| |
| ▲ | phatfish 3 days ago | parent | next [-] | | A Channel 4 documentary reckoned locked iPhones end up in Shenzhen. Because (according to someone they were interviewing) that is the only place that can deal with locked iPhones. People who's phones were stolen got pings from the Shenzhen area before they went dark. They showed location history for at least one. Of course they could just be being stripped for parts, which is probably hard for most places to do at scale and Shenzhen could also deal with. I'm sceptical that the idea of stealing while unlocked really stacks up. It seems it would be hard to keep it unlocked after an e-bike snatch. Then thief would have to stop and reset the Apple ID password before the phone locked (presumably with the access they have to the owners emails), and factory reset the phone before the owner got access to their Apple ID again. | | |
| ▲ | ewoodrich 3 days ago | parent | next [-] | | The fact that seemingly 90% of stolen iPhones end up pinging from Shenzhen months later seems to indicate it's the inevitable top of the pyramid for the vast majority of the stolen phone market. As you mention due to the abundance of highly sophisticated large scale reverse engineering and disassembly capability in a cat and mouse game with Apple's expanding parts serialization. Plus, maybe 1/100 victims fall prey to the various phishing or threatening harassment strategies also associated with Shehnzen pings to remove the iCloud lock giving them full resale value occasionally as additional incentive. So despite the meme that stolen iPhones are "worthless" while locked, the presence of large buyers with demand for unlimited quantities of locked iPhones means that the fence value at the lowest level of the food chain is still more than enough to incentivize rampant theft (even if it were only like $50 to a thief for a $1200 phone, that is worth $200 to a Shehnzen buyer). I'm making the numbers up, but the point is that even if iCloud activation lock and serialization destroys the vast majority of the phone's value it's not enough to truly discourage theft rings selling to wholesale buyers overseas. It just put the humble local neighborhood thief or opportunist reselling on eBay out of business, with the vacuum quickly filled by organized crime. In a world where most people don't carry around cash or valuables that's the best a street level thief is going to do unless you run into the odd person with a Rolex or jewelry with rare actual pawnable value, and it's a bottomless crime of opportunity in a big city or festival/concert/etc so adds up quickly. | | |
| ▲ | FireBeyond 3 days ago | parent [-] | | > activation lock Tangentially, it is utterly trivial to completely bypass Apple MDM, in a manner that breaks nothing, and survives OS upgrades, minor and major. Just requires the right combination of three DNS names at one point of install, and no internet at another, and you will get a completely de-fanged Mac. The only time you need to repeat the process is if you completely erase the SSD. | | |
| ▲ | donkyrf 3 days ago | parent [-] | | Where is this method documented? Because if you aren't full of shit, then I'd like to pressure Apple to fix it. | | |
| ▲ | gregsadetsky 3 days ago | parent [-] | | I found https://github.com/assafdori/bypass-mdm and the bash script does “neuter” 3 domains via /etc/hosts editing But no idea how stable/reliable this it. | | |
| ▲ | donkyrf 3 days ago | parent [-] | | It's unclear that it works around Apple Find My, unclear that it's executable starting with a locked device, or that it's permanent. At this point, I've seen no evidence that FireBeyond's extraordinary claims have any merit. | | |
| ▲ | FireBeyond 3 days ago | parent [-] | | What does Find My have to do with MDM? I have Find My running on this computer (which is unlocked) now. I've upgraded from Monterey to Tahoe without issue (startup that went AWOL). However, you touch on two things - 1) I have no idea (and doubt) that this would bypass a device that has been locked, and 2) newer versions may not be as vulnerable. This computer is an M1, and Monterey can be made to go through a full install process without internet access, as described, but newer versions will not (or they may, but I couldn't find a way to force it with Sonoma or later). That means if I do an erase, I have to do a new Monterey install, and then upgrade (but nothing untoward there, don't have to do iterative updates). |
|
|
|
|
| |
| ▲ | dijit 3 days ago | parent | prev [-] | | I recall the same documentary, but I recall that Stranger Parts used to use locked boards (he lived in Schenzen) for testing, but that they were useless and could not be unlocked by anybody. Of course I have no first hand knowledge myself- but he definitely gave me the impression that they were functionally useless aside from their components. |
| |
| ▲ | ohyoutravel 3 days ago | parent | prev [-] | | Yeah I’m all about repairability, but I’ve found the serialization of components to be quite nice. |
|
