why do you doubt someone would try 10 times? If their goal was to get the phone and use it for themselves then I agree with you, but what I'm more concerned about is someone having access to all of my data. This is a really good feature.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iPhone 2.1: Automatic Secure Wipe after Passcode Failures
- Thread starter MacRumors
- Start date
- Sort by reaction score
why do you doubt someone would try 10 times? If their goal was to get the phone and use it for themselves then I agree with you, but what I'm more concerned about is someone having access to all of my data. This is a really good feature.
It would be hard for children or tipsy friends to reach the ten times. After some tries (I think 5 is the first) the iphone locks itself for 1 min, the 6th wrong try locks it 5 min, the 7th 10 min, and I haven't tried more... but I think it goes like that. So for 10 times, you would have to have the phone a lot of time, and be really insistent.
I think its better than nothing to protect sensitive data if the device gets lost or stolen.
I think its better than nothing to protect sensitive data if the device gets lost or stolen.
It would be cool to have some remote GPS control option. Like either the e-mail location, or live tracking. Be great if you lost your iPhone, but not a good idea to confront someone that stole it on purpose. Or maybe family could locate you if you were trapped somewhere. Heh, it would be nice if there was an app on the iPhone that would e-mail its location daily, or other periodic options.
Overall though, I'd rather not lock my entire phone, but make sure any app with important data to have it's own password. As what if you lose the phone and an upstanding citizen finds it, but because it's locked, no way to find out who owns it to return it.
Overall though, I'd rather not lock my entire phone, but make sure any app with important data to have it's own password. As what if you lose the phone and an upstanding citizen finds it, but because it's locked, no way to find out who owns it to return it.
A phone is just a thing that can be replaced, and with the iPhone's backup, its easy to replicate the information to a replacement. The information on it is what is really valuable to me, if this protects my personal information from being stolen, this is an awesome feature which I will be enabling.
Very nice. It's optional after all, but I for one will use it!
A thief has various ways to get a phone operational if they work at it. But don't give them my passwords and contact info! Heck, even my maternal grandmother's last name would be a good start on stealing my identity!
The fear of accidental erasure wouldn't be that great for me: the phone backs itself up frequently after all.
This is actually very nice peace of mind. There's one app in particular that I use all the time but it makes me afraid if it falls into the wrong hands, because it knows some important passwords. Now I can sleep a little easier.
A thief has various ways to get a phone operational if they work at it. But don't give them my passwords and contact info! Heck, even my maternal grandmother's last name would be a good start on stealing my identity!
The fear of accidental erasure wouldn't be that great for me: the phone backs itself up frequently after all.
This is actually very nice peace of mind. There's one app in particular that I use all the time but it makes me afraid if it falls into the wrong hands, because it knows some important passwords. Now I can sleep a little easier.
I can't validate what pake is saying, but it sounds like it doesn't give a big warning, but it does make it fairly arduous to do this.
Good feature, glad to see it. I'll turn it on as soon as I update to 2.1... albeit that won't be till I can unlock it.
Keep in mind everyone that the "automatic wipe" feature would not affect everyone. For starters, everyone that I know doesn't even lock their phones. So, people who lock their phones are people who have a REASON to lock their phones. And, for those that REALLY have something to hide, they can go a step further and turn on this "automatic wipe" feature. (you might be a govt. regulator having sex with an oil industry employee). And I'm sure those people will remember to regularly back up their phones onto their PCs if they are carrying around such valuable data.
DO YOU LOCK YOUR iPHONE? Take the poll ... https://forums.macrumors.com/threads/561357/
.
DO YOU LOCK YOUR iPHONE? Take the poll ... https://forums.macrumors.com/threads/561357/
.
If the passcode is entered incorrectly too many times, I want my phone to act like a car alarm. It should beep, flash the screen, refuse to mute or power off, and say "This phone is stolen. Grab and hold this person until the police arrive!" at maximum volume, then repeat every 10 seconds.
Of course, if it's just some young kids playing with my phone, that might not be ideal.
Of course, if it's just some young kids playing with my phone, that might not be ideal.
they could implement "Recovery Mode"
There are some really good ideas on here.
I would hope that maybe one could load a settings control that would allow some of this stuff to work.
I like the idea of logging with MobileMe or even iTMS user account, that would push a message to a reported lost phone, that would put the phone in "recovery mode."
It could have a message, something like "please return my lost iPhone. Call me, or drop this off at an AppleStore. (perhaps a cash reward offer option, as well, as mentioned, with or without the owner's name and picture from their contact entry.
And have two buttons.
Green: [Call Me] (undisclosed phone number, dials the "home" listing in the "me" registered contact, or any number in the "me" contact aside from the phone's own number, or a pre-specified alternate emergency contact, set by the owner in the preferences before-hand.
Red: [Unlock] that goes to the number pad with a warning that after 10 failed attempts (ten total failed attempts, regardless of restart or any other activity, not just ten sequential failed attempts, and count reset by other activity) the phone and SIM will be disabled, erased, and only restorable by the account owner's request by Apple or AT&T, or the computer where the master iTunes database resides. It would be bricked, un-restoreable, and worthless otherwise, even to re-sell as stolen property.
By signing up for the recovery mode push service, it could also have a confirmed license agreement for AT&T or Apple to pay a standard cash reward amount to someone who brings in a lost iPhone, and that sum charged to the owners AT&T bill or ITMS account, and the iPhone shipped to the owner's AT&T or ITMS billing address, or cash payable when the phone is picked up from an AT&T or AppleStore location. Optional to the owner at the time of reporting the device lost or stolen, of course. One wouldn't want a rash of people stealing and returning iPhones just to steal the amount of the reward from the owner, through a legitimate channel.
It could also deny computer sync access in recovery mode without the security code, and report itself, it's GPS/Cellular location or even some sort of short video stream, or photo capture interval from the camera, via a connected computer's internet access if connected by sync cable, or report itself via unsecured wireless networks, or cellular data service access, if in range of either one.
It could also, if the owner chooses to report "stolen" rather than simply "lost", for recovery mode, it could report that useage and GPS information to the police agency of the owner's specification. Might make iPhones sour for pick pockets and thieves. It could activate a re-start interval, as well, to keep it's GPS and communications systems up, behind the locked screen. Even if they force it to power down, a time interval like 5 minutes or something, and it would auto-restart, right back into recover mode, until the battery is dead. A powered-down device can't report itself. OR power down in "recovery mode" could be false, and still ping-reporting itself while it remains in low-power mode, and the screen remains off. The battery would probably last a while that way, too. Without screen or audio feedback, how would someone know if it were reporting itself via any available connection? unless someone has a radio frequency sweeper for those frequencies, to detect the radio transmissions. Unless they have it near unshielded speakers, and hear the cell beacon, as iPhones tend to do.
This "recovery mode", with a very slight variation, could also be the standard default configuration in the box, before the iPhone is initialized, as an inventory control measure, to report shop-lifted iPhones that try to get powered up. If people shop-lift, and they DO (a lowlife from West Des Moines got caught doing it A LOT, here in my neck of the woods, it was on Dateline the other night) and the phone reports them to the police when they power it up. Buyers of stolen property can probably point a finger back at who sold it to them, at least, even an ebay user account, or some sort of lead for investigators.
A communications device as versatile as this has lots of potential for security, as well as it's legitimate usage. It can just as easily sour itself to nefarious activity, or report itself when lost.
There are some really good ideas on here.
I would hope that maybe one could load a settings control that would allow some of this stuff to work.
I like the idea of logging with MobileMe or even iTMS user account, that would push a message to a reported lost phone, that would put the phone in "recovery mode."
It could have a message, something like "please return my lost iPhone. Call me, or drop this off at an AppleStore. (perhaps a cash reward offer option, as well, as mentioned, with or without the owner's name and picture from their contact entry.
And have two buttons.
Green: [Call Me] (undisclosed phone number, dials the "home" listing in the "me" registered contact, or any number in the "me" contact aside from the phone's own number, or a pre-specified alternate emergency contact, set by the owner in the preferences before-hand.
Red: [Unlock] that goes to the number pad with a warning that after 10 failed attempts (ten total failed attempts, regardless of restart or any other activity, not just ten sequential failed attempts, and count reset by other activity) the phone and SIM will be disabled, erased, and only restorable by the account owner's request by Apple or AT&T, or the computer where the master iTunes database resides. It would be bricked, un-restoreable, and worthless otherwise, even to re-sell as stolen property.
By signing up for the recovery mode push service, it could also have a confirmed license agreement for AT&T or Apple to pay a standard cash reward amount to someone who brings in a lost iPhone, and that sum charged to the owners AT&T bill or ITMS account, and the iPhone shipped to the owner's AT&T or ITMS billing address, or cash payable when the phone is picked up from an AT&T or AppleStore location. Optional to the owner at the time of reporting the device lost or stolen, of course. One wouldn't want a rash of people stealing and returning iPhones just to steal the amount of the reward from the owner, through a legitimate channel.
It could also deny computer sync access in recovery mode without the security code, and report itself, it's GPS/Cellular location or even some sort of short video stream, or photo capture interval from the camera, via a connected computer's internet access if connected by sync cable, or report itself via unsecured wireless networks, or cellular data service access, if in range of either one.
It could also, if the owner chooses to report "stolen" rather than simply "lost", for recovery mode, it could report that useage and GPS information to the police agency of the owner's specification. Might make iPhones sour for pick pockets and thieves. It could activate a re-start interval, as well, to keep it's GPS and communications systems up, behind the locked screen. Even if they force it to power down, a time interval like 5 minutes or something, and it would auto-restart, right back into recover mode, until the battery is dead. A powered-down device can't report itself. OR power down in "recovery mode" could be false, and still ping-reporting itself while it remains in low-power mode, and the screen remains off. The battery would probably last a while that way, too. Without screen or audio feedback, how would someone know if it were reporting itself via any available connection? unless someone has a radio frequency sweeper for those frequencies, to detect the radio transmissions. Unless they have it near unshielded speakers, and hear the cell beacon, as iPhones tend to do.
This "recovery mode", with a very slight variation, could also be the standard default configuration in the box, before the iPhone is initialized, as an inventory control measure, to report shop-lifted iPhones that try to get powered up. If people shop-lift, and they DO (a lowlife from West Des Moines got caught doing it A LOT, here in my neck of the woods, it was on Dateline the other night) and the phone reports them to the police when they power it up. Buyers of stolen property can probably point a finger back at who sold it to them, at least, even an ebay user account, or some sort of lead for investigators.
A communications device as versatile as this has lots of potential for security, as well as it's legitimate usage. It can just as easily sour itself to nefarious activity, or report itself when lost.
I agree completely. I've only lost my keys ONCE in my whole life ... but therefore I HAVE lost them. I might lose my phone ONCE, but it would be nice to be able to locate it. Perhaps, they could set something up so that I could login to my iTunes account or some type of pswd protected account on the internet to see a map of where my phone is. I could print a map from my home computer or use a friend or family member's iPhone to go find mine. If it turns out that a thief has it, I can call the police and have them come be present with me when I ask for it back. Maybe an honest person found it on the ground and was trying to figure out how to contact me. (I have found 3 cell phones in my life - I turned all of them back in. But of course, those were just regular cell phones and not iPhones. What the heck is anyone going to do with more than one phone? Call yourself? durrrrrr.)
Good idea though!
If the passcode is entered incorrectly too many times, I want my phone to act like a car alarm. It should beep, flash the screen, refuse to mute or power off, and say "This phone is stolen. Grab and hold this person until the police arrive!" at maximum volume, then repeat every 10 seconds.
What if it's an honest person who found your phone and they are going to turn it in, but since it won't shut up, they just toss it in a bush and say "shut up!"
Then my personal information is safely hidden in the bush!
However, I have a better idea. How bout' if Apple lets us define one screenful of text (or maybe text and an image) that is to be displayed when the password is repeatedly wrong. We can put our own message there, giving contact information if we want, offering a reward, chastising an assumed thief, thanking an honest person for returning the phone, or whatever else we want.
Not sure if you guys have a similar system to us in NZ, but if you know the IMEI number of your phone (usually on the box and I always note it down somewhere) you can call the network provider and they can remotely stop any phone with that IMEI from connecting to a network anywhere.....from memory, the GSM network does hold 'shared global' lists of blocked IMEI numbers - this is NOT your SIM number, and NOT your phone number either. Almost a bit like a MAC address for a phone.
You will have to provide the Carrier with your original receipts/proof of purchase, some decent ID, and here in NZ, you also need to fill out a 'stolen item' form at the police station.
Of course, this takes time so with all security matters like this my simple advice is:
1) Do your phone backups regularly
2) PIN lock your phone to hopefully slow down somebody from getting at your data
3) As soon as you realise it's stolen or missing, advise your carrier and ask them to put a block on your SIM card
4) Take the steps above if you wan't to be a really nasty B**tard and make life difficult for them
Just my 2c worth.....
You will have to provide the Carrier with your original receipts/proof of purchase, some decent ID, and here in NZ, you also need to fill out a 'stolen item' form at the police station.
Of course, this takes time so with all security matters like this my simple advice is:
1) Do your phone backups regularly
2) PIN lock your phone to hopefully slow down somebody from getting at your data
3) As soon as you realise it's stolen or missing, advise your carrier and ask them to put a block on your SIM card
4) Take the steps above if you wan't to be a really nasty B**tard
and make life difficult for themJust my 2c worth.....
That is a terrible idea. The nearest Apple store to me is 2 hours away - I don't want to have to waste 4-5 hours just because one of my friends decided to try and guess my passcode.
Weeel...
This is exactly what happens to the Blackberrys in my place of work.
5 goes at the password, then it asks you to type "blackberry" to continue, presumably to differentiate from accidental pocket action!
Then password is displayed in clear text and after the 9th attempt, the user is warned that the next attempt will wipe all data on the handheld.
If this happens, it completely wipes all info and restarts. What you are left with is not a bricked BB, as such, but no personal data is left, just a vanilla Blackberry. Also, as our BBs are using the BB Enterprise Server (BES) you won't even be able to use the device for emails as it will need to be Enterprise Activated which only us in the IT dept. can get done for the user.
What we CAN do is, remotely reset the password for the user, AFTER we have confirmed their identity, so stopping the user from getting an unusable device. The wails of anguish we get from users who have wiped their devices usually when they are in another country, so can't Sync to their machine and go through Enterprise Activation, you wouldn't believe.
Or probably you could!
However, the important thing is that this should render any sensitive information on the BB as NEARLY impossible for a third party to get at. Obviously coercion by a thief COULD gain access, but there is no such thing as total security.
This is exactly what happens to the Blackberrys in my place of work.
5 goes at the password, then it asks you to type "blackberry" to continue, presumably to differentiate from accidental pocket action!
Then password is displayed in clear text and after the 9th attempt, the user is warned that the next attempt will wipe all data on the handheld.
If this happens, it completely wipes all info and restarts. What you are left with is not a bricked BB, as such, but no personal data is left, just a vanilla Blackberry. Also, as our BBs are using the BB Enterprise Server (BES) you won't even be able to use the device for emails as it will need to be Enterprise Activated which only us in the IT dept. can get done for the user.
What we CAN do is, remotely reset the password for the user, AFTER we have confirmed their identity, so stopping the user from getting an unusable device. The wails of anguish we get from users who have wiped their devices usually when they are in another country, so can't Sync to their machine and go through Enterprise Activation, you wouldn't believe.
Or probably you could!
However, the important thing is that this should render any sensitive information on the BB as NEARLY impossible for a third party to get at. Obviously coercion by a thief COULD gain access, but there is no such thing as total security.
Excellent suggestions! I like the idea of a message on the screen telling people to return the phone to the Apple Store, no questions asked, for a monetary reward. The computers at the Apple Store can be set up so that the phone is scanned into the store as a check is printed for the person who turns it in. By scanning the phone into the store, it ensures that a dishonest Apple employee cannot "make it disappear." A manager's authorization would be required. For the person that turned the phone in, LITERALLY no questions beyond "where did you find it" would be asked. The serial number could match it to the owner. Asking where they found it only serves the purpose of removing any confusion from the original owner of how they might have lost it in the first place.
Sounds like a great money earner to me. Steal Iphones and Apple pays you a reward! ;-) No need to unlock, break, recode or anything to it....