Apple finally got to making iPhones less of a lucrative target for theft. Thieves who watched you entering your passcode can take over your device and AppleID the way it’s currently implemented.
Only took what, 9 months since that Washington Post article? lol
This tells a lot about iOS security and how much Apple cares about their users privacy and security in general.
Nine months to fix such an important issue? This is a complete joke, especially when there were a lot of people who lost all of their data, memories and more because of this insanity.
This is great! Hopefully 17.3 arrives sooner rather than later.
Should be ready in about 4-6 weeks from now.
Nice, I can turn off the stupid workaround using the screentime passcode when 17.3 is released
Which to my knowledge can be bypassed by going to https://appleid.apple.com/
I don’t seem to be able to log in without my face ID when I have account changes off or on in screen time; trying to log in after it doesn’t see my face gets into a sign-out loop
I just tried myself and it does fall back to the device PIN. You’re not prompted for the PIN you say?
Finally available today
Kinda disappointing, it’s just an “on/off” switch, nothing else to do … LOL.
Perhaps a line could be added which states that Stolen Device Protection requires Find My iPhone to be turned on. (I tried to enable SDP after the update, but I couldn’t because I had Find My off.)
The current recommendation regarding Find My leaves the reader to decide whether they should enable the setting, so it’s not certain that they have this setting on as a prerequisite for SDP.
Good note, I’ll change it to read
If you use biometrics and the Find My Device feature in your Apple ID settings, we recommend enabling this new protection
The Significant Locations service must also be enabled.
Doesn’t bother me personally but it means that the iPhone will be keeping a record of visited locations and how much time is spent there.
I don’t have that active yet I still could enable SDP.
Interesting. According to Apple that should not be possible: “To turn on Stolen Device Protection you must use two-factor authentication for your Apple ID and set up or enable the following on your iPhone: a device passcode; Face ID or Touch ID; Find My; and Significant Locations* (Location Services).”
Yeah I thought so, too.
I just checked again: significant locations are OFF, SDP is ON.
Perhaps this just means that I always have to wait 1h, even when I am at home/work?
Wait man, 9 months of endangering user’s data? Well, thats Apple way of screwing users.
Here’s the answer: https://youtu.be/fLuUoBs_vsA?t=193
Endangering users who…
- Use their passcode in public places without checking whether someone’s watching over their shoulder.
AND/OR
- Didn’t enable the bandaid fix of screentime to restrict passcode changes
Much danger, very good reason to dunk on apple. Not like they’ve got actual issues that are much more worthy of ire, like the whole App Store, for example.