iOS 7 bug reportedly allows Find My iPhone to be disabled without password
Advertisement
By NDTV Correspondent | Updated: 4 April 2014 11:40 IST
As a security feature, requiring people to enter the password of
their Apple ID before disabling Find My iPhone is a helpful move, as it
means that someone can't just steal your phone and disable the only
methods available to find it. However, a new report on 9to5mac shows that this is actually pretty easy to circumvent.
As shown
in the video below, the tipster to the site goes through a step by step
process of disabling Find My iPhone and then deleting an iCloud account.
The
whole process seems really simple, and apparently just needs access to
the phone's settings menu. Once in, you can go to iCloud settings, and
then simultaneously disable Find My iPhone and tap "delete account".
When you're asked for the password, reboot the device and you can repeat
the process, and remove the account. This means that someone with
access to the phone can create a new account on your device, and you've
got no means to track it.
While the iOS 7 bug will likely be
patched out by Apple soon, it highlights the importance of putting a
passcode on your phone, or if you have an iPhone 5s, using the TouchID
sensor to unlock the phone. These are very basic security measures
everyone should take, but would still be more than enough to completely
stop an exploit like this in its tracks.
Apple released iOS version 7.0.6 as a patch to provide 'a fix for SSL connection verification', a bug
that possibly left email and other encrypted communication open to
hacking if the user was connected to an unsecured Wi-Fi network.