• @nanometer@lemm.ee
    link
    fedilink
    English
    71 year ago

    You can’t wipe an iPhone that’s locked to an ICloud ID without the password of the account

    • @smeg@feddit.uk
      link
      fedilink
      English
      21 year ago

      If you have physical access to a device you can eventually do whatever you want with it, depends how organised the thief is

      • GreatAlbatrossM
        link
        fedilink
        English
        21 year ago

        Unless it’s changed recently, you can wipe a user from it, but you cannot disable find my iphone, which will prevent initial activation with Apple.

        And since it’s a brick without being activated following a wipe, it would only be usable for parts.

        • @smeg@feddit.uk
          link
          fedilink
          English
          11 year ago

          I posted a link to an article in another reply, there is software available which can use whatever jailbreak exploit to remove the lock. Basically no device is 100% secure, so there will always be some way in if you have physical access and enough time on your hands.

          • @Bartsbigbugbag@lemmy.ml
            link
            fedilink
            English
            1
            edit-2
            1 year ago

            You can’t jailbreak a phone without already obtaining full access to the device. So, unless people are jailbreaking their phones before giving them away, that is not a likely scenario. You also can’t use a phone that was wiped unless you first remove or have the credentials to the iCloud account associated with it. So, they could wipe the phone, and then it’s a brick. Only if they have the appleid password Can they wipe it and use it as new, and only if they have the Lock Screen passcode can they jailbreak it to wipe it via exploits.

            That said, there are other tools and methods, the most common being transferring a known good serial number to a locked phone, and remote iCloud unlocks are available from China, using the official Apple unlock servers, so not a technical exploit, but a human one.

            • @smeg@feddit.uk
              link
              fedilink
              English
              11 year ago

              Aren’t jailbreak exploits achieved by various means? i.e. if you’re exploiting some unknown software bug it could come from any source, right? Either way, this totally legit software claims it can do it, and I’m sure there are plenty of less well-advertised hacks available too.

              • @Bartsbigbugbag@lemmy.ml
                link
                fedilink
                English
                11 year ago

                Jailbreaks are indeed achieved by various means, but every single one of them requires the phone to be unlocked. I used to own a repair shop, so I’m rather acquainted with the tricks. I’d say 95% of those “iCloud unlock” services are scams, and the rest of them use apples official servers to do so as I mentioned above.

      • @frazorth@feddit.uk
        link
        fedilink
        English
        21 year ago

        I would be curious to learn more, as this is a much touted security feature. If it’s that easy to bypass then we need to understand the limitations.

        Do you have any more information on this?

        • 520
          link
          fedilink
          21 year ago

          The usual tactic is to send a phishing text to a number that calls it pretending to be Apple. They then get your Apple ID credentials and use that to unlock the device.

          • @frazorth@feddit.uk
            link
            fedilink
            English
            21 year ago

            How do you send a phishing text to a phone you have stolen? The owner would either not get the text, or get it via iMessage which the response wouldn’t appear on the stolen phone. I’m not following this tactic, so I’m obviously missing something.

            • 520
              link
              fedilink
              2
              edit-2
              1 year ago

              The owner tries to call the number from another phone, usually a mobile. The hope is that the phone was misplaced and not stolen.

              • @frazorth@feddit.uk
                link
                fedilink
                English
                21 year ago

                So the owner calls the phone, which is answered by the thief who pretends to be Apple?

                Interesting.

                • 520
                  link
                  fedilink
                  3
                  edit-2
                  1 year ago

                  They don’t necessarily have to answer. They can just note the number that appears on-screen and text it later from a different device.

                  Usually the next step for the owner is to try get into their Apple ID to access the lost phone functions. That’s where the texts come in.

          • blake
            link
            fedilink
            11 year ago

            As usual, people are the weakest link in security.

            • 520
              link
              fedilink
              11 year ago

              Exactly. The protections on the iPhone themselves are actually very strong for the time the phone released in. Unless you’ve got NSA-level hardware hackers in your org, this is by far your best bet.

              • @smeg@feddit.uk
                link
                fedilink
                English
                11 year ago

                Very much depends on your threat model. An iPhone is great if you trust Apple with the backdoor to your phone, if not then you’re probably much more secure with GrapheneOS.

                • 520
                  link
                  fedilink
                  21 year ago

                  I mean yeah, obviously Apple isn’t going to be able protect you much against a state-sponsored threat with their own private list of zero days, or Apple itself, but right now that’s a small amount of people either are truly interested in fucking over.

        • @smeg@feddit.uk
          link
          fedilink
          English
          21 year ago

          This is the first article I found (so I don’t know how reliable the software is) but one suggestion is a tool that seems like it just jailbreaks the iPhone and can then remove the lock. So basically find an exploit that allows you to get round the protection.

        • @dotslashme@infosec.pub
          link
          fedilink
          English
          21 year ago

          Not an expert in any way, but I would assume it is similar to having physical access to a computer. You would not be able to get into the existing device or retrieve data, but if you have stolen it and just to use the device, there are numerous tools to allow side loading of new blobs, that will bypass any restrictions.

          • 520
            link
            fedilink
            31 year ago

            In theory this is true, in practice the protections Apple puts in place tend to put even games consoles to shame. That plus the quick turnaround of iPhone hardware means by the time it is cracked, it was already obselete