Airplane Mode Bug: A serious security issue affecting all iPhones worldwide

I have recently discovered a serious iPhone security issue, and I would like to make it known to everyone.

This issue allows any person who finds a passcode locked iPhone (Not iCloud locked) to reset it as a brand new phone in 2 simple steps!

Let me explain:

While airplane mode is a useful feature that can be accessed from an iPhone’s quick menu, it poses a huge security risk when any user can activate airplane mode and disconnect it from all network connections in a matter of seconds, without security confirmation (no requirement for passcode, touch ID or face ID).

One of the key security software features that comes with all Apple iPhones is the “Find My iPhone” app.
This app allows users to physically locate their Apple devices from any web based device, especially iPhones, when they lose them, by simply logging in to their iCloud account.

The two most common instances of a user losing his phone would be:

1. Misplacing it; or
2. Theft

In any case, if an iPhone is left lying around in public, dropped, misplaced or stolen, being a product of high value, the probability of it being taken by a stranger and not being returned is extremely high.

TWO SIMPLE STEPS:

STEP 1: A random individual who finds the phone may simply swipe up from the locked device to display the control center, turn on airplane mode,

STEP 2: Connect it to any Computer (make sure that it is offline) and reset it as a new device from any PC or Mac with iTunes.

There you go! you may now insert your SIM card into the newly reset device and use it as your own.

Most iPhone users have their devices secured and locked by Face-ID/Passcode/Touch-ID, but this does not solve the fact that any individual who finds a missing iPhone may simply turn on airplane mode and restore it to a new iPhone, posing a huge security flaw in the implementation of “Find my iPhone”.

1. This renders the Find my iPhone app useless: The purpose of the Find my iPhone app is to locate a missing device. As for real world usage, when a phone is missing, it may only take 3 seconds for a person to activate airplane mode and disconnect a phone from the internet permanently, but it takes many minutes for an iPhone user to realize his phone is missing, and an additional few more minutes to enter iCloud/ Find my iPhone using another web based device to activate lock the device using iCloud. If one could disconnect the device from airplane mode BEFORE the owner could iCloud lock it, then he will be able to reset it as a new iPhone using a PC or Mac.
2. This encourages theft of Apple devices: In fact, allowing any individual to turn on and off network settings from the control center without unlocking the iPhone might be the primary reason most users who lose their phones these days are unable to find or retrieve them. iPhone prices have been steadily increasing year on year (over a thousand dollars brand new), and given the high value of Apple devices, this simply lowers the probability of an iPhone being returned to its owner when it is misplaced.

The Solution:

Fortunately, this problem may be easily solved with requiring passcode or identity verification as a security measure when turning on airplane mode or modifying network settings in your new iOS update.
This implementation may also be an effective deterrent to any instances of theft, not just by allowing users to track its real time location, even if it is turned off, as soon as it powers back on, its last known location may be available to the user as long as there is cellular coverage.

With millions of iPhones being misplaced and stolen worldwide each day, I do believe that lost iPhones gross a multi-billion dollar market, with the resale of stolen and lost devices industry ranging from small back alley mobile phone shops to global e-commerce platforms.
The implementation of this simple feature might be able save millions of dollars and create a more secure environment for all iPhone users.

If you are considering buying an iphone in 2020 on the premise that it is more secure than any other phone, think again.