deterrent, if you could remotely brick your iPhone.


One more proof that you don't own your device?


I love the sentence: >He had to pay £270 for a replacement and is furious.

He was so furious that he bought a second iPhone which had the same fundamental design decisions and would fail in the same way if he got it repaired by a non-Apple repairer. No wonder Apple doesn't give a damn about this - everyone is just buying a new phone from them.


I don't see why people are upset or surprised about this. Apple is a pioneer in making electronics difficult to open up and play with.

It has always been their approach to control every interaction that every customer has with every part of their business and every product produced by it.

Accept it or use something else.


upset or surprised

suprised maybe not so much, but it seems pretty obvious one would get upset if his/hers go-to device is suddenly rendered practically useless?


I accept your correction. In fact, now I think about it, essentially 0% of apple customers would likely be aware of this possibility at the time they make their purchase. I should have considered that most consumers won't follow stories like this as closely as the tech crowd.

I do stand by my assertion that it is legitimate for apple to behave in this way though. They get to present their business as they choose to just like any other company and the customer get to choose whether to accept their terms. Personally I don't but, empirically, most other people seem to.

I would however support requirements (as legislation) that consumers should be made aware of such practices at the point of purchase such that they can factor it into their buying decision.


Yeah, Apple are evil geniuses. They are prodigies at making money and expanding their business, at the expense of their users. It also seems like a majority of people on this site have some kind of Stockholm syndrome with regard to Apple. I guess making people reliant and locked in to their system is part of their genius. Of course people in that situation will find ingenious logical contortions to go through to justify their continued faith.

Also, mass downvoting of this comment in 3. 2. 1 ...


https://news.ycombinator.com/newsguidelines.html

Please don't bait other users by inviting them to downvote you or announce that you expect to get downvoted.

You will, of course, be down voted – because of your childish insistence that anybody who thinks differently from you is suffering from some kind of illness.


I feel like a hypocrite criticising this one. Security has always been a tradeoff against convenience. I've been, overall, happy that Apple's starting to take the security of personal data on a very losable device seriously.

I mean, not to gloss over it. I just got stung €320 for a screen repair, and I won't pretend I'm at all happy with that. But I have to accept we can't have it both ways - if we're demanding tough encryption, we have to accept the inconvenience that comes with it.


The problem here is not so much that the devices are being bricked as the fact that it's coming as a nasty surprise. People needed to be warned about this, and the warning needed to happen before they bought the phone.


So much for owning something you thought you owned. This has happened again and again, and will increasingly happen in the future under whatever disguise, security-wise or not.


Something suspiciously like this happened to me on a second-hand iPhone 6 I bought a few weeks ago. Talk about crappy timing.

Everything pointed to a software issue, but every repair person I took it to (both apple and non-apple) kept saying it was a hardware fault.

Touch ID stopped working and the phone drains super quickly despite not being in use. Hoping Apple can provide a "fix", not gonna hold my breath though.


I got a second-hand 5S last year with faulty Touch ID, the seller admitted that it didn't work and didn't even notice because he never used it (at the time also many Touch IDs stopped working after iOS 8 updates). I got a lower price and a friend took it to Apple Store in Germany (had couple months warranty left), where they tried to change the display first, then swapped it for a new unit without issues.


I'll take it as a positive that there is a good chance if someone tampered with my device my information is still secure.


I feel for both sides of this issue. As a consumer I am upset that I am essentially being forced to either buy a new iPhone or do my repair via Apple (do they even do all repairs?). Although, as a business I understand not wanting third party repairs as those can damage your brand if done incorrectly.


I think it is a design flaw, putting a security component in a common fail assembly, a fragile glass cover. Sony chose to put their touch ID sensor in a side button. I wonder if they thought of this, it sure looks like a smart design decision in light of this.


I feel for both sides of this. On one hand, as a consumer, I think it's unfair to force users to either buy a new iPhone or do repairs via Apple (do they even do them all?). As a business, I understand how non-Apple repairs can damage a brand.


This is just the beginning.

High prices and resale values have spawned a substantial and apparently growing 3rd party repair and refurbishment market for Apple mobile devices. Beyond the dodgy corner unlock shops, multiple national chains have sprung up over the last 2 years where I live that advertise heavily on broadcast TV.

Apple clearly sees this as money left on the table and they're concerned about the emergence of a comprehensive parallel supply chain for repair parts. Bricking end-user devices is one of the few levers they've got to try and shut down this industry, since there's no way to effectively identify and pursue the upstream suppliers in mainland China.

Sucks for the users, though. I wonder if Apple will still be selling devices at all in 5 years, or if they'll only rent them out for €25/$25/£25 per month. Ultimately that'll probably be the only way to get the control they want.


Broken 5s screen - took it to a local repair shop in town. He indicated that they just replace the whole screen unit - takes about 8-10 minutes. He shared some numbers too.

The conversation was from last... sep I think, and he was referring to a change a few months back. They had been able to buy the whole screen units for around $25-$30/piece, and his shop (owned a few) bought a lot of them - always kept a lot in stock. Earlier in 2015, he said, Apple started putting the screws on their parts suppliers, requiring them to destroy any overages or extras that didn't pass QA. This overage supply was where he and others would get their replacement parts.

He said that almost overnight, the prices on those screens went to $40 or more. They had a several month supply, but were already having to replenish at the higher price point.

So... Apple knowing about "third party repair" stuff, isn't all that new, but they seem to be taking more steps to actively prevent competition here. :/

re: "renting" - they'll probably still sell them, but all but force an icloud-style service for storage (probably still be selling 16g models when they provide 16mp cameras, and use up 6g for the OS). That or perhaps they'll just buy a carrier and you can be paying them $100/month for voice/data service directly, on top of $700 for a device.


People buy a high-end watch, like a Rolex. They can repair it if they have then knowledge. The problem is Rolex, and 99 percent of watch manufactures won't sell your, or your Watch Repair person the parts.

You need to send the watch to the factory for service, at factory prices.

So, when you buy a Rolex, your are actually leasing it? You don't truely own it, if you can't get the parts to fix it?

It's just another way to make money.

I didn't think Apple would irritate their customers at this particular point in time?

And yes, I too believe, "This is just the beginning."


Actually a majority of the watches, besides Rolex, in the <$5000 range use standard unmodified Swiss ETA movements, which can be repaired by any competent watchmaker. Very few watches in this price range use in-house movements.


http://watchguy.co.uk/swatch-group-parts-policy/


Thanks - that's really unfortunate!


I think IPhone owners intend their device to last longer than the typical Android. Making it harder to repair could undermine that. Apple need to make users believe that an IPhone is not just a disposable thing that lasts for 1 year in order to justify the high price.


I'm fairly certain that's illegal in Australia. It's called third line forcing.

Looks like Apple is, yet again, going to be investigated by the ACCC.


So basically you do not own your hardware.


The iPhone6 and F-35 share the same problem trying to detect approved or faulty parts. Funny.


Isn't this piece core to the virtual wallet/payment tech installed on the phone? Should apple's engineers have to put in friendly error messages if you exchange components in what's supposed to be a closed system?


Don't use smart phones. Just don't. It works for me.


Could someone explain what is the legal basis for this?


This type of move can't work now, because Apple is losing its mojo in a very fast pace.


yet another thing that anti-iphone people rile and iphone users don't care. The bricked owners will buy the next gen iphone and won't repeat the mistake of third party repair. what's the fuss about? yawn...


This is just to protect customers. </irony>


Wow, Apple hate like on /r/technology.


Lawsuit time, which Apple will lose


Correct me if I'm wrong, but from what I understand this is done to protect the customers from tampered with Touch ID sensors.

It may be overly paranoid but I can at least understand the motivation behind this. Changing the display also involves disconnecting the Touch ID sensor so technically a malicious person might have done something that exposes the user of the device in some way.

Statement from an Apple spokeswoman:

“We protect fingerprint data using a secure enclave, which is uniquely paired to the touch ID sensor. When iPhone is serviced by an authorised Apple service provider or Apple retail store for changes that affect the touch ID sensor, the pairing is re-validated. This check ensures the device and the iOS features related to touch ID remain secure. Without this unique pairing, a malicious touch ID sensor could be substituted, thereby gaining access to the secure enclave. When iOS detects that the pairing fails, touch ID, including Apple Pay, is disabled so the device remains secure.”

http://www.macrumors.com/2016/02/05/error-53-home-button-iph...


Yes, but instead of disabling authentication with the non-authenticated TouchID sensor it bricks the phone.


... until the old sensor is replaced.

Which is a good thing.

This is like complaining that forgetting your encryption password "bricks" your hard drive.

Yeah, apple deserves some flack for not making this known to 3rd party repair shops, but it's not a problem itself.


Did you really believe them when they said that?

Just like all other similar decisions made by other companies under the guise of 'protect[ing] the customers', it should be clear that this is no more than a guise. If protection is what they had in mind they'd simply disable any functionality which could be impacted by a dodgy part. Disabling the whole device has the single, self-serving purpose of channelling the cash flow from the repair businesses into Apple's coffers.


It sounds plausible, but none of us can know for sure as we don't have the source code and internal access at Apple. (maybe they can't just deactivate TouchID on its own, maybe they can but they want to protect the already existing fingerprint data on the device)

I don't see how killing the entire 3rd party repair network worldwide can create a positive outcome for Apple, because they are unlikely to even have the resources for repairing every device in a timely manner and with acceptable costs.

It's easy to say that they'll just earn more from repairs and sell more devices, but customer satisfaction is also important and I believe Apple takes issues that essentially brick devices very seriously.

It is also well known that they take privacy very seriously (although implementations might not be perfect), so I am inclined to believe that in this case privacy concerns have won against customer satisfaction concerns.

Edit: Apple Pay is also a _very_ important product for Apple, I imagine they simply cannot afford any issues that might make this seem unsafe to customers.


> I don't see how killing the entire 3rd party repair network worldwide can create a positive outcome for Apple, because they are unlikely to even have the resources for repairing every device in a timely manner and with acceptable costs.

Limiting the availability of repair services to the captive audience of apple-users probably increases sales. Those who have bought into the apple world are (for now) unlikely to step outside of the garden, so they'll replace their broken iThingy with a new one instead of 'just getting an Android this time'. Just look at this comment for an example of that attitude: https://news.ycombinator.com/item?id=11061800

> "... I've got better things to do with my time. I'd rather walk into the Apple store and replace my MBA or my iPhone when I've got a problem. That saves me time for my wife or my hobbies. Trade money for things that save you time, to spend that time on what's important to you (if you've got the money). ..."

This is the attitude apple would like to cultivate: solve problems by throwing more money at them.


> "the device remains secure."

A non functioning bricked device is more secure than a functioning device. Yes.


Url changed from http://www.bbc.com/news/technology-35502030, which points to this.


There is a strong bias, and the amazing thing is that its very difficult for the people who have this bias to realize it. As far as they can tell it is fact, and this is in large part because they live in a filter bubble where they only see things that confirm their bias.

For example: Articles bashing Steve Jobs get upvoted a lot more than ones praising him. Exactly the opposite for bill Gates.

Now if you look at Slashdot a decade before Hacker news the results for bill gates would have been the opposite of what you see here.

Effectively, Bill Gates' millions in spending to improve his PR have changed people's perceptions (they will argue that its because he's such a generous benefactor, because that's politically correct, alas, they won't look too close at the activities of the Bill and Melinda Gates foundation lest they notice he isn't.)

Google Good, Apple Bad, Leftism Good, Socialism Good, Basic Income! Global Warming is FACT, and anything you post that goes against this narrative risks getting you slow banned or hellbanned.

Hell, I was once banned from here for relating how I met Grace Hopper as a kid (in a comment on an article about Grace Hopper.)

I have no clue why that was hell ban worthy, after all she was the original "GRrrl in tech!!11!"

Welcome to hacker news where there are no hackers.


> Hell, I was once banned from here for relating how I met Grace Hopper as a kid (in a comment on an article about Grace Hopper.)

I don't believe anyone was ever banned from HN for that. How about let's see a link?

There's a cottage industry of HN users who go on about why they were banned ("because I supported Bradley Manning!" "because of my unpopular opinions!"). Pay attention and you'll notice that these complaints are always linkless. They never supply links to their allegedly innocent and suppressed contributions. Why not? Because then people could see what they really did do, and make up their own minds.

We make mistakes, and we're happy to correct them. But no way do we ban people for "relating how I met Grace Hopper as a kid".

We detached this subthread from https://news.ycombinator.com/item?id=11048013 and marked it off-topic.


For me, the real question is where have all the hackers gone? Years ago, there were high quality contributors here. They all had to go somewhere. When slashdot was dying, it was clear where everyone went (HN and Digg). This time around, it's not clear at all.


The culture changed.

Tech now mostly attracts (post)collegiate millennials chasing the startup wave (don't blame them, it's where there's chance of an actual job). You only have to look at the dwindling state of open-source right now to see proof of this. Add to that the post-Snowden cynicism that killed off what was left of cyber-utopianism and the free web, and it's that pretty clear that the hackers of yore grew up and weren't replaced by the next generation.


they just left. arguing with kids is boring


I wonder if that isn't the case. If that's true, that would be a shame, but I can't blame them.


I wish I knew, I would go there too.


[flagged]


We detached this trainwreck of a subthread from https://news.ycombinator.com/item?id=11047378 and marked it off-topic.


To counter the explosion of "fuck you" kind of comments, and as the father of a child with a developmental disability, thank you for pointing out this impolite and linguistically lazy behavior.

People who use "retarded", "gay", "autistic", "ghetto" (and so on) in a derogatory form are showing a lack of imagination, aren't introspective enough to consider how their choice of words makes others perceive them, and trivialize an entire group of people by subordinating them in their effort to demean someone else.

And that's the problem. It's condescending (and meant to be, don't tell me it's not) to call someone or something "retarded" when one is actually expressing an opinion that the person or thing is not worthy of merit, and history is rife with abuses that result from trivializing a group of people by distilling that group to a pejorative. "Fuck those short sighted motherfuckers," may shock because of the direct use of the glorious and multitalented root word "fuck", but it certainly isn't trivializing a group of people with a minor vision impairment, because short sighted is not the term used to refer to someone who is near sighted. It's borderline lazy, sure. It may offend someone's sensibilities, yeah. But choosing a word that one knows damn well trivializes a group of disadvantaged human beings ... that's profoundly different from dropping the occasional F-bomb.

It's not about political correctness, it's about recognizing that one's choice of words can carry a great deal of meaning that diminishes the intended effect of those words. In some cases, by literally dehumanizing a group of people.

It's not "colorful language", it's lazy and careless prose.

And to any current reader of this comment who thinks such pejorative language is okay in civilized company: either this post changes your mind, dear reader, or it doesn't. Using what you think to be clever analogies, closed-minded logical fallacies, or meritless affirmative defenses ("but, freedom of speech!") is encouraged, if it makes you feel better about yourself to put me in my place for feeling the way I do about this kind of language. Your right to free speech is no different from mine, I won't stop you. But I also won't waste the expression of my free speech rights by trying to argue with someone who doesn't acknowledge that maybe ... maybe ... they're wrong, so please feel free to satisfy that desire to get in the last word.


Thank you for taking the time to share.

I personally am aware of zero instances where anyone associated with a developmental disability is comfortable with the use of the word 'retarded', in any context. (Please note: this is not to say such a thing does not exist!) Empathy is a worthy reason for voluntarily restricting my personal speech, and I appreciate others willing to take people like you into consideration here on this forum!


In any context ? Seriously ? (genuinely curious...)

You are suggesting that they would be uncomfortable with:

"we applied the fire retardant at the base of the flames..."

"the growth process was retarded by the application of too much nitrogen fertilizer..."

"his social development was retarded by the lack of same age peers in his neighborhood..."

Again, genuinely curious - are we expected to contort our language around these concepts now ?


I'll take you at your word that you're not trying to be clever, and that you're genuinely curious, and thus not interested in an argument that must be won. And, so, I'll do my best to elucidate in an attempt to satisfy that curiosity.

I suspect that the poster is referring to the whole of his experience as the pool of contexts in question, and thus can state that he knows of no one who is comfortable with the word choice - given that most people don't use the word "retarded" as the past tense of the verb "retard", which means to hold back or slow down, I'm inclined to agree.

Retardant is not in question. The use of retard as a verb as it's intended to be used is not in question. The vast majority of utterances of "retarded" are used as a pejorative adjective, so while I see your point, I think you're missing his: The reality is that the adjective form of retarded is, in nearly all common-use cases, a careless diminution of those with developmental or learning disabilities, as it serves to suggest the idea/thing/person could only have come from someone with such a developmental or learning disability.


>when one is actually expressing an opinion that the person or thing is not worthy of merit, and history is rife with abuses that result from trivializing a group of people by distilling that group to a pejorative.

What I don't quite understand is why it trivializes people to use a disability as a pejorative, but it apparently doesn't trivialize people to use a disease as a pejorative.


Since you don't seem to be arguing, I would like to understand what you mean? Did I use such a pejorative? I'd sincerely like to know - if, that is, your query is sincere as well.


I'm just musing, and hoping someone might have an explanation. Language is complicated, and emotionally-loaded words are especially so.

Let me put it this way. If I call someone cancerous, I'm not trivializing the group of people that have cancer and distilling them to a pejorative. In general, if I use a disease as an insult it's fine, but if I use a disability as an insult it's usually offensive. They're both afflictions, but they're treated differently in uncountable ways.

I could list some reasons, but none of them really feel like they get at the root cause of the difference. Do you have any insight?


Perhaps it's related to self-identification? People don't self-identify as cancerous, the cancer (or disease?) is an external actor invading the body. Whereas a disability is a feature or aspect of one's body.

(I don't have first hand experience with either, so I'm just musing too..)


Thank you for writing that. It is very well stated.


Do watch these:

https://www.youtube.com/watch?v=vuEQixrBKCc https://www.youtube.com/watch?v=NXWBvB4U-cA


[flagged]


[flagged]


Please bear in mind the use/mention distinction.


Why can some people say it and not others? How aware are you of the history of race relations in the USA (i.e. where should I start my explanation)?


Well, this is awkward… http://www.dailymotion.com/video/x2zzikm


What would you suggest instead and why?


Call it what it actually is: short sighted, greedy, foolish, etc. Don't use a word that puts down people with disabilities.


I'm sorry, I did not mean to offend anybody but my reading of the word is that it has two meanings, one of which is 'stupid or dumb'. I'll update the comment.


Your reading is correct. But there's always going to be people complaining about word choice even if your meaning is perfectly clear and inoffensive.


That may be true but it does not cost me anything at all to change the text so that it does not offend and in that sense it is an improvement.

At the same time I see HN slide towards reddit just one little bit more with all the 'you insensitive clod' comments lately and that is sad too.


At the same time I see HN slide towards reddit just one little bit more with all the 'you insensitive clod' comments lately and that is sad too.

If you don't want HN to slide that way, then I suggest you not give in and change it back. After all, I think offense is entirely in the mind of the beholder.


> After all, I think offense is entirely in the mind of the beholder.

Especially when the beholder is not himself or herself part of the group.


I think it's worse than that, it's sliding towards Metafilter, where half the conversation is derailed by meta comments and whether it's appropriate to talk a certain way.

Screw that.


Of course, you'll only be changing text to accommodate people who are vocal about what offends them.


It's less about HN vs. reddit and more about society at large. What sorts of rude and derogatory words do you feel the need to say where you can't pick a synonym?


I speak quite a few languages, and most of them badly, good enough for communications needs but not precise enough to win me any literary prizes. If we were having this discussion in Dutch I would definitely not pick on you for using words that may not be precise enough or that might be offensive to you simply because I'd assume that you must have learned your Dutch from other people speaking it and using it in your vicinity, coupled with media such as movies, books and so on.

I've seen the word 'retarded' used in the exact way I used it above in many places and I've checked the dictionary and it has a simply secondary definition ('Dumb, foolish') which is roughly what I intended to convey.

Since giving offense is not one of my pet hobbies I edited my comment but had the situation been reversed I would have definitely afforded you more leeway.

To me 'retarded' did not seem rude or derogatory until you pointed it out, judging by the number of other people that are actually native speakers that use it in that exact same way it seems to me that you have your work cut out for you.


I can appreciate the language barrier and I thank you for changing it when I pointed it out.

As for having my work cut out for me, I definitely expected this to happen (maybe not to this scale). HN tends to attract the kind of person who thinks that anything is fair to say any time, regardless of who it might hurt, because HN tends to attract people of massive privilege, many of whom have never been the victim of societal discrimination.


This could go two ways. One way would be where people appreciate your efforts and change their tone. Another way this could go is that people will stop participating. Either way you will likely get what you want.


By the way, "dumb" means unable to speak, or mute. Using "dumb" as a synonym for stupid is as offensive as using "retarded" as a synonym for idiotic. Which, in my opinion, is not at all.


The words idiot, imbecile and so on used to have a technical meaning of someone landing in a specific IQ range. Idiotic is a synonym of retarded.


"Mentally retarded" used to be a medical term too. They just renamed it to "intellectual disability" after "retarded" became more widely used as a slur. https://en.m.wikipedia.org/wiki/Intellectual_disability


They don't want you to be able to say stupid or dumb either


It's certainly isn't as bad as an ethnic slur, but I feel strongly that it shouldn't be used in polite conversation. It's a matter of being considerate to your audience.


And sugarcoating speech show disdain towards the audience. Anyway - how is the political correct way to retard a dough in a fridge?


Retard has two uses. If you're talking about watch mechanisms or dough in the fridge the word retard is perfectly fine, no-one cares about that use.

The word retard is hate speech, linked to actual real world violence. And that violences is very common.

https://www.mencap.org.uk/sites/default/files/documents/2009...

> A survey by Mencap of people with a learning disability has found that nearly nine out of ten respondents have experienced bullying in the last year. Two-thirds are bullied on a regular basis and almost one-third are suffering from bullying on a daily or weekly basis. People with a learning disability face prejudice and widespread discrimination that often makes them feel like outcasts and prevents them from taking a full part in society. Public attitudes in the United Kingdom towards people with a learning disability remain discriminatory. The Mencap survey suggests that the bullying of people with a learning disability is institutionalised throughout society.

How they described bullying:

> The following behaviours were most frequently cited: kicking, biting, name-calling, teasing, stealing, pushing, threatening, having things thrown at you, being told to leave a building, hitting, being shouted at, swearing, demanding money, hair-pulling, throwing stones, spitting, poking, being punched, being beaten up, having one’s head banged against the wall.


I did not contest the facts. But not using the word retard won't help any way. They face prejudice and discrimination because of their condition, not of the way said condition is called. And if we change the word with other - the other word will still be used as an insult. Because the condition itself is highly undesirable. No one wants to have it.


But simply not wanting to be inflicted with a condition is no excuse to dehumanize people who are. Perhaps part of the problem is simply people mocking eachother for being different, but another part of the problem is the cultural normalcy of abuse promulgated by linking diagnostic terms with definitions of global inferiority. Language is the very matrix from which thought arises, so real-world usage of words can alter people's perceptions.


> Call it what it actually is: short sighted, greedy, foolish, etc. Don't use a word that puts down people with disabilities.

No. Language is a liging thing and the meaning of a word can change overtime.

"Greedy" is not the word that applies in this case. Nor is "short sighted". This is a retarted and dangerous behavior, and you should not be afraid to call it for what it is.

See above example with the car and try to imaging is the following happened: you have to drive immediately to a hospital and your car doesn't start because your tire was changed by a non-authorized service.

"Greedy" and "short sighted" are not the words that come in mind. It's a trully retarted and dangerous decision, initially driven by greed (because let's make computers like black boxes, no-one can open it, no-one can mess with it).


What makes you think it's driven by greed?There is absolutely zero evidence for this assumption, and the alternative explanation - that it is a poorly implemented attempt to keep their promises about the security of Touch ID makes perfect sense.


Does fire retardant put down people with disabilities? He used a normal word in a right context. He did not write "retards".


But that's not the same definition as the word he used. Fire/flame retardant basically means "fire delayer" Run that through the original sentence and it becomes nonsensical: "It's totally 'delayed' that a functioning phone is bricked by an update".


In my dictionary it coild also be It's toally backwards that.... Does it make sense now? Fire retardant example was to show you that the same word can be used in many context and not all of them have anything to do with offendong handicapped people. oh wait that word is now also politically incorrect.


"Short-sighted" is a visual disability.


Did you just say short sighted? Not everybody has perfect eyesight, you know, but that doesn't make us stupid. You hater, you.


People with learning disabilities face significant levels of violence and discrimination.

People with short sightedness, not so much.

No one kills a person who is short sighted just because they are short sighted, but this routinely happens to people with learning disability. Not just random fuckheads in public, but doctors will put people with LD under DNR orders without the knowledge or permission of the person or their relatives just because that person has LD and the doctor can't imagine any quality of life.


Baning the use of one euphemism in favor of another has never resolved the root issue and will not do so now.


Ironically, you just helped him make his point.


Reductio ad absurdum.


Are people with myopia discriminated against in society?


Absolutely. There are jobs that discriminate against people with eyesight disabilities (some aircraft pilot jobs, for example) and there are many products that don't account for people wearing glasses.

People with glasses are widely stereotyped as nerds or geeks and often experience bullying.

People wearing glasses were also reportedly targeted in mass killings by the Khmer Rouge due to that same stereotype.


It's not discrimination if the ability in question is a bona fide occupational qualification. If you can't see well, you can't fly safely.


Physical ability and job qualifications are a central issue in the debate about discrimination in hiring. It's not just limited to disabilities, since the same debate has repeatedly taken place around the issue of whether women are physically qualified for certain jobs, as can be seen in the current debate over whether women are physically qualified for special operations roles in the US military.


Would you consider it discrimination if, for example, consumers are more likely to be influenced by a white athlete spokesman than a black one? And so, the white ones gets paid more?


> Are people with myopia discriminated against in society?

Yes. I am offended by the small letters in ads.


And how has that led to you being passed over for employment or otherwise put you at a disadvantage when competing with others?


<irony> Because wearing glasses makes me feel insecure. </irony>

Yes, a person with disabilities can be ridiculed and feel like crap. A fat one can too. Also one with glasses, long hair, or long nose (or very short, let's include them too, it's the PC thing to do).

Where do you draw the "disadvantage" line?

As much as you are being offended when people are using a series of letters that forms certain words, so do I when people act like irresponsible children putting blame on random words.


> ridiculed and feel like crap

It's not about ridicule. It's not about offence. Why do people always make this same point about offence?

"My freedom of speech allows me to say what I like; FUCK YOU if you want to use your freedom of speech to tell me how much harm my words cause"

People with LD have been subjected to genocidal actions; they've been forcibly sterilised (without their (or their family's) knowledge or permission; they've been used as the subjects of harmful medical experimentation (again, without knowledge or permission); they often find themselves under DNR (without knowledge or permission); they face levels of bullying higher than other other group; they face levels of discrimination higher than any other group; this bullying and discrimination is bad enough when it comes from people in society, but it's often coming from care professionals; they are deliberately excluded from most of society who know nothing about LD.

About "it's just a string of letters" (there are a few strings I'd like to use about you but on HN it'd probably get me a ban): http://www.eurekalert.org/pub_releases/2016-01/osu-wys012616...

> researchers found that participants showed less tolerance toward people who were referred to as "the mentally ill" when compared to those referred to as "people with mental illness."

> For example, participants were more likely to agree with the statement "the mentally ill should be isolated from the community" than the almost identical statement "people with mental illnesses should be isolated from the community."

> These results were found among [...] and even professional counselors who took part in the study.


> "My freedom of speech allows me to say what I like; FUCK YOU if you want to use your freedom of speech to tell me how much harm my words cause"

But they can say FUCK YOU to people who say things they don't like because that's freedom of speech too. Then those people can say FUCK YOU back and have a whole steaming flame war. It's all speech. It may not be productive, and you may not want to participate in it, but there is no law preventing anybody from doing it.

It's only when somebody passes a law against it that it becomes an affront to free speech.


He wasn't disparaging the differently abled. You have just failed to understand what was said and in the process have made a retarded comment.


But you have to be a little disabled to find such an idea worth to be executed?


No?


Wow. It's 2016, and you're still saying bigoted words like "fool." My great grandfather was a court jester, and he was a very intelligent man. Why don't you read up on the history of tyrants and entertainment before you go throwing around such hateful speech.


Using the word retard victimises a group that is already significantly marginalised while simultaneously not doing much to the intended victim. The word has a greater affect on unintended, innocent, victims than the intended target.

If you're talking about IQ less than 70 use whatever is relevant in the country you're in. In the US this is usually intellectual disability (which is a subset of learning disability, which in US also includes eg dyslexia which doesn't have IQ requirement), but for some small groups it might be retard (although other groups see that as hate speech.)

If you're talking about a difficult to understand action call it dumb or stupid or idiotic or almost anything but retarded.

In the UK the word retard is pretty much equivalent to kikes or nigger or faggot. I'm not sure people in the US recognise that when they say retard people outside the US see a word like nigger. If that's the level of offence you want to create then sure, go ahead.


> Using the word retard victimises a group that is already significantly marginalised while simultaneously not doing much to the intended victim. The word has a greater affect on unintended, innocent, victims than the intended target.

That clearly isn't what the word means today.

"Our son was having trouble in school and his counsellor suspected he might be retarded. We brought him to a retard house with a reputation for taking good care of the retards and the doctor said that he was, indeed, retarded."

That's the sort of thing you might have heard in 1905 but not today. It means something different now. Which is why it's now inappropriate when applied to a person with a learning disability. But the target isn't a person with a learning disability, it's a multinational corporation. The point isn't that Apple has a learning disability, it's that they're being retarded. There isn't another word that means quite exactly that.

It's essentially the same argument as the people who say not to use the word hysterical because of its history. That's not what it means anymore.


I haven't heard the word "retarded" used in earnest to refer to intellectual disability (the replacement term) for at least a decade, and probably closer to 15 years. Note that this is a textbook case of the euphemism treadmill, where whatever term is used to intellectual disability eventually starts getting used as an insult and thus the term is changed. Eventually the old retired terms become fairly acceptable as insults, like "idiot" and "moron."


I'm not sure if you are correct or not but you just blew my mind. This is an amazing comment.


> If that's the level of offence you want to create then sure, go ahead.

WTF? Did you make that all up just to be able to put me down? Really, what a disgusting comment. I used a word that has a dual definition according to my goddamn dictionary and asked politely for an alternative and reason and edited my comment long before you posted this and yet you feel that you should use this to pretend that I like to create a certain level of offense when I clearly went out of my way not to.


Almost very proposed alternative means somethig exactly equivalent to "retarded", a medical word for a disability. It's a euphemism treadmill.

Dumb = mute

Idiot, moron = low IQ

Lame = non-functioning limb

The problem is not choice of words, the problem is insulting someone by calling them "low intelligence" instead of short-sighted (oops! That's a visual disability) or careless or selfish or unimaginative or impatient.


you can't say anything anymore in the us because of the pc police


Your statement could indicate a range of opinions ranging from ones I agree with to those that are merely a fig-leaf for blatant racism.

I'm afraid you'll have to express yourself in some more detail and avoid hollow cliches. This is a complex and nuanced debate.


well that's the problem

you can't say anything anymore without qualifying it to the nth degree and sugarcoating it and making it as bland as possible, just in case someone somewhere feels that some thing you said was some how offending


there is such a thing as being overly polite, to the point that your speech is just bland platitudes when your main concern is not offending anyone

and guess what? even then, people are going to get offended

there is a limit to how much you can sugarcoat everything you say in public, and i think the us has passed that limit into oversensitive territory

you are right, it is nuanced

my strategy is to say "sorry" when it's due, rather than overthink every minute iota. of course, i'm not running for office and i don't live in the us


I find the way racism become THE WORST THING in the world wildly amusing. There are 7 000 000 000 people on the planet and all of them are racist. We people are wired to dislike people not like us.


That's exactly because it's a strong, widely shared cognitive bias (wired or not) that it's so important to counter it culturally.

Countering natural behavior with culture is what humans do, for better or worse.


And how is that going for you so far?


Not sure what you are asking exactly (is that rethorical? Or do you expect a real answer?).

If you really care :-) :

I had the chance to be raised and still live in a very mixed part of Paris. There is racism, of course, and for example I can remember how kids of Portuguese descent were the object of mockery back when I was young. (That's significant because today it's put under the carpet as if it never occurred. It seems nobody even remember!).

That makes you think about bias, how bias turn into systematic racism, etc. That makes you discover how people of course cluster around commonalities but also like to share and connect with others when given a safe context.

Racism is quite pervasive in France, and for example younger generations make it a central part of their dialogue and jokes. But many people are working toward inclusiveness too.

Just like women equality and wealth sharing, non-discrimination is not solved thing in any given society: it's a constant challenge to tackle, probably without an end in sight.

It's probably the same for individuals: how can I be more inclusive? Less biased toward others?


I know a couple of Dutch people that moved to Portugal. Surprise, even after living there for 30 years they are still openly discriminated against. My guess would be that such discrimination is so much a part of human nature that (sadly) if you put two people from one group and one from another in a room you'll instantly set off a whole slew of innate responses resulting in the two siding against the one.

It's sad but that seems to be the state of affairs and I don't expect this to get any better in the next couple of centuries. Barring an alien invasion that gives us a reason to play 'us' against 'them' on a bigger stage I doubt humanity will be able to really overcome this particular hurdle. Which is sad because it is a large driver behind all the violence and misery in the world.


I think in practice it takes a certain level of sophistication and intelligence to understand, and be self-aware to the impacts of, racism. I have observed that it is very easy (if not entirely unnecessary) to convert higher IQ members of society to think in ways that are more equitable than race. Do you believe much progress has been made with those who are (to this day) perpetuating the racism? I think there is more awareness, but is there less racism? I also feel that certain "races" are being discriminated against (ie. Asians entrance average to Universities must be much higher than other races, due to competition). This seems to elicit less attention from those who are social justice inclined. I apologize for original message, came off colder than intended.


Given that he is engaging you intellectually and not engaging you with the lizard half of his brain (with it's large stick), I'd say quite successfully.


> We people are wired to dislike people not like us.

a) source?

b) what do you mean by "not like us"? in some ways, no human being on the planet is "like" me, in others, everyone is.


A) Any historybook ever. There was never a point in history in which purple didn't try to slaughter green for green being green.

B) Everything. Me against my brother, me and my brother against my cousin. Me and my cousin against the world. Likeness could be anything that a person deems important. Race, religion, football teams, harry potter vs lotr, dota vs lol.


>There are 7 000 000 000 people on the planet and all of them are racist.

Even if that was true, which it isn't, why do you think that means we should give up and speak or write carelessly? Why do you object to improvement/progress?


Yes it is true. In every country in the world there are marginalized people based on their ethnicity and religion.

Because it is neither progress nor improvement. Thought policing is harmful and stupid.


You can't use pejoratives against people's ethnicity or mental/physical disability in polite society. That's not the same as being actually oppressed, sorry.


That's how desperate Apple is.


The wonder of closed source


More reasons for not to be in Apple ecosystem.


Has anyone read full Terms and Conditions?

I think most of the people clicked / tapped / pressed "AGREE".

So here you go.


What really surprised me, and what most people don't seem to know, is that repairs at an Apple store are way cheaper than third party repairs.


Why the downvotes?

I got a Macbook Pro repaired recently and the Genius guy took me aside and said I got a great deal because they have a per-model, per-service visit price cap on replacement parts charges for repairs. Meaning that in one visit, you can get your Macbook repaired and replace the screen, the motherboard, the hard drive, the power board, the battery, the keyboard, pretty much the whole thing, and the price (for parts) is capped at around $280 for my particular model. The labor price is not capped but they are good at what they do, so the labor is super fast and ends up being cheap.

I had a similar experience with an iPhone repair, where my camera had dust in it. Apparently the best way to do this is a back cover replacement, and the back cover comes with the camera built in. I was pretty scared until I heard the price, which was I think at the time $30, way less than third party vendors charge for this.

Again the downvotes, for providing useful information, are really baffling here.


So stupid, it's like they are asking for a class action lawsuit


I haven't experience any error 53 codes on the devices I've repaired, but if this is true... Wow! That's really shady of Apple. I'm starting to get the feeling that the moves they're making (like charging for Apple radio [not Apple music], and now disabling phones with unauthorized repairs) is their response to their recent report of declining iPhone sales. Disappointing if this is true that these changes are at the expense of their end users and fans (and I am a fan).


This seems like a deliberate move by Apple, since they could've put the secure component ("TPM") on the mainboard, where it won't be as easily damaged, instead of the fingerprint reader. It's like an organism whose brain is in one of its appendages instead of its head...

Either way, if the skills of the Chinese (and other far-East) reverse-engineers continue to be what they are, I think workarounds will be found soon enough - from what I've seen, the repair people in particular are very resourceful and clever, and come up with "tricks" to fix things that the original manufacturer never even thought about. It's their core business; you can bet they'll spend a ton of effort on figuring out how. Apple's proprietary cable authentication chips have been cloned. The infamous Thinkpad BIOS password has been circumvented. Replacements for ink cartridge authentication chips (seriously) have appeared. There is always a crack.

I continue to find it amazing how effective the "security" excuse is; it seems you can get the majority to give up anything if you can turn it into some sort of argument about how it'll make things safer. Who doesn't want to feel safe, even if it ultimately results in society where every little thing you do is controlled by some huge bureaucracy? The old quote on security vs. freedom is so relevant today, but related to what I think will happen, here's a variant on that theme: "I wish for the insecurity that gives us freedom."


You DO have the right to repair your iPhone; it just has to be done by an official Apple repair centre.

I completely understand the downsides of Apple's particular approach here, and totally get why people want the right to use 3rd party repair services. I've used them myself in the past to save (a lot of) money.

But considering just how much of my life, financial and otherwise, is on my phone, I'm actually very glad that Apple has erred on the side of obsessive security!


Apparently, YOU don't have the right to repair your own iPhone then, only an official Apple repair centre does. You mean: You have the right to pay an official Apple repair center, and nobody else, to repair your iPhone.


> and totally get why people want the right to use 3rd party repair services. I've used them myself in the past to save (a lot of) money.

The BBC article talks about someone who was in Macedonia. Apple doesn't have repair centres there. What they did - try to repair their device in a non-Apple-served country - was about all they could reasonably do.

As Apple wants more of our life to be phone-oriented (payment details, wallet, physical data, etc) expecting 100% of people to be within X minutes of official repair centers 100% of the time is not workable, nor reasonable.

I get it - the home button is secure and might have been compromised. This was just horrible design - they failed to account for a failure mode, and default to a brick instead.

A warning bar or message on boot indicating "the touch id may have been compromised - all touch id features are disabled - please contact Apple" - while annoying - would have been reasonable.


That's a very disingenuous definition of "the right to repair." In fact, requiring that all repairs be done by the OEM is exactly the opposite of the right to repair.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: