Apple to Introduce Stolen Device Protection in the Upcoming iOS 17.3

Originally published at: Apple to Introduce Stolen Device Protection in the Upcoming iOS 17.3 - TidBITS

The Wall Street Journal reports that Apple will introduce a new feature, Stolen Device Protection, to deter the kind of significant digital damage that iPhone passcode thieves have inflicted on victims.

I intend to turn this on. Unfortunately, my wife is still using a 6S. Be nice if this was added as a security update for older phones. What I really like to see is the ability to just brick the phone from another device instead of worrying if someone figured a work around. Turn on Stolen Device, click a box and the phone is dead. Be useful if it gets stolen when you’re on vacation where the odds are you’ll never see it again.

Will we able to turn it on from our watch or do we have to log into a computer or another device?

I seriously doubt that will ever be an option. It’s designed to protect immediately after the iPhone is stolen. A thief in possession of your passcode will have already taken control of it, preventing you from enabling protection from a watch, computer or other device. It needs to be activated before stolen.

While I’m glad that Apple will add this, I would still prefer a step further - do not allow resetting the Apple ID password with the device passcode ever. For me this is similar to advanced data protection, which I have turned on: it would allow me to say it’s now my responsibility to protect my Apple ID.

The balance is between security and usability. People are going to end up forgetting their AppleID and not being able to recover it if they can’t use the passcode.

The Stern/WSJ article that started this whole kerfuffle had no good numbers on how often this kind of thing happened (thieves stealing not only the phone but the passcode). It just had a lot of ominously worded statements from police departments, who – as we saw with the NameDrop fiasco – don’t have the greatest tech sense. Absent real evidence that there’s a wave of this going on, I’d rather not have Apple screw the doors shut so tightly that many people have trouble getting in or out.

I agree. But I don’t want the significant location loophole, or the one hour delay, for my account. It could be a third option for advanced users, like me.

Even if it was something that could only be turned on by calling Apple support - fine with me.

By the way, the articles included experiences of real people who had their Apple IDs locked out with this technique, one of whom I believe was finally able to get help from Apple to recover the Apple ID.

I realize you’re replying to @ddmiller’s suggestion that there be an option to disable changing the Apple ID password with just the device passcode, but I think it’s worth noting that there were some numbers. In the first article, the Wall Street Journal names five people who shared their stories, and the implication is that they interviewed more who did not appear in the article. The retired NYC police detective said there were “hundreds” of these sorts of crimes in the city in the past two years.

The second article names two more people and says that the Journal contacted dozens of victims in at least nine US cities.

Given the difficulty of getting hard data on specific types of crimes, the fact that the Journal could dig up that many people feels to me like it’s happening frequently.

More generally, I’m not sure the number of people affected matters. Apple is clearly willing to spend vast amounts of money to track down security vulnerabilities that are used by spyware like Pegasus, to implement features like Lockdown Mode and Contact Verification Key, and to subject the entire iPhone user base to iOS updates that do nothing but fix those bugs. How many people are victimized by Pegasus and the like? I’m sure there are no hard numbers on that either, but I doubt it’s large (though the possible number of targets is probably pretty high). The consequences are very high, but they’re pretty high with these passcode thefts too.

So Stolen Device Protection seems like a great optional feature to add, and I think it would be fine to go further too with the option to block passcode-driven Apple ID password changes as Doug suggests. It would have to be an option and have to clearly inform users that Apple wouldn’t be able to help them recover from a lost password, just as Advanced Data Protection comes with warnings about how Apple won’t be able to help recover data because of the end-to-end encryption.

Ok, I see. Once I activate it, it’s on. I misunderstood how it works. Completely makes sense. Thank You

When I had my iPhone at the Apple Store for a battery replacement, I asked the Genius how many people don’t know their Apple ID and/or password, and he said “A lot.”

I’ll reiterate that I agree with @silbey that there are vastly more people who need the ability to reset their Apple ID with a device passcode than who have their Apple ID stolen in the manner described. It’s an important feature for many people.

Let me amend my original statement – the article has no data that can be checked. The numerical evidence it does have is sourced to police departments (or retired police detectives) asserting things. There’s no way to know if it’s accurate or if it’s genuinely rising. A lot of folks talking about these issues have a vested interest in making the issue look as large as possible, with the result that what they say is not particularly trustworthy.

It’s about security vs. usability. Apple can lock down the iPhone to be intensely secure but at the larger cost that people are going to lock themselves out and not be able to get back in. That latter isn’t as sexy as “crime wave of organized gangs finagling people’s passcodes and then stealing their phones” but it’s a problem too.

In this climate, Apple giving users an option to protect their devices and their cloud lives, is very welcome. It’s not like the cops or the DA are going to put a dent in any of it in the near future. It makes sense entirely to let users not opt in since for some remembering an iCloud user/pass apparently is onerous. But to those of us who prefer to memorize a user/pass but otherwise be able to lock down our digital lives, this should be a very welcome addition — in fact, like @ddmiller, I’d prefer an even stronger (“advanced user”) option for myself.

Some edits above to keep the discussion on topic.

True, but we don’t ask for numbers about how many people are being targeted by Pegasus and the like when Apple introduces other optional features like Lockdown Mode and Contact Key Verification. Apple clearly feels it’s important to protect those high-value targets, and I’m glad that the company is adding this additional optional feature that everyday users can enable—probably with very little inconvenience—to increase their security.

You don’t ask for numbers. I do.

But yes, I think Apple’s handled this moral panic about as well as they could by making it optional in a way that hopefully won’t impact most users.

Perhaps I should say that I don’t expect solid numbers in scenarios like this. I look for them, but they’re seldom available to people outside the collecting organizations, if they exist at all. And when they are available, it’s often worth questioning whether they’re accurate or not, between data collection limitations and institutional agendas. Lies, damned lies, and statistics…

Since so much has been made of the passcode problem, why can’t users rely solely on the faceid? Then thieves could not get access via the passcode they saw you use. My iPhone requires the passcode almost every day. I rarely can use faceid when in a public location. The passcode is such an obvious security threat.

A couple of thoughts…

Is this going to be a requirement on Macs as well? Or are they considered secure enough that this sort of protection is not needed?

Will we still be able to change the Apple ID password on our Macs which may not be able to do biometric authentication?

I have always been amused that when I login to my Apple ID on a device with two factor authentication, the alert for the second factor appears on the same device because it is a trusted device. So if someone manages to steal my device and get in with a passcode, they can try to login to my Apple ID using Safari, and will be asked to verify that it is a genuine login. Does not seem very secure.

PS. If you put a device in for repair, is the repairer going to be able to access the device?

This sounds like a wonderful feature if FaceID works reliably, but for me it does not. Although I appear to successfully set it up at home, my iPhone 10 does not recognize me and I have to use the Passcode. I went to the Genius Bar and it worked for the Genius. They watched while I went through the set up process and in a quick test seemed to work. But back home no luck. If these features were made mandatory I would not be able to use an iPhone. The Genius had no other suggestions.
I did turn off the Require Attention feature thinking that might make recognition easier, but didn’t seem to help

@alanh47gm - Your face doesn’t look like this does it?

No wonder it never works!
/s

Agreed – which is why I have a problem with the original WSJ article. If the data was checkable, I could at least look at the original source and make a partial judgment. The WSJ takes the sensationalist route by not having checkable data but nonetheless taking advantage of our cultural fascination with numbers by invoking vaguely ominous claims.

One of the effects* of making the physical security of cars much stronger was that car-jackings went up because it was almost impossible to steal a car off the street. I’d rather not duplicate that effect for phones.

*https://knowablemagazine.org/content/article/society/2023/understanding-carjacking

An article which, by contrast to the WSJ, does use sources that can be checked.