You can’t wipe an iPhone that’s locked to an ICloud ID without the password of the account
Comment on Nearly two-fifths of robberies in London last year were for mobile phones
smeg@feddit.uk 10 months agoThat’s a feature to protect user data not to prevent the phone being reused. Wipe the device and it’s brand new (unless the device ID is reported and the phone blacklisted by the networks somehow, but that relies on the owner and the authorities being faster than the thieves, I’d imagine).
nanometer@lemm.ee 10 months ago
smeg@feddit.uk 10 months ago
If you have physical access to a device you can eventually do whatever you want with it, depends how organised the thief is
frazorth@feddit.uk 10 months ago
I would be curious to learn more, as this is a much touted security feature. If it’s that easy to bypass then we need to understand the limitations.
Do you have any more information on this?
smeg@feddit.uk 10 months ago
520@kbin.social 10 months ago
The usual tactic is to send a phishing text to a number that calls it pretending to be Apple. They then get your Apple ID credentials and use that to unlock the device.
dotslashme@infosec.pub 10 months ago
Not an expert in any way, but I would assume it is similar to having physical access to a computer. You would not be able to get into the existing device or retrieve data, but if you have stolen it and just to use the device, there are numerous tools to allow side loading of new blobs, that will bypass any restrictions.
gdrhnvfhj@lemmynsfw.com 10 months ago
GreatAlbatross@feddit.uk 10 months ago
Unless it’s changed recently, you can wipe a user from it, but you cannot disable find my iphone, which will prevent initial activation with Apple.
And since it’s a brick without being activated following a wipe, it would only be usable for parts.
smeg@feddit.uk 10 months ago
I posted a link to an article in another reply, there is software available which can use whatever jailbreak exploit to remove the lock. Basically no device is 100% secure, so there will always be some way in if you have physical access and enough time on your hands.
butterflyattack@lemmy.world 10 months ago
I am pretty sure this isn’t the case if you report the phone stolen. Your provider will have the IMEI number and can brick it. There are probably ways around this - one that I’ve heard is that this bricking is regional. If you sell the stolen phone to someone who is going to ship it to Africa, say, and resell it, it would work fine there.
I should say that this info is a decade old, but I knew someone back then who would pay for phones, no questions asked. Also vehicles, even large commercial ones. The containers were going to the Gambia, although I’m sure other people were shipping stuff to other countries and continents. I don’t know if bricking is still regional but I’ve not heard that it’s changed.
Another possibility is that thieves are trying to literally snatch a phone out of the hand of someone who is using it, while it’s still unlocked. Many of us do banking etc on our phones, and have other login credentials, so perhaps if they get the phone while it’s unlocked they can do something with this.
Aux@lemmy.world 10 months ago
You can easily change IMEI. IMEI blocks never mattered.
alchemy88@lemmy.team 10 months ago
Even if they’re blocked I think that only applies to certain countries too. So they likely just get sent abroad and used there!
GreatAlbatross@feddit.uk 10 months ago
My info on IMEI blacklisting is probably out of date, but it used to be that different regions operated their own lists (since phones were normally sold for a specific region).
That meant that stolen phones would often just get shipped abroad, even with a bar in place for the UK.
atkdef@lemmy.world 10 months ago
Not sure about Apple devices, but for Android there’s FRP (factory reset protection). Basically, if an Android phone which has FRP enabled has at least one Google account signed in, after factory reset, the phone is locked unless it signs into one of the Google accounts previously in use.
I cannot find documents about FRP from Google, but here’s one from Samsung, and I’m pretty sure it’s not limited to Samsung.
samsung.com/…/what-is-device-protection-or-factor…
frazorth@feddit.uk 10 months ago
I ran into this on my phone when I forgot the pin and tried to factory reset. However I know my Google password so it was quite simple, but I don’t know how thieves get past this.
gdrhnvfhj@lemmynsfw.com 10 months ago
Its easy, I forgot my pin and found a Video in YouTube. But I took a different path and it worked. After that I installed GrapheneOS.