Starting with iOS 7, Apple introduced a new security mechanism into all iOS devices that required a user to disable Find My iPhone before an iCloud account could be deleted or the device could be restored. This, of course, requires access to the password associated with that Apple ID. The system was heralded as a great step forward for Apple, but it seems that it is not completely secure, with the discovery of a bug that allows the whole process to be bypassed. More details and video demo can be found right here.
The purpose of the beefed up security is relatively simple: to ensure that individuals or suspicious wanderers who don’t have legitimate access to the iPhone, iPad or iPod touch can’t disable Find My iPhone and avoid being tracked by the true owner through Apple’s Web service. It all sounds great in theory, and up until recently it worked pretty well in practice. Unfortunately, as the embedded video demonstrates, it’s actually relatively simple to bypass the process and remove the associated iCloud account from the device. This would, of course, then leave the person in control of the device to restore it at will or add their own iCloud credentials.
The video gives a pretty comprehensive demonstration of how this bug in iOS 7 / 7.1 can be exploited. After accessing the Settings app and selecting the iCloud option, the Delete Account button and the Find My iPhone toggle need to be tapped at the same time. iOS will then display an alert prompt requesting the correct iCloud password to be entered. This can be bypassed by holding down the power button at the top of the iPhone or iPad and shutting down the device in the usual manner. After the phone has been powered back on it’s then as simple as heading back into the iCloud settings and selecting to delete the account.
Anyone who has the knowledge of this process will be able to easily and effectively remove the iCloud account, therefore making it impossible to track the lost phone through Find My iPhone.
Thankfully, there is a solution available until Apple fixes this problem: adding a passcode to the device with a short or immediate timer will prevent anyone from getting access to the iCloud settings.
Thanks, Miguel for sending this in!