Why iOS 7’s Activation Lock Is a Disaster Waiting to Happen

By

thing

There’s no question that the iPhone 5S and iOS 7 together make for the best phone ever made.

The din of offhand, dismissive criticism from the Android fan base that Apple never innovates should be silenced, at least for awhile, given that Apple now sells the only dual-tone LED flash; the only 64-bit mobile CPU; the only 64-bit OS; the fastest touch-screen performance phones by far; the only wide-scale deployment of Multipath TCP; and the only useful, usable and widely used fingerprint scanner ever placed on any consumer electronics device.

Yes, there’s plenty of petty grousing. And who knows what competitors will ship tomorrow?

But today, it’s clear that Apple rules the smartphone market.

The Android fan critics now also have to contend with a razor sharp, concise rebuttal to the cacophony of general criticism of Apple by Apple VP Craig Federighi: “New is easy. Right is hard.” He said that after referring to Samsung by saying that Apple “didn’t start opportunistically with 10 bits of technology that we could try to find a use for to add to our features list.” Ouch!

Unfortunately, iOS 7 is going to cause some huge problems that nobody is talking about yet, but will do when the unwanted bricking epidemic starts.

The Looming Activation Lock Crisis

Everybody’s praising iOS 7’s new Activation Lock. And, yes, it’s a great feature.

Activation Lock bricks your iPhone or iPad when you report it lost or stolen with Find My iPhone. Once bricked, the device cannot be used by whomever is in possession of it.

This is a great deterrent for “Apple Picking” crimes where thieves deliberately look for white earbuds to jack Apple devices based on their high re-sale value.

Activation Lock is great, but also introduces new problems. In addition to iPhone and iPad being victimized by theft, these thieves will now sell those devices in their bricked state to users too naive to check for Activation Lock before handing over the money. Yes, theft will go down. But some thefts will now have two victims instead of one.

The problem with Activation Lock is that there is no system for unbricking devices by their rightful owners, no Apple Court of Appeals.

As a result of that, using Activation Lock will become the best way for disgruntled employees to take a parting shot after being fired. They will report their device lost, then turn it in and leave. After that, the company will no longer be able to use the device, even though the company owns it.

Someone I know personally works for a Silicon Valley startup. They recently hired a new employee and bought him a MacBook Pro with Retina. That employee associated the laptop with his own iCloud account (allowing him to do this was a mistake on the part of the company).

Anyway, it didn’t work out and the employee was fired. In retaliation, he remotely wiped the MacBook Pro, and put a firmware lock on it.

So the company went through a time-consuming process of trying to get Apple to unlock it. In the end, they simply said no. Because the laptop was associated with the fired employee’s iCloud account, they would not unlock it.

Apple’s policy is iron-clad. If a device is locked by an associated iCloud account, they will not unlock it unless you know the password to that account — even if you show the receipt proving you are the person who bought it!

They were willing to let a brand new MacBook Pro be bricked forever.

(The story has a happy ending — the company eventually tracked down the employee and convinced him to unlock it.)

Now that Apple is rolling out Activation Lock at Apple scale — we’re talking hundreds of millions of people — mishaps are surely going to happen.

Activation Lock will also be used by a-holes who manage somehow to hack someone’s Apple account. They will impersonate the owner, and use Activation Lock to brick the phone as an evil prank. Usually, hacks can be recovered from. But not hacks that involve Activation Lock. Once they flip that switch, it’s over for those devices.

But here’s the worst part: Forgetting your Apple ID password could mean you and nobody else will ever be able to use your iPhone or iPad again. Apple has industry-standard means by which you can reset your password. Some unknown percentage of people are unable to do this for a variety of reasons.

Apple says this in their iCloud help file for iOS 7 Activation Lock: “If you forget your password and cannot reset it, you will lose access to your Apple ID and may be unable to use or reactivate your device.”

https://support.apple.com/kb/HT5818

So now the hassle of being unable to reset your password comes with it a bricked device, potentially.

All these bricked devices represent a needless environmental problem. Perfectly good gadgets will have to be recycled.

Activation Lock is a powerful new feature. But with great power comes great responsibility. Apple needs to set up some mechanism by which the rightful owners of Activation-Locked iPhones and iPads can un-brick them.

Until they do that, this feature is seriously flawed. Disgruntled employees, hackers and password problems can all prematurely end the useful life of your iPhone or iPad.

(Note: This post was updated to include the story about the MacBook Pro.)

Newsletters

Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.