iOS 7.1 bug allows to delete iCloud account without password and bypassing Activation Lock - iPhoneHeat

iOS 7.1 bug allows to delete iCloud account without password and bypassing Activation Lock

With iOS 7, Apple introduced iCloud Activation lock feature in Find My iPhone that links your iPhone, iPad or iPod Touch to an Apple ID. The iCloud Activation lock keeps anyone from selling or using a lost or stolen iPhone, iPad or iPod Touch. The thief has to know the login credentials to turn of Find my iPhone or restore the device back to factory settings. The feature was much appreciated, but now it seems that it is not completely secure, with the discovery of an exploit in iOS 7.1 that allows to bypass the whole verification process.

The bug in iOS 7 allowed users to disable Find My iPhone without knowing the login credentials. Apple was quick to fix the bug with iOS 7.1, but now it seems that iOS 7.1 also fell prey to another bug that could allow someone to disable Find My iPhone without knowing the credentials, hence bypassing Apple’s theft prevention feature.

The video embedded below shows how simple it is to bypass the process and remove the iCloud account associated with the device to disable Find my iPhone feature. Once the person in control of the device is able to do this much, he/she then can easily restore the device to its factory settings or may also add their own iCloud account.

http://www.youtube.com/watch?v=Lvbter05UpA

The videos details all the required steps to bypass the security process. First you need to go to Settings > iCloud option and then simultaneously tap on “Delete account” button and the Find My iPhone toggle. That’s the hardest part of the process, all you need is to tap on both the button and the toggle at the same time. When prompted for the correct iCloud password, hold down the power button and shut down the phone. After restart, go back to iCloud settings and delete the account without being prompted for your password. After that you can add another iCloud account, or may even plug your device into iTunes and fresh restore it without any problem.

Fortunately, there’s a solution to prevent such unauthorized deed on your device until Apple fixes this problem: Add a passcode with short or immediate timer. This should prevent anyone from gettings access to the iCloud settings.

iH8sn0w has also released R0bf0rdsn0w – iCloud Activation Lock Bypasser, but there’s a catch in order to get access to it.

via [9to5mac]

16 comments… add one

Leave a Comment