A newly discovered bug in the current version of iOS 7 lets anyone disable the Find My iPhone feature without a password.
Losing your iPhone can be a pretty nerve-racking experience at the best of times, but a new exploit has been discovered within iOS 7, allowing anyone to disable the Find My iPhone feature, without the need for your Apple ID password.
No Find My iPhone means you won’t be able to make it ring, search for its location or remotely wipe it, leaving you devoid of a very expensive smartphone and leaving the new owner of your handset in possession of all your digital personal effects to browse at their leisure.
The exploit is demonstrated in the above video by Bradley Williams and has been verified to exist in iOS 7.0.4 by MacRumours, but not present in the forthcoming iOS 7.1 update.
Performing a successful bypass requires the iPhone in question to feature no PIN, passcode or Touch ID password set up prior to access, but should there be no additional security, a ‘hacker’ can simply enter an incorrect password in the iCloud section of the Settings menu, exit out, enter a new account and ultimately not only disable, but replace the iCloud account on a device.
As MacRumours has stated, this bug should not be possible once iOS 7.1 arrives on iOS devices, although there is no such date for its arrival as yet.
What’s your approach to smartphone security? Do you take steps to protect your device and its contents? Let us know in the comments.
Leave a Reply