Posts Tagged ‘Find My Phone’

In the US, Factory Reset Protection (FRP) is a mandatory part of each mobile ecosystem. The use of factory reset protection in mobile devices helped tame smartphone theft by discouraging criminals and dramatically reducing resale value of stolen devices. Compared to other mobile ecosystems, Apple’s implementation of factory reset protection has always been considered exemplary. A combination of a locked bootloader, secure boot chain and obligatory online activation of every iPhone makes iCloud lock one exemplary implementation of factory reset protection.

All one needs to do is enable the Find My Phone option in iCloud settings. In fact, this option is enabled by default once you set up your new iPhone. After that, even if you lose your iPhone and someone else attempts to reset it to factory defaults, the device will be still locked to your iCloud account. Unlocking the device (removing iCloud lock) requires access to your Apple ID, password, and secondary authentication factor if you have Two-Factor Authentication enabled. Sounds pretty secure so far?

(more…)

Smartphones are frequent theft targets. Manufacturers try to combat smartphone theft by implementing several security measures. The first security measure is “remote kill switch”, a feature allowing legitimate owners to block, disable or erase a smartphone in a case it is stolen. Since Aug 12, 2014, the “kill switch” is mandatory in California in all new smartphones manufactured after July 1, 2015. Other jurisdictions followed, passing legislations with “kill switch” requirements to combat smartphone theft.

Long before legislations, the “remote kill switch” was used by companies to allow remotely erasing the phone’s content. Apple’s Find My iPhone, Microsoft’s Find My Phone, BlackBerry Protect and Android Device Manager allowed locating, ringing, blocking or erasing the phone remotely. However, the “kill switch” was originally designed to only protect the phone owner’s data, but could not help discourage theft. The criminal would simply erase the phone by performing factory reset, and resell the device. IMEI blacklisting aside, a simple factory reset would result in a clean, usable device, continuing to provide incentive for the criminals.

It took manufacturers much longer to implement true anti-theft protection in their core OS. In today’s state, anti-theft protection is a combination of your familiar remote kill switch and factory reset protection.

Factory reset protection is a security method designed to make sure your smartphone becomes useless if the thief wipes your smartphone. If someone wipes and factory resets your device without providing your authentication credentials, a smartphone equipped with factory reset protection would cease to initialize, display a prominent message asking to enter previous owner’s account credentials, and block further initialization attempts.

In theory, this sounds great. The implementation of the “kill switch” helped reduce smartphone theft by as much as 40 per cent. But is smartphone protection as secure as we think? Let’s find out.

(more…)

Legal Disclaimer

The information provided in this article is strictly for educational purposes. Therefore, you confirm that you are not going to use it to break into someone else’s Apple account. If you wish to apply ideas described in this article, you are taking full responsibility for your actions.

Non-Legal Disclaimer

Just relax. It’s not like we’re giving away tips on how to download celebrities’ photos or hack the prime minister’s iPhone.

(more…)