Apple Can Kill Your Phone Remotely?

Reading time ~2 minutes

There's been a lot of discussion today about the "new iPhone" that was discovered because some git left it in a Redwood City, California bar. (Un)fortunately, it made it's way to the folks at Gizmodo and it's now a topic of discussion all over the Internet. Given how much Apple likes to control the information about their products, I can't see them intentionally "leaking" the device prior to the official announcement.

There is some benefit to this "leak" in that it cranks up the hype machine to 12. However, this allows a lot of potentially mis-information to be propagated--unchecked by Apple. In general, though, mobile phone manufacturers do not like their products leaked before they are ready for one simple reason: it gives the competition a head start in responding. At least that was the corporate line given to us at Nokia when I worked there :)

The one piece of information that nobody is mentioning in their coverage  is, I think, the most scary. According to the Gizmodo piece, Apple was reportedly able to kill the leaked prototype device remotely. While I can see why such a feature would be beneficial (and maybe Nokia will take the opportunity to copy that feature "with pride"), it raises all sorts of questions: Can Apple remotely kill any iDevice it chooses, not just prototypes? Is the data on the phone recoverable? How "hackable" is this mechanism (i.e. can someone discover this mechanism and hack it for their own purposes)?

As usual, enquiring minds want to know.

Update #1: Numerous people have pointed out both that Apple can remotely disable applications as well as the Remote Wipe functionality that can be activated when a device synchronizes through a Microsoft Exchange server. What I'm talking about is the possibility that Apple can, without a connection to an Exchange server, issue a remote wipe to a device. It's possible that with this prototype device, this did happen through ActiveSync. The thought that Apple could reach into my device and either disable applications or Remote Wipe the device without my knowledge or consent does not sit well with me.

Update #2: And yes, MobileMe does this remote wipe thing as well. So clearly Apple has the capability to do this. It still makes me nervous that a device I've purchased could be wiped at the touch of a button by the company who sold me the product.

How Long is Long Enough for a Password?

As much as we might want to see different authentication methods available, passwords aren't going anyway anytime soon. This means a sign...… Continue reading

Cloudflares with a Chance of Goatse

Published on February 24, 2017

Automation, Orchestration, and The Cloud

Published on January 04, 2017