Error 53: Apple remotely bricks phones to punish customers for getting independent repairs

Iphone 6s that have been repaired by independent service centers are bricking themselves, seemingly permanently, with a cryptic message about "Error 53."

After much stonewalling silence, Apple has confirmed that Error 53 is invoked when the phone determines that it has been serviced by non-Apple personnel, and there is apparently no way to reverse the process. An Error 53'd phone is rendered permanently useless -- and the data on it is permanently inaccessible.

According to an Apple spokesperson, Error 53 is an anti-tampering measure designed to protect the integrity of the phone's biometric security system. The lockout is designed to protect users from trusting doctored fingerprint readers that might allow unauthorized access to their phones.

But the phones that Apple is remote-killing haven't been doctored: they've been fixed. There are many independent service centers for Apple's products where you can get your phone fixed more cheaply than the official rate. Independent service centers also thrive in places where there are no Apple service centers at all.

The debate over tamper-resistance and user security is at least as old at the idea of Trusted Computing. Back in 2002, Seth Schoen argued that the tension between user freedom and user protection could be solved with "owner override" -- a set of tamper-evident mechanisms by which a user can tell a computer that they approve of the modifications that the computer has detected.

Apple could certainly institute such a procedure, but they have chosen not to. Instead, Iphone customers are finding that their investments and data are being confiscated by a distant, high-handed corporation that gets to hide behind tens of thousands of words' worth of never-read, all-encompassing terms of service.

Freelance photographer and self-confessed Apple addict Antonio Olmos says this happened to his phone a few weeks ago after he upgraded his software. Olmos had previously had his handset repaired while on an assignment for the Guardian in Macedonia. “I was in the Balkans covering the refugee crisis in September when I dropped my phone. Because I desperately needed it for work I got it fixed at a local shop, as there are no Apple stores in Macedonia. They repaired the screen and home button, and it worked perfectly.”

He says he thought no more about it, until he was sent the standard notification by Apple inviting him to install the latest software. He accepted the upgrade, but within seconds the phone was displaying “error 53” and was, in effect, dead.

When Olmos, who says he has spent thousands of pounds on Apple products over the years, took it to an Apple store in London, staff told him there was nothing they could do, and that his phone was now junk. He had to pay £270 for a replacement and is furious.

‘Error 53’ fury mounts as Apple software update threatens to kill your iPhone 6 [Miles Brignall/The Guardian]

(Image: W. Foster Brick, Nottsexminer, CC-BY-SA)

Notable Replies

  1. Yes. I would rather my phone be destroyed than have an attacker gain access to my biometric data or implant malicious firmware. That's the whole point of secure, tamper-resistant devices.

  2. Much as I love cheap repairs, this is actually a good thing for security. Calling it punishment is being unfair to a company that focuses on your security above all else. (And yes, they make money in the process...)

    Your argument that there should be an override in place is dangerous and the source that you site is 13 years old. The system that Schoen was referring to was PC specific at a time when your phone could barely check email, let alone scan your fingerprint. Times have changed, our devices now have far too much private data to be treated like that.

    Here's why, I suspect, Apple implemented it this way. The scenario that they're worried about is the replacement of the legitimate TouchID sensor with one potentially compromised. If that is the case you have an internet connected device that can scan your fingerprints. That's bad. If you allow the user to override and enter the phone OS then even after a warning (which would be very confusing), they might touch the sensor. Off goes their biometric data to places unknown. That's very bad.

    If a reporter is detained at a border crossing, held for hours - which happens - you post about these events, and their phone hardware is compromised the phone should self-destruct before booting in order to make sure that information that they have chosen to encrypt is secure. Bravo Apple.

    Two minor points. First, as someone who attempted to have an iPad Air 2 repaired at a reputable shop they warned me that the repair would require the full replacement of the TouchID sensor. Second, this should have been implemented from day one. It's a better experience to have the device refuse to boot immediately so the customer can blame the shady repair company than to push this out with a software update.

    Security comes with a price. In this case, that means having your phone serviced by reputable dealers if that repair involves more than changing out some glass.

Continue the discussion

252 more replies