This article originally appeared in TidBITS on 2013-09-18 at 10:40 a.m.
The permanent URL for this article is: http://tidbits.com/article/14113
Include images: Off

iOS 7 Locks Stolen iPhones to Prevent Resale

by Glenn Fleishman

In the June 2013 announcement of iOS 7, Apple emphasized changes in the Find My iPhone app and service. With good reason: the new version makes any iOS device far less attractive to steal, erase, and resell, plus it provides more location-tracking data. These improvements should reduce thieves’ interest in iOS devices because they won’t be easy to sell or fence, and might help law enforcement track down less-wary criminals more often.

Apple added this feature because mobile carriers (at least in the United States and several other countries) have shown little interest in helping their customers recover stolen mobile phones or eliminate the value of those phones at resale. Both GSM and CDMA phones have unique, burned-in hardware identifiers — the IMEI and MEID, respectively — and carriers know which ID is associated with your account. If you report a phone as stolen, the carrier could prevent that ID from being reactivated, provide you with information about its location, notify law enforcement, seize it when brought into a store, and so forth. Carriers do essentially none of that.

As a result, expensive smartphones with high resale value, like the iPhone, have become desirable targets for thieves, and account for a significant percentage of serious crimes in many cities. For instance, cellphone-related thefts [1] accounted for 41 percent of serious crimes for six months earlier this year in San Francisco, 40 percent of robberies in Washington, D.C., and over 50 percent of all street crime in New York City.

With iOS 7 and Find My iPhone, Apple now has the technology to stop iOS device theft in its tracks, although the company couches these capabilities in terms of “lost” iPhones, not stolen ones. No one wants to think about theft, but we all misplace things.

Enabling Find My iPhone is easy, and isn’t really any different than in previous versions of iOS. All that’s necessary is a free iCloud account. When you configure that account in the Settings app, you can turn on Find My iPhone with a single tap. What’s new is that, once Find My iPhone is turned on, you must enter the Apple ID password for that iCloud account to disable the service. Up to this point, savvy thieves knew to disable Find My iPhone on an unlocked iOS device immediately to prevent tracking — that will no longer be possible.

[image link] [2]

Of course, a thief could still power down the device, put it into a metal-lined box, or wrap it in aluminum foil to prevent it from broadcasting its location. But all that requires more preparation, and if it doesn’t happen immediately, the device could be reporting its location and optionally displaying recovery messages as soon as the owner marks it as lost via the iCloud Web site or the Find My iPhone app on another iOS device. That’s the first strike against crime.

The second — and most important — strike is that the device cannot be erased without entering the owner’s Apple ID password, preventing a thief from resetting a stolen iPhone to factory defaults before reselling it. Of course, if your iPhone lacks a passcode, it would still be somewhat usable, which isn’t ideal, but as long as it can reach a network, it continues to update its location. And, of course, you can opt to wipe it remotely. Even if the iPhone was off when the erase feature was invoked, the iPhone erases itself the instant it establishes any sort of network connection. Since the iPhone 3GS, a hardware encryption chip immediately destroys the iPhone’s contents by discarding the encryption key necessary to decrypt data. Once that happens, the data is gone, and can’t be recovered via forensic tools.

The third and final strike is that, even after the device is wiped remotely, the recovery messages still appear and the owner’s Apple ID and corresponding password are required to restore it to working order. So even if you wipe your iPhone remotely, you don’t have to worry about anyone else ever being able to use it again. If it’s later recovered, you can easily restore from your most recent backup, entering your Apple ID and password when prompted.

In short, if you have Find My iPhone turned on in iOS 7, your Apple ID and password are required to:

(If you want to sell or give your iOS device away, disable the activation lock by going to Settings > General > Reset > Erase All Content and Settings.)

There’s a final piece to the puzzle for which we don’t yet have the answer: does Find My iPhone continue to transmit the device’s location after it has been erased? Up through iOS 6, it does not. But since iOS 7 clearly must have a network connection in order to confirm the entry of an Apple ID and password, it could in theory continue to send location updates.

There’s a precedent, too. In Mac OS X 10.7 Lion, Apple replaced the directory-based FileVault with FileVault 2, which encrypts the entire disk. (iPhone models with encryption chips use essentially the same system.)

Lion also includes Recovery HD, a hidden partition that one can boot into in order to run Disk Utility, or even reinstall Mac OS X. When FileVault 2 is enabled, Recovery HD (since 10.7.2, and also in all versions of 10.8 Mountain Lion) adds a Guest User login, as long as the Mac’s owner had previously logged into iCloud.

That Guest User login is useful, because it boots into Recovery HD and allows a network connection and access to Safari. But it’s also a honeypot. If a thief were to abscond with your MacBook Pro, log in via Guest User, and connect to a network, Find My Mac would be able to report its location back to you, assuming you had marked the Mac as lost.

Even if a Mac marked as lost is simply powered up, if it’s near a Wi-Fi network to which it has previously connected, Mac OS X associates itself and starts transmitting location information. (I explained this more fully at Macworld in “Can FileVault 2 and Find My Mac foil thieves? [3]”)

Apple may be employing the same minor subterfuge here. Allowing a thief to power up a stolen iPhone and try to enter Apple ID passwords gives the device time to phone home. Will this lead the police to more recoveries? Hard to say. But it very well might help Good Samaritans to return misplaced iPhones, since you can now wipe a lost iPhone and still have a recovery message displayed!

Of course, just adding these features to iOS 7 won’t immediately turn an iPhone into technologia non grata. Thieves will still see them as quick returns on criminal investment for some time. But once word of the pointlessness of trying to resell a useless iPhone spreads among the intermediaries through whom stolen goods are fenced, we hope to see a significant drop in such thefts — and their associated intimidation and violence.

In the end, this subtle update to Find My iPhone may be the most important reason to upgrade to iOS 7. In fact, police officers in New York City are encouraging citizens to upgrade to iOS 7 [4] for this very reason.

[1]: http://www.networkworld.com/news/2013/051013-smartphones-driving-violent-crime-across-269665.html
[2]: http://tidbits.com/resources/2013-09/iOS7-turn-off-find-iphone.png
[3]: http://www.macworld.com/article/1163387/can_filevault_2_and_find_my_mac_foil_thieves_.html
[4]: https://twitter.com/Hoffm/status/381564392602480640