iOS should prevent shutdown when Find My iPhone is enabled
| Originator: | kevinchen2003 | ||
| Number: | rdar://11734870 | Date Originated: | 23-Jun-2012 11:10 PM |
| Status: | Open | Resolved: | |
| Product: | iPhone/iPod touch | Product Version: | N/A |
| Classification: | Feature (New) | Reproducible: | Not Applicable |
SUMMARY: Users can use the Find My iPhone service provided through iCloud to track their stolen iOS devices. However, this can be trivially thwarted by thieves who are catching on: they shut down the iOS device as soon as they steal it. Apple should implement a feature to prevent shutdown by people who are not the users of a device when Find My iPhone is turned on. STEPS TO REPRODUCE: 1. Turn on Find My iPhone. 2. Get your iOS device stolen by a thief who knows what he/she is doing. 3. Make sure the thief is aware that he/she should shut down the phone for the purposes of this demonstration. 4. Attempt to track the device via Find My iPhone. EXPECTED RESULTS: The device is still communicating with iCloud servers because iOS prevented shutdown by the unauthorized user. This can be implemented in many ways. However, the way that makes the most sense is an option (enabled by default) called "Shutdown Requires Passcode." The user already knows his/her passcode, so this ensures a legitimate user can easily shut his/her devices down while a thief will have a really hard time. A potential problem with this is that the thief can still press power and home simultaneously to reboot the device, and keep doing that to ensure that the device stays in a reboot loop. This is rather unlikely. Another potential problem is that thieves may enable DFU mode. I can't think of a way to implement Shutdown Requires passcode without compromising the ability of DFU mode to bypass bugs in the iOS operating system. ACTUAL RESULTS: Find My iPhone is thwarted, because the thief was able to shut the phone down. The user goes home and cries, because he/she has lost his/her beloved iPhone. REGRESSION: none NOTES: This is a common problem. For example, about 57 minutes ago, somebody lost his iPhone to a thief, who immediately turned the device off. https://twitter.com/tommycollison/status/216728964763369472 https://twitter.com/tommycollison/status/216758101196546048 Using a web search, it is trivial to find dozens of stories just like this one.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!