Bug In iOS 7.1 Lets Thieves Disable Find My iPhone Without Entering A Password
In iOS 7.1, a recently discovered bug allows thieves to disable Find My iPhone and subsequently remove iCloud and even restore an iOS device without entering its user’s Apple ID password.
The news surfaced online in a YouTube video shared by 9to5mac. In it, an iPhone 4s owner demonstrates how touching both the “Delete Account” icon and the toggle button to disable Find My iPhone in the iCloud preferences pane of the Settings app can allow a thief to disable Find My iPhone, remove iCloud, and restore the handset without having to input the Apple ID credentials associated with the iOS device.
Here’s the video:
http://www.youtube.com/watch?v=Lvbter05UpAIf you can’t see the above video, please click this link.
Plus, since Activation Lock requires Find My iPhone to be enabled, this useful feature won’t come online following the restore. In short, the iOS device in question will be lost forever.
As 9to5mac notes, having a passcode lock or Touch ID enabled could help users out – this way, a thief would struggle to gain access to the Settings app in the first place. But if a handset happens to be found unlocked, then the above method means it could disappear from Apple’s iCloud-powered Find My iPhone service in minutes.
Here’s hoping Apple corrects the problem with a minor iOS update soon.
In the meantime, see: Pebble Returns To The App Store, Brings New Sharing Options And More Watchapps, Gene Munster Demands Apple TV Revamp Following fireTV Announcement, and Blizzard’s Hearthstone: Heroes Of Warcraft Starts Rolling Out On The iPad.