Stop iPhone Thieves from Exploiting Control Center in iOS 7

We’ve already seen a few security exploits pop up in iOS 7, some of which are fairly trivial and others can be pretty serious. However, another security concern has been discovered that’s been right in front of our eyes the whole time. Someone who steals your iPhone can easily prevent you from remote wiping it by putting the device in airplane mode, even while the iPhone is locked with a passcode.

The trick is dead simple. iOS 7 allows you to access Control Center from the lock screen. From here, you can disable airplane mode without even attempting to enter in the passcode to unlock the device. This means that if someone were to steal your iPhone, they could immediately turn on Airplane Mode whether or not the phone has a passcode lock on it, which will completely take the phone off the grid and prevent the owner from locating the stolen device or remote wiping it. The scenario is played out in the beginning of a new video from security research firm SRLabs:

However, there’s a simple fix that you can use to prevent something like this from happening to you if your iPhone ever gets stolen. Simply open up the Settings app and tap on Control Center. You’ll see two options that you can toggle on and off: Access on Lock Screen and Access Within Apps. Make sure that Access on Lock Screen is disabled. This means that crooks won’t be able to access Airplane Mode while the phone is locked.

2013-10-04 13.05.16This trick obviously isn’t foolproof, and it doesn’t guarantee that you’ll be able to successfully locate your stolen phone and remote wipe it, but it could at least buy you some time to log onto iCloud.com on another phone or computer to locate your phone and remote wipe it before the thief eventually gets to a computer with iTunes and wipes it himself, clearing any trace of the phone.

However, there’s another setting that you can enable that will completely erase and wipe the phone after ten failed attempts at entering in a passcode on the lock screen. To enable it, open up the Settings app and navigate to General > Passcode & Fingerprint and scroll to the bottom where it says Erase Data. Enable this feature to have your iPhone automatically wipe itself after 10 failed passcode attempts.

Of course, this won’t magically bring your stolen iPhone back to you, but it’ll at least be another security measure that you can take to make sure that the thief doesn’t get a hold of your personal information that’s stored on your iPhone.

Advertisement

Comments

  1. Louis says

    You can still use Siri to put on airplane mode. You will need to prevent Siri access on the lock screen to prevent airplane mode.

  2. Roy says

    I’m having an issue getting control center to open when swiping up from the bottom of the screen. Takes me at least 20 + swipes. Does anyone know how to fix this? Can a “short cut” icon be created and put on my desktop?

  3. Jhon says

    The process of creating that fingerprint from a photo is so S.F. A common thief will just steal and resell the phone. Noone will spend time and extra-money to create a fingerprint bla bla bla just to re-sell the iPhone with 200-300 $. And there is also the iCloud account. This scenario is for an asshole wich suspect his gf that she is cheating him. Don’t bother doing all this Matrix/N.S.A. stuff – if you suspect her it’s for real allready!

Leave a Reply