Find My IPhone should allow the owner of a stolen phone to make it so that the phone cannot be turned off by the power switch on the device itself. For non-4G/non-LTE devices, It should also aggressively look for open access points and attempt to associate with them and phone home to Apple servers with location info. Activating stolen mode should also put the phone into a power conservation mode to keep it alive and phoning home as long as possible.
> make it so that the phone cannot be turned off by the power switch on the device itself.
I used to have the same idea [1], having been a victim of theft and robbery myself, but as others in that thread pointed out, it would be trivial for thieves to take out the SIM, or to wrap it up in something that blocks all signals.
I think a better way might be to introduce a PANIC MODE; a special state that could be activated with a predefined fingerprint or PIN, different from the ones you use for unlocking. Say your left pinky.
In Panic Mode, the device would present a "fake" environment, which allows most operations but:
* Keeps the device secretly powered on even after being powered off.
* Regularly connects to open networks AND also transmits an SOS to all nearby Apple devices, to use THEIR network and transmit its location to Find My Phone.
* If not powered off, defaults to an easy passcode, like 0000 or 1234, and disables lockout protection for invalid retries.
* When unlocked, presents a home screen that looks identical to a freshly installed OS, with empty or random Notes, Contacts, Calendar etc.
* Allows calls to any local number, but for a duration of one minute only, so the networks can aid law enforcement in tracking it as well.
----
TL;DR: Make the device appear unsecured to the thieves, so they don't have to force the owner to remove all protections, and entice them to keep using it normally for as long as possible while secretly and aggressively tracking them.
You're not fooling any thieves. They knew it was a legit stolen phone that was PIN-locked when they stole it. A faked "fresh install" isn't going to trick them into using the phone.
iPhone thefts will decrease when thieves know that the iPhone that they just stole is going to get them caught.
I understand that some don't like the privacy implications of a phone that can be forced into spy mode with Apple ID credentials. Fine. Give the user the option to disable this functionality on the device (and only on the physical device). Users that don't want it can disable it in their settings and the phone will act just like the phones do today when stolen, regardless of what happens on the iCloud side.
It would still make a big difference where I live, where most phones are taken at gunpoint, and later sold for their screen, battery and shell if nothing else, unless you were walking down a particularly deserted neighborhood, in which case the muggers will make you unlock the phone and remove the passcode/fingerprint.
However, many don't know about iCloud/Find My Phone yet, and it requires an internet connection to disable anyway, which most people don't have outdoors, here.
Some kind of "fake mode," filled with random data, would also help with government coercion in, ahem, the more civilized countries.
What if your phone hangs (input/touch ID stops responding too). You have to resort to a forced shutdown. If that requires a password, how would you reset the phone while you are travelling ?
A 'forced shutdown' (by holding the Power and Home button for 8+ seconds) does not simply shutdown the device. Rather, it forces a reboot, which would not effect the security implications of requiring a passcode to fully power off.
Why stop there? It could broadcast some (authenticated) "I'm a stolen iPhone" message to other iPhones nearby. Maybe a Bluetooth beacon that any iPhone with Bluetooth enabled could pick up and report to Apple servers. I'm not sure how technically feasible this is but at least in high-density urban areas this might work.
You'd probably have to make sure that it only activates if the phone is actually stolen, not just lost. I found an iPad in the street once, took it home, found the owner's details and took them to come pick it up (turns out it was some sort of sale team, and one of their staff put it down and forgot to pick it back up).
I'd've been _extremely_ unimpressed if the device suddenly started proclaiming it was stolen.
Maybe a good Apple Watch use case. As soon as the phone is stolen from you you can activate the alarm using your watch and now the thief is running down the street with an iPhone screaming that it's stolen. I'm guessing they would dump it because they won't get far before a cop hears it if.
What a great idea - make an iPhone as adversarial towards thieves as possible, so stealing one becomes a huge personal risk. Maybe even add a stealth version of Lost Mode, so the phone works in a sort of guest mode (without access to your data) but is furiously spying on the user in the background.
My worry about something like this is it's essentially opening it up to be a remote access tool for anyone that can figure out how to trigger it while not being Apple.
I would personally prefer to just lose my phone and have robust measures to stop thieves from accessing my data than increase the possibility of bad actors/govt using it as yet another surveillance tool (or at least more than it already is).
Agreed. I don't care about my phone, I can get a new one. I care about my data. Apple has great online storage and syncing so I can lose my device and be back up and running again on a new device. I'd rather see something that basically allows me to say "This device is stolen, make it worthless." Where Apple waits for it to phone home once and then they brick it so that it has to be taken to Apple to be reversed, notifying Apple that it was a stolen device.
With enough political will (and slightly better security against tampering and spoofing), the "huge personal risk" part could have been done already, since for a phone to be useful it has to broadcast a unique IMEI number along with its location.
I mean, if I steal a thing and am annoyed about it being impossible to do anything with - I'm probably going to hit it with rocks and then throw it in a canal. I might just lob it in the bin. The one thing you can guarantee - I'm not giving it back
Edit: Uhh, repetition it seems. God damn I need to not leave HN windows open for a couple hours then replying without refresh.
That's still a net benefit. If theives learn that stolen iPhones are both annoying and unprofitable then they'll stop stealing them. Especially if they know the iPhones are being tracked and that they are at risk of being caught.
Depends where you live and what kind of PD you have. There are plenty of places with a low enough crime rate that going after a pickpocket / thief for an $800 iPhone would be a good use of officer time.
Even in places with average crime rates, solving crimes looks good and if you've got the means to arrest someone for theft that makes you look good as a result.
Obviously if your day-to-day as a police officer involves the cartels or something you won't care about an iPhone. But if you live someplace where a murder would make the news regardless of the circumstances, someone will probably look into it if you can prove you know where the thief is (or that the phone was in a given house/apartment).
Yup, not only does it 'look good', but it gets a low level criminal off the street, sends a message to other people in similar circumstances, and (contrary to some beliefs) most cops actually like arresting criminals and returning stolen property.
We have that already, no need to implement that. The reason Apple is not providing this "stolen" service is it would reveal all the backdoors implemented to spy at us.
The latest version of iOS does turn on low power mode as part of lost mode. I agree, though, that making it super adversarial would be both fun and useful against theft.
The problem with those kinds of ideas is thieves will know ahead of time, and they'll be prepared. They'll pull the battery, or isolate it, take the sim. They'll take it to "this guy I know" who has figured a way around the security feature.
The people who are really going to be in a bind are the totally unprepared legitimate owners who've been hacked.
Nice thought. The problem is that turning your iPhone off is the easiest way to secure it quickly and completely. Whether it's an overbearing TSA agent or police pullover -- if you want your data to be secure (password protected vs fingerprint protected) you can always just turn off.
Anything iCloud-initiated does not benefit from the protection of the secure enclave on the device--so with your idea, you'd be opening a denial-of-privacy attack vector
What about self-ransomware? "All the data on this is encrypted and there is absolutely no way to flash it without the secret key that is stored in the apple cloud."
Yes. Is it possible in principle to prevent flashing without bricking the device? How would one do that on a deep level? I don't think it can be done on computers, but am happy to be corrected.
Honestly, I won't ever buy a phone which I can't reliably turn off under any circumstances. And I'll think twice before buying a phone whose battery I can't take out with little effort.
aggressively look for open access points and attempt to associate with them and phone home [...] location info
put the phone into a power conservation mode to keep it alive and phoning home as long as possible.
Isn't there an inherent conflict here? I doubt that you can aggressively scan and phone home, and conserve battery life.
the best option would be to ask for your pin before the phone shuts down, maybe even at the firmware level to make sure it gets around possibly crashed software.
The problem is that a thief would just turn the phone off immediately, when it is stolen, long before you ever report it as a stolen phone or even realize it was stolen.
Probably because iphones(like any other phones on the market) do crash sometimes, and the only way to bring them back to life is to do a hard reset(usually hold the power button until the device shuts off) - it's a necessary engineering feature.
Is this really true or your speculation? Really curious about that but yeah, I am also suspecting that while the phones seem quiet they are actually listening ... sometimes.
That's not even close - you linked to an article from 2006 (before the first iPhone was introduced) about microphone activation on phones like Motorola RAZRs which are already powered on. Oh, and this was legal and in the open.
Nice try, but that's a long way from a (long running, secret, and still hidden) vast government/corporate conspiracy to remotely power on any smartphone to spy on the owner.
You can also accomplish it with the Activator tweak. On Lockscreen, set Hold Power Button to Do Nothing. Of course you can still perform a hard reset but it's better than nothing.
This would be ideal, even if it doesn't really contribute to returning stolen phones. It makes the whole idea of stealing an iPhone so much more difficult for thieves.
A strong deterrent in my opinion is much better than a solution which returns your phone. I'd rather have it not stolen in the first place.
The practical approach is to make things hard enough to discourage theft in the first place or make life harder for the thief afterwards. You cannot usually cover all possible scenarios for a trained insistent attacker.
Pickpockets usually don't carry freezers or lead boxes on their person. By the time they are home and can drain the phone, their closest WiFi access points would have pinpointed them.
(Though a sophisticated thief might have a lightweight faraday cage on them - sleeve lined with aluminium foil might sufficiently dampen Wifi/GPS/cell signals.)
I had the same thing happen when my phone was stolen. To my knowledge, it was never powered on after it was stolen (because iCloud never registered a ping).
I received a variety of phishing attempts over email, but most surprisingly - I received phishing iMessages too. They were all eerily good.
My assumption was that police reports were being scraped. I wonder if this data is available unencrypted on the phone or sim card
Edit: Here are some of the messages I received - I forgot that they had my name too: http://imgur.com/a/NmIt4
Why does it display the name of anyone not in your contacts? Seems trivial to abuse. Hi, I'm Barack Obama, and I'm looking for a donation to prevent terrorism and child porn.
You completely changed your comment, so I'm responding to the original text:
> I keep my file extensions hidden because if that's all between me and a virus I'm already fucked. It's also a sign I need to move operating systems.
Showing extensions doesn't just guard against viruses, it also allows you to know what file type a file is, without having to memorize every icon on your system. You can also rename files to a different extension if you need to.
Except that on systems that have the concept of "file extension", those extensions are used to determine how to open a file by default. If you're using Linux you don't care either way, but on Windows, even if on a terminal emulator, you have to care anyway.
I don't know what to say other than The Windows brand was permanently damaged from the ability to install a virus by double clicking a .jpeg. For years. UAC should have arrived with NT.
i can't speak for other OSs but if you click on the file you can see the extension. It's really only a pain in the ass when I can't remember and write the extension twice.
Somehow you found the comment more interesting than I.
Yup, and not only that, but Inbox got rid of the "Show Original" option! I used that all the time to see the real headers. Seems like twice a week I have to go to Gmail just to look at headers.
this is one of my biggest gripes about the entire apple ecosystem. every app tries its hardest to hide emails from you, when that's the only thing a business person would care about.
At least Mail.app lets you whitelist certain domains, making recipients with other domains pop in red when you're composing. It's useful in a corporate setting.
As for sender, you can make it show the actual email address at all times (disable "use smart addresses").
On OS X/macOS, Mail.app by default has a default rule to highlight certain Apple-approved addresses as blue; however, this list is centered around marketing and promotional outboxes.
From article comments:
"If your phone is locked, how did they get your iCloud email address? "
"As said, I’m guessing they googled my name (available via the Medical ID functionality) and found an email address for me."
How does phishing like this scale? I would think the vast majority of the time the thief is going to have no idea what the email or phone number of the victim is. Seems like a pretty elaborate scam for something that relies on stealing phones where Medical ID is enabled.
Is there some other way that the thief would be able to easily contact the victim by email or text?
Even with Medical ID enabled, that only shows name, DOB, medications.. I would think for most people that still isn't going to be enough info to get an email and phone number from by googling.
Not saying it isn't possible, I just think that it seems odd that the difficulty of making the scam work seems out of balance with the polish of it.
I assume that the thief which actually steals the phone isn't the same guy which puts this kind of scam on. And if you're the one which buys the stolen phones at larger scale (e.g. by running a used-phone-shop) this kind of scam scales very well I would think.
Pay flat fee for locket, stolen iPhones, which aren't very useful to most thieves (a few % less than the break even price for using them as parts). Before using them as parts you see if the victim's ID is worth pursing (low hanging fruit). If it's worth pursuing you script out most of what was done in the article. All the IDs you get you sell weekly and you use the phones as parts for a phone repair service and make money charging people for parts that you're not paying much for (or just sell the parts at a discount).
If you have a contact card set up, ask Siri "What is my name", then click on the mail icon. It will present all of your email addresses. (This works for me when I activate siri with my pinkie finger, which isn't a registered fingerprint.)
"Who owns this phone?" or "who does this phone belong to?" will answer the question, too, if Siri is enabled, and is useful knowledge if you find an iPhone. This includes numbers if they are on the "Me" contact card. I just tried it on mine and it dumped everything from my contact card including my mother and father, BUT, I have had my phone returned in minutes from someone who knew to ask so it's a mixed bag.
If you're not cool with that, you can configure Siri to only function when unlocked. I used to operate that way, but especially controlling music in the car and fumbling with Touch ID when fingers aren't cooperating, I grew tired of it and went back.
This is the reason why I disable Siri from being used on the locked screen. It's barely inconvenient to have to unlock with fingerprint before being able to activate Siri, and the amount of information you can grab from a "locked" phone via Siri is scary.
Is there no way to disable sensitive requests from the lock screen? My Android phone has an option under voice settings to disable "Personal results" when the phone is locked.
With Siri, it's all or nothing. Either it is enabled on the lock screen, or completely inaccessible. It does have limits when enabled, where it will force you to unlock before inquiring deeper into the system. I can't remember exactly what kind of tasks I was able to accomplish with it enabled, but it was too much for me were it to land into a thief's hands. In any case, with the Touch ID it's barely an inconvenience to unlock before holding the home button to activate Siri. It's like 1.5 presses of the home button rather than a full 2. I'm not sure why they haven't put in the effort to allow you to hold down the home button once to activate Siri with a read of the fingerprint. They prioritized that action for Apple Pay. shrug
Siri asks for passcode if I explicitly ask for email or even phone number, but gives me the contact sheet if I ask for name. But I should mention that I'm running iOS 10 at the moment, so it could be a regression.
Also, "send email to YOUR NAME HERE" will present a list of email addresses if you have more than one.
I saw in another long blog post how something like 80% of all stolen phones in the world end up in about a half dozen locations in Asia that act as bulk resellers. (I think the article was about the guy in SF who lost his phone at a bar and it ended being used by an orange farmer in Shanghai?!? - it was a cool story).
I daresay these bulk 'processing' plants for lost/stolen phones may have a team in place that try and identify the previous owners and send out bulk scam emails to try and hook them?
Put the SIM in another phone to view the number. Call 611 from that phone and say you "forgot the email you used to make your online account", pray they used the same to sign up for iCloud.
I think this is the wrong question. You only need "scale" when your response rate or "take per device" is relatively low.
In this case, I suspect the success rate is incredibly high and/or if it lets you unlock and disassociate the the device from the account, the device itself becomes more valuable.
Is it worth asking whether the author, as a company's managing director, is a high-profile target and perhaps his phone was specifically stolen for a high-touch scam? I'd imagine corporate espionage insights for even a minor company would be more valuable than the $800 iPhone itself; someone handling material non-public information about a publicly-traded company could yield stock tips worth thousands or millions.
I'm the orig post author, and I did think of that too. But no - it was far from home on a holiday trip in a rental car. If someone really wanted my phone, there are many simpler ways. Also, it wasn't the only car with a broken window on the same parking lot when we came back to the car.
In addition, we're a really open company and not that great a target for espionage. We have very few secrets worth significant money.
Pop the SIM card into another phone to get the phone number. Wait a couple weeks to give the victim time to get a new replacement phone with the same phone number.
"Today" which lists Calendar events among other things, as well as "Notifications", which lists all kinds of things depending on settings, either of which could reveal personal information are both accessible on a locked iPhone.
I don't see why Apple should have to tell you anything though. They can't preemptively warn you of all possible scams post-stolen hardware.
That said I've had an iPad stolen from the seat pocket when I was asleep on a long haul flight so I can sympathise and this scam particularly hits home.
This should also serve as a reminder to use a password vault (like 1Password or LastPass or your browser's built-in functionality). If you use a password vault, it's immediately obvious when you're at a phishing site because the vault won't fill it in.
Recently my laptop was stolen out of my car, so I engaged "Find My Mac" and told it to wipe the disk.
A few days later I got an email "Cesar's Macbook Pro Has Been Found." My name isn't Cesar -- that must be the thief or the guy who bought it from him. I assume he re-formatted the disk and re-installed the OS and changed the computer name before connecting to WiFi whereupon the call-home feature told the machine to wipe itself.
It's a weird user experience to tell me the name of the new owner but nothing else.
On a side note, if you are travelling in Italy never leave anything valuable, or anything that it looks like it could contain something valuable, in plain view in a vehicle.
A few years ago I was on holiday in Italy and someone broke in to my car and stole a suitcase which contained my laptop, passport and camera. Earlier this year I was living in Rome for a few months and the amount of cars with smashed windows I saw (to grab whatever was left on the seat) was staggering.
Even if you have insurance, it may not cover theft from an unattended motor vehicle (at least mine didn't).
What does this have to do with Italy? The same advice would be applicable in any city. San Francisco experiences large amounts of car thefts. Broken glass decorates the sidewalks of most streets > 4th in SoMa and in Nob Hill and westward.
"Also, wherever possible, use 2-factor authentication (usually password + a code in an SMS message)" -- how's that gonna help when your phone is stolen?
There's a setting for iOS that hides the contents of SMS messages on the lock screen. With that, they'd at least need your pin. Hopefully you'd have some printed out backup codes.
SIM PIN codes seem to have gone out of fashion. Neither my UK SIM nor my US SIM, both bought within the last two years, had a PIN code out of the box. Of course it's possible to set one but that's buried somewhere deep in the phone's settings, so most people probably don't set one.
I didn't even know it's possible to have no PIN code on a SIM card!
Operators in Finland always give you PIN cards with a preset code like 0000 or 1234, and tell you to switch it in their quick start instructions. I'm sure many people leave it as it is, though. Almost no-one seems to know you can actually set it to be more than 4 digits.
This looks like an area that phone operating systems could fix – by making it easy to change your PIN, and encourage using more than 4 digits for it.
Apple does not use SMS to send 2-FA codes if you have another "trusted device". [1] However, I tried recovering my account as if I were a thief and I could use the forgot password feature to send an SMS code to initiate a password reset. From there I was able to reset my password after verifying the credit card attached to the account. So even with 2-FA enabled you're screwed if they stole your wallet too.
If your phone is stolen call your carrier and have them disable the number or invalidate the sim.
If your iphone is locked, how about a log of the thumbprints that attempt to open the phone sent to an escrow account that only Apple and you can open with shared passwords?
The existence of the feature would hopefully act as one more trivial inconvenience to deter more thieves.
Imagine you press it but for whatever reason it doesn't register. Now your "incorrect" fingerprint is flying over the internet. With a bit of retouching or guessing your original fingerprint can now be recovered.
...not that your fingerprints aren't all over your phone anyways...
Wow, this is a pretty great idea. However, I feel it would be difficult to track the thief down with only a fingerprint. Also someone is going to complain about the privacy/security implisecurity of sending fingerprint data through the internet.
Unfortunately every fingerprint reader outputs a unique hash per fingerprint, which is why if you break it you can loose all of your data. So even with a thiefs hash's you'd still need the thief to prove it was them.
I'm being a bit pedantic about the "every fingerprint reader" mention and am assuming that mention also includes non-Apple devices. HTC and Samsung phones have, in the past, stored fingerprint images in an accessible location. What's worse was that the fingerprint image would be refreshed with every swipe/finger touch!
This is an incredible idea that would add serious value to customers, which is precisely why the product managers (most of whom are complete idiots and totally oblivious) will completely and totally ignore it.
These pages are authorization page of an Access Control Server (ACS) in the 3-D Secure flow. Visa/MasterCard designed the scheme, but the spec is open (in a somewhat limited sense), so anyone can implement the ACS as long as you're qualified to see the spec and can get it certified. Banks are free to choose the ACS vendor as long as it's certified. Many banks do provide ACS authorization page at their own domain name, although a many of them just use a third party service just like in your case.
I've seen that in the United States on a completely different domain. I actually changed banks over it when Wells Fargo set it up.
To answer your root cause question: I think it's a hook back to the issuing bank, and Visa themselves are only tangentially involved, AIUI. So things like securesuite are the vendors for the bank. (Am I wrong? That's how it was explained to me once.)
It is all cognitive dissonance though, if you lost EVERYTHING (your phone) then any glimmer of hope would be pretty good and you would be typing that password in without checking - speed would matter more in this situation. Also, how literate are most mobile phone users? If your English is txt spk IN BLOCK SHOUTO CAPS then you are not really going to be reading URLs.
Excellent bit of social engineering by the scammers, shame they cause so much harm.
Unfortunately there a so many users that have no idea how the internet works. It's not unusual for me to have to explain to someone, what a URL is. I had a 20 something year old friend ask me "so /where/ is the Internet?" not that long ago.
Hmm, I've always considered it to be a logical structure dissociated from physical machines. The prior systems were such that one stored data on a particular rack of computers but using a cloud removed that association from the customer. Yes, the data is ultimately in some computer's storage somewhere but the company can remove that computer from the internet and move the data, it's not a computer - there's an abstraction layer in place.
So, I'd say a server is "just a computer somewhere", The Cloud is necessarily more than that.
I deal with end users and customers and there are definitely a very high % of people who can afford an iPhone and would have no clue that that would be an illegitimate website.
The exact same thing happened to me, except it was a taxi in China. They kept trying different scams on me (but similar to this one) for nearly a year before it seems they gave up.
I reported most of it to Apple but (unsurprisingly I guess) it took forever to actually convince the support representative that no, it was not actually Apple trying to contact me. Finally they gave me an email address to forward the evidence to, and I never heard about it again.
I think the bigger takeaway from this is that there is just so much going on with modern technology that we now have to consider the security risks of every little helpful "feature".
For example...
- Lock screen notifications..
- Medical info feature.
- Emergency numbers feature.
- Lock screen wallpapers that might give something away.
- Email clients with poor security and where they do have security each one works differently.
All this increases the attack surface giving attackers a few more opportunities to exploit.
That's a pretty scary story. Kudos to Kiminki for recognising it in time. For once, I have to admit this is one I might have fallen for (if I had an iPhone, that is).
Fifteen years ago, if my phone was stolen, that sucked, but that was basically the end of that. I buy a new phone, and move on with my life.
Nowadays if a phone is stolen, they have to have access to my email, passwords, and effectively my entire identity, and it appears that that is exactly what's happening.
Phones are awesome, but I think I'd rather lose an eight-hundred-dollar phone than have someone get access to my email.
> Nowadays if a phone is stolen, they have to have access to my email, passwords, and effectively my entire identity, and it appears that that is exactly what's happening.
None of that necessarily applies. Plenty of people choose to opt-out of the madness that is the smartphone life.
Are u having doubt that your partner is cheat on you on facebook, whatsapp, pinger, viber, hangout and more, and you want to get a proof of all is cheating activities, i will strongly recommend globahacking@gmail.com is a fast and reliable hacker you can count on for the job. he help me hack my wife iphone now i can read all her messages. if you need such service send email to globahacking@gmail.com
you all should contact globahacking@gmail.com for all your hacking jobs, I'm recommending him he his fast reliable less expensive and truthful have done alot of works with him and he his just perfect
I think it's conceivable that these phishing attempts are not targeted, in order to unlock stolen/found iPhones, but scattered widely, in order to obtain iCloud passwords.
FWIW, I've also received these phishy "Find My iPhone" notifications that my phone was found, via SMS [1], and nearly fell for it (as I had lost a phone months ago).
Apple Support did not seem to be surprised, and just explained how to report spam.
Agree that these are potentially very effective, as users will be eager to log in to retrieve their phones. As such, it is arguably incumbent on Apple to explicit warn about them.
URL was www.apple.com.in1.at (Austria?), redirecting to iCloud.com.sign-inc1.pw (Palau??).
Whenever a phenomenon exists long enough an organization always form to exploit it. Someone sees an opportunity to optimize the process and extract additional money from it, they step in and make it happen...
The 2fa that has finally been pushed out by Apple is a great security precaution, however there will still be a large percentage that will not use it. Due to the fact of not knowing what it is. I repair phones and customers are just starting to cotton onto what find my iPhone is. There are even those who have it activated and don't even know how to use it.
Finally from a precaution avoid inputting your email address in the lock message. Also register an iCloud email. There is a better chance of apples servers detecting this as a fraud email than any other email sever thus (hoping) it will trash the bait like this.
Can someone explain what the MedicalID element in the story was and how it was exploited on an iPhone. I am not familiar with this and it sounds like this was the inflection point for the potential identity theft.
On an iPhone you can set up a record with your medical information (Your name, blood type, allergies, next of kin, etc) which can be accessed without unlocking the phone, presumably the idea behind it is if you've been in an accident the attending medic can use that information to help treat you and let people know what's happened
i hate cheating Do you suspect your partner (husband/wife/girlfriend/boyfriend) might be sneaking behind your back and having an affair? Do you want to hack; Facebook, Twitter, Myspace, Instagram or any Social Media? Phone, Whatsapp, BBM Any Email Do you have an examination you want and you want the questions hacked and leaked to you before the examination? Do you want to hack into you university or college portal to change your grades/GPA? Do you need the service of a PI to help investigate someone online? *Do you want to hack-proof yourself and protect your online accounts from being hacked? CONTACT: globahacking@gmail.com
> Kind of defeats the entire purpose of remote wipe.
Hardly. The remote wipe will clear all of your private data. Seems like the purpose is well met to me.
Activation Lock is there to prevent resale of stolen devices, which simultaneously increases odds of return to you, and decreases odds of iOS theft overall.
>As far as I can guess (and if the phone doesn’t reveal the iCloud email when you turn it on), they used the “Medical ID” feature on the phone to see who it belongs to and thanks to my strange name found me on wunderkraut.com along with my email address and phone number (for sending the messages to) — in fact, I did check the site analytics and found that my profile had one hit from Google the next day the phone was stolen.
