Apple’s iOS is renowned for being among the most secure platforms out there, but even with the Cupertino company’s reputation for keeping things water-tight, security issues still frequently flare up. In the latest, it has been learned that a user can, without even needing to type in a password, disable the Find My iPhone feature, which essentially renders it useless since the device is then obscured from being tracked by iCloud.com. More details to follow.
The process of uncovering the flaw, which is rather easy to replicate, is shown in the video clip embedded below. But while it’s a very simple little hack that you could try on your own iPhone or iPad, it does seem specific to iOS devices running iOS 7.0.x. The bug doesn’t apparently affect those on iOS 7.1 beta, so it’s fair to say that Apple has probably acknowledged it and is taking the steps to ensure it won’t be lurking for much longer. Nevertheless, the mere fact that anybody, without the authorization of a password, could nullify this potential lifeline for a lost device, is rather disconcerting to say the least.
Aside from the fact that Apple seems to be working to amend the situation, the other good news is that the bug doesn’t mess with the Activation Lock system, so if stolen, even if your device is wiped, it will still need your personal Apple ID and password in order to function as normal.
Anyone able to get to your Settings menu could potentially disable Find My iPhone on your device, so your best course of action, at least for now, would be to activate a passcode or Touch ID to keep things secure. Then, when iOS 7.1 arrives, download and install it immediately, at which point, we’re assuming, the bug will have been ironed out and any changes made to Find My iPhone will require you to enter your password.
Speaking of iOS 7.1, it shouldn’t be too far away from reaching GM. The fifth beta has just made its way to developers, and since Apple tends only to run 5-8 betas before releasing to the end user, we’d anticipate that the OTA isn’t far off at all.
Anyhow, here’s a demonstration video of how one can disable the Find My iPhone feature without a password: