Thieves can disable Find My iPhone and delete your iCloud account thanks to security glitch in iOS 7

Thieves can disable Find My iPhone and delete your iCloud account thanks to security glitch in iOS 7
With iOS 7, the only way to delete an iCloud account or restore a wiped device, is to disable Find My iPhone. And the only way to disable Find My iPhone is to enter your Apple ID password. Apple did this to prevent thieves from avoiding detection from the Find My iPhone application. But it seems that there is a way for the bad guys to bypass this security set-up. Going to the iCloud settings panel, you need to press "delete account" at the same time you click on the switch to disable Find My iPhone. That combination, done at the same time, requires a bit of dexterity, but it can be done.

You then will be prompted to enter a password at which time you hold down the power button and turn off your handset. When you reboot the iPhone, you can then go into the iCloud setting panel and remove the account without being asked for a password. It will then allow anyone to plug the phone into iTunes and restore it with no questions asked. And with Find My iPhone disabled, the Activation Lock will not save you.

We would expect to see Apple working feverishly on a fix for this problem. The last thing you want to happen if your iPhone is stolen is for the thieves to remove your iCloud account, making it much easier for them to find a buyer for the device.



source: MiguelAlvarado, 9to5Mac via Gizmodo

FEATURED VIDEO

48 Comments

49. DextradAcheson

Posts: 2; Member since: Dec 12, 2014

Hi guys, this is cool but I lost my iPhone how can I download my iCloud backup? I haven’t found an official way to do this, have you tried recovery-tool.com/ios-recovery/restore-iphone-from​-icloud.html ? Thank you!

48. caijm

Posts: 2; Member since: Nov 22, 2014

up for this..

47. caijm

Posts: 2; Member since: Nov 22, 2014

hi ive done that thing i by passed the icloud and i am worried if i can reset erase all data or can i updated it to the latest version ios 8.1.1 my currently OS version is 7.1.2 thanks a lot..

46. casvon

Posts: 1; Member since: Oct 26, 2014

Hi guys I can help u bypass Icloud activation lock on ur iPhone. Then u can u use this method to delete d id

45. zokee

Posts: 4; Member since: Jun 07, 2014

Just the password u delete, nothing else. Then do the reboot and delete.

44. zokee

Posts: 4; Member since: Jun 07, 2014

It works, go to the icloud password of the persons phone let's say, just delete all that then put your own in there. Reboot the device then go and delete the account. Don worry about the video, trust me, try that!!

43. alexawhite

Posts: 1; Member since: Jul 30, 2014

i used this ios-tool.blogspot.com on my 5s and it worked

40. truth321

Posts: 1; Member since: May 22, 2014

This "glitch" does NOT work!! All the iphone haters commenting how happy the are because the iphone isn't secure, can be quiet. I followed the steps shown in the video and it does not work. After reboot find my iphone is still turned on. Iphone is secure, ignorant people don't know what they are talking about and believe anything they see on the Internet.

39. Swapnildesai

Posts: 2; Member since: May 10, 2014

like it asks for previous owners apple id

37. Swapnildesai

Posts: 2; Member since: May 10, 2014

can anyone unlock for me my iPhone 5 its icloud locked i can also pay please help

38. gaby1451

Posts: 120; Member since: Mar 30, 2011

What happened? What do you mean cloud locked? Email me: gabrielle.rivera@icloud.com

35. Dante216

Posts: 32; Member since: Dec 18, 2013

This isn't the only way. You can set a pass code on the device, turn on "erase data after 10 tries" and put in the pass code 10 times. It takes an hour and 20 minutes, but it works.

26. gaby1451

Posts: 120; Member since: Mar 30, 2011

So this glitch is legit. However one thing to note: if one actually keeps a passcode lock on her/his iPhone, then once it's rebooted, it prompts the user for it. Thus keeping the entire glitch from working. i.e. Keep a lock on your phones! XOXO

25. D79_D79_

Posts: 40; Member since: Feb 19, 2014

Ok I got bored waiting for the phone to reboot. What happens after?

18. The_Innovation

Posts: 649; Member since: Jul 18, 2012

Thank you for letting everyone know exactly how to do it with step-by-step directions. I'm sure all the thieves watching are happy.

24. jroc74

Posts: 6023; Member since: Dec 30, 2010

Yup...its on Youtube... It will probably have 100,000 views in a week.

17. StraightEdgeNexus

Posts: 3689; Member since: Feb 14, 2014

Thats pretty cool man. Just works. Perfect privacy and security. No virus and no lags.

16. StraightEdgeNexus

Posts: 3689; Member since: Feb 14, 2014

Thats pretty cool man. Just works. Perfect privacy and security. No virus and no lags.

19. networkdood

Posts: 6330; Member since: Mar 31, 2010

Just works .....for Apple

14. networkdood

Posts: 6330; Member since: Mar 31, 2010

iArrogance

10. PapaSmurf

Posts: 10457; Member since: May 14, 2012

I removed the iCloud lock from a company phone. That iPhone 4 is now wiped and lock free.

6. Anshulonweb

Posts: 468; Member since: Feb 07, 2014

buy an iPhone they said...it is very secure and bug free they said

30. InspectorGadget80 unregistered

and they say it WORKS. not really

5. Sauce unregistered

This was a joke. The guy said it himself lol. Boy does PA research anything these days? Didn't they just tell some other story about a text campaign the made zero sense? Lollll.. Editors/Authors: If you see this…you need to do a better job.

31. techperson211

Posts: 1280; Member since: Feb 27, 2014

Yeah it was a joke..... And a real one.

42. zokee

Posts: 4; Member since: Jun 07, 2014

change hes pass word to what ever u like, re boot and delete

33. roscuthiii

Posts: 2383; Member since: Jul 18, 2010

Well, Alan F. will pretty much just post any Apple story he sees out there on the interwebs as long as it has the uppercase A, or a lower case i... And editors? I'm not even sure there's an editor, much less editors.

3. stealthd unregistered

So they need to know your phones passcode to do this then. That doesn't sound as bad as they're making it out to be.

7. VZWuser76

Posts: 4974; Member since: Mar 04, 2010

I think they said to enter a password. I believe what they're implying is you enter "a new password", not the phone owner's password. And then after the reboot, the delete the iCloud account, making the phone free to use on any account. Basically it would be the same as doing a factory reset on an Android phone. At that point the only way to tell if it was stolen would be with the serial number, but according to this article, the system would see it like the owner removed the device from their account, just as if they were going to sell it. If so, that's bad. The bad thing about articles like this is it basically gives would be thieves a roadmap to do this. If they instead just said what the end result is, without giving away the "how to" part, it would make them work harder to find that info.

22. stealthd unregistered

The point here is that when Find My iPhone is enabled on a device, it's supposed to require the Apple ID/password (not the device's passcode) to do a factory reset. This glitch allows you to bypass that, but it only works if you have access to the settings app, which you'd only get by getting past the lockscreen. There's also the possiblity that the device's owner could use the Find My iPhone service to remotely lock the device. That'll only work if they can do it before the thief takes advantage of this glitch though.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless