Security experts contracted to attempt to bypass iOS 7’s Activation Lock feature

By , Jul 18, 2013

iOS 7 activation lock

Earlier this year, San Francisco’s district attorney George Gascón met with Apple’s government rep Michael Foulkes to discuss the rising number of iPhone thefts. He felt like the company could be doing more, on a technological level, to thwart these would-be thieves.

Apple responded in a major way. In June, the company introduced a new feature in iOS 7 called Activation Lock, which can prevent thieves from activating a stolen handset without the proper credentials. But while Gascón says he appreciates the effort, he’s not convinced…

CNET has the statement:

“While we are appreciative of the efforts made by Apple and Samsung to improve security of the devices they sell, we are not going to take them at their word,” Schneiderman and Gascón said in a joint statement. “Today we will assess the solutions they are proposing and see if they stand up to the tactics commonly employed by thieves.”

The assessment involves them bringing in experts from the Northern California Regional Intelligence Center to try and bypass the security measures—on both an iPhone 5 and Galaxy S4—and gain access to the devices as if they were someone who had stolen the phone.

From their press release:

“During a meeting today in San Francisco, technical experts – including representatives from the Northern California Regional Intelligence Center (NCRIC) – will be given an Apple iPhone 5 with a new anti-theft security feature known as “Activation Lock” enabled and a Samsung Galaxy s4 with a new anti-theft security feature known as “Lojack for Android” enabled.  The smartphones will be treated as if they were stolen by thieves, and attempts will be made to circumvent the anti-theft features. “

Today’s experiment was announced as part of Schneiderman and Gascón’s Secure Our Smartphone (S.O.S.) initiative. It’s an attempt to protect US smartphone owners from violent theft and thievery referred to as ‘Apple picking,’ which has been on the rise in recent years.

In June, Schneiderman and Gascón said that they were optimistic about Apple’s anti-theft initiative, but warned that they would “reserve judgment on the activation lock feature” until they could prove it worked. Today’s test is an obvious effort to alleviate their concerns.

For what it’s worth, Apple’s upcoming iPhone 5S smartphone, which is expected to launch this fall, is said to have a built-in fingerprint sensor. If true, that would surely add a number of other security features to Apple’s handset that would further help prevent theft.

  • Share:
  • Follow:
  • Abdullah Ahmed

    i got a phone locked of activation lock and somehow they dont accept my ID!! WHAT TO DO

    • Patrick

      only thing in my mind is jumping off a high bridge

      • Abdullah Ahmed

        duuuuude i know my ID but it says wrong! Dafuq apple

      • Dany Quirion

        because youre ID isnt a developper account fail…

      • Ian

        Thanks. If this happens to me, I can ask my friend who helped me for the info… I hope.

      • Indy

        Is the device connected to the Internet? Same thing happened to me saying my Apple ID was incorrect but it turned out it just wasn’t connected to WiFi. iOS 7 should have given me a connection error but it simply just said my Apple ID was incorrect

      • rikomenzies

        What do you mean “Dafuq apple?”

        If you don’t have a registered developer account, you’re not supposed to have the beta. You went and installed a developer’s beta through unsanctioned means. You’re at fault. No one is obligated to help you.

    • ShiinaMashiro

      Congratulations! You had bricked your iphone! Only developers accounts can use this feature, if your account isn’t one and you upgrade to iOS 7you had lost the warranty and bricked your iphone

      • Poison Paradise

        not true. all you have to do is put your iphone in DFU mode (google it) while connected to itunes and you can restore to the current iOS 6.x – apple cant tell if you ever did it and your warranty is valid. unless your phone is older than a year (and you dont have applecare plus) then you are out of warranty anyway. smarty

    • Matheus Lisboa

      You just need to restore it, calm down… it happened to me too

    • Arthur Geron

      I had to do that activation lock too, but it worked for me, and I didn`t have any DEV registered IDID, so maybe you have more than one apple account and just don`t remember which one you used to activate iOS7

    • Johnathan Jennings

      Haha I’m glad you bricked your phone. That’s whst you get for trying to get iOS 7 early. I hope they void your account too.

      • Poison Paradise

        “void your account ” what does that even mean? not possible. I agree that people shouldnt be doing this just for “fun” but that doesnt warrant you wishing ill on others – you must have some personal issue

    • dedegarrido

      You can restore to iOS 6….. ;)

      • ✪ aidan harris ✪

        Even with activation lock?

      • Adil Hussain

        Yeah, because Apple isnt officially ‘signing’ iOS 7, just downgrade to the last official firmware :)

      • dedegarrido

        yeap; you might get in trouble when updating to iOS 7 later, but they will have everything fixed so… it’s all good ;)

      • dedegarrido

        Tip: unplug your device, turn it off, wait for at least 10 sec after it turned off. hold the home button, plug in the cord to the device and the pc/power source; keep holding the home button until you enter recovery mode. connect to itunes and hit restore…. you will be back to iOS 6

      • jeannot beaubrun

        so im running on ios 7.1.1 it will go back if i do this

      • dedegarrido

        no LOL, that was when iOS 7 wasn’t out still…. now its not possible to downgrade.

    • Misti curia

      If its an iPhone 4 you have a chance if its a 4s or 5 its most likely permanently bricked

    • http://www.youtube.com/matthewmspace matthewmspace

      Go back to 6?

    • Mark

      Well of course you can still go back to the latest iOS 6 version (6.1.4), but that stops you from jailbreaking for a while, you will have to wait for the next jailbreak.

  • abdullah575

    Apple iOS 7 it still in BETA !!

    • Guest

      Congratulations, you just figured that out now?

      • Alexander Novarro

        What he wants to say is that it doesn’t make sense to try doing that right now since is still in beta!

      • dedegarrido

        It actually does a lot of sense doing it right now…. it’s in beta, if they find a vulnerability they can launch iOS 7 beta 4 and it’s all good. If they launch the final iOS 7 without testing it, imagine: Someone gets robbed, and the thieve knows how to trick activation lock, apple would be screwed.

      • Alexander Novarro

        no it doesn’t! that way is a unfinished project… finding a vulnerability is much easier! When it’s finished then is the perfect time to start searching!

      • dedegarrido

        LOL…. of course… beta than means there’s nothing to test, and it’s just making the device run the firmware. Well… that’s why android is… android, because there are people like you in there that thing it doesn’t make sense to test things on beta.

      • Fahad Mahmood

        He’s trying to state the fact that they’re already trying to test Activation Lock, even though it’s still in beta.

      • pawfyd

        That’s the correct time to test it. This is what beta stands for.

      • BoardDWorld

        That’s a little daft, as there may well be aspects unfinished. Then they find it and it all blows massively out of proportion on the Internet.

      • Alexander Novarro

        exactly!

  • f96lrs

    take it to apple if it is yours

  • Gerry

    DFU mode + restore *O*

    • dedegarrido

      dude… activation lock = apple ID tied to the device; which means, restore as much as you’d like, to activate the device and use it, you need to enter the “activation’s lock” username and passcode.

      • Anthony Antunez

        Yup. I am running iOS 7 and have DFU Restored and it will ask for your Apple ID both on your iPhone and in iTunes before you sync.

  • Marcus Daniel Houser

    Wouldn’t you just be able to restore your iphone , and then Hackivate it with Sn0wbreeze. with a 6.1.2 or 6.1.3 firmware? I know you can bypass the ‘activation with Sn0wbreeze, and as long as you have 6.1.2 or 6.1.3 firmware it shouldn’t have a problem.

    • ✪ aidan harris ✪

      I’m assuming you have an A4 device since that probably isn’t possible with an iPhone 4S or 5…

      • Marcus Daniel Houser

        A4 is correct, also have a iPhone 5 as well but device shouldn’t make a difference. 6.1.2 and 6.1.3 can both be Hackivated. The question would be instead… If it possible to downgrade or (shift+restore- click on 6.1.2 or 3) then hackivate it. but then I think I just answered my question, because I don’t think it is possible to downgrade a 7.0+ to 6.1.2 or 3 without having the shsh blops.

      • TuNuT

        It still ask you for the ID/Pass after downgrading. Hacktivate is useless once ActivationLock is enabled in iOS 7 & cannot bypass the lockscreen.

      • ElizabethR.

        ok! so bought this iPhone4 from a guy on CraigsList & he already upgraded to iOS7 i knew the phone looked weird however there was nowhere in the settings where I could fx it so i left it as such; now just two days ago a developer block locked me out of my phone. I took it to a phone repair & they downgraded it back to 6.1.3 and then when we turned the device back on it said i needed the apple ID it was an activation Lock’ so even if i take it to Apple or any Phone Repair Place in the planet, there is no way i can Bypass the A.L. without the guy’s info> ? ;(

      • TuNuT

        Pity you! Unless that guy gave you his ID to activate it, there’s no one here can help you even Apple. They might suspect your phone is the stolen one and they will deny to activate it for sure…!

      • ElizabethR.

        even if the UIDI # or whatever is not bad? it’s not reported stolen or losted ;(

    • onebyone_

      or follow this: (need JB )
      -Then head to /private/var/Keychains
      -Move the file named keychain-2.db to other location, e.g. /
      -Then head to /var/mobile/Library/Preferences/
      -Move the file named com.apple.springboard.plist to other location, e.g. /
      -Then you have to kill springboard ( killall SpringBoard if you are in through SSH) or just reboot the phone.

      done!

      • fefrei

        And how exactly is this going to help you activating an unactivated or locked device?

      • onebyone_

        see (need JB = Jailbreak = hacktivation = access to your root folders into your device).

  • Burge

    Love the comments about downgrading ..lol..put it like this . You got a iPhone on iOS 7 or Apple have stopped signing iOS 6 . How do you get past the lock screen that is what there trying to do..the only device that can downgrade from a iOS 7 when it’s released will be the iPhone 4.. And then you will still need your SHSHs .

  • Ghost

    No matter how ur phone being stolen , the culprit can just restore iOS or Android devices factory settings -_-

    • Joseph

      According to the above posts? Apparently not, unless it’s Android, in which case, you can erase the contents with certain tools. I think the point is to use it in conjunction with other tracking software so they can’t use your phone in the meantime.

    • Burge

      That the point you can restore but you can not activate with out the iTunes account password for that device

    • kasolo hilda

      ve tested on iphone5 u cant by pass activation even if you restore ios ….

      This iPhone is currently linked to an Apple ID (t●●●●●@gmail.com). Sign in with the Apple ID that was used to set up this iPhone. am from uganda

      • Ghost

        So it will useless for trade in coz ur iPhone can’t be activated lol

  • Gorgonphone

    it can be done and it will soon be done.

  • http://www.igeeksblog.com/ Jignesh Padhiyar

    This feature is really a pretty good move. How tough and stringent it is is for the hackers to decide and the rest of the world will get to know, thanks to media. But Activation lock is a really smart feature.. more so because it’s a simplification.

  • Leviscus Tempris

    With the finger print scanner just tell the OS that if they enter the home screen without verification of a password or scan to send the user back to the lock screen. No big deal. But that may also not work because I bet they have tied that and it got bypassed.

  • Umr khan

    well if you want ios 7 beta on your device then all you need to do is find the right file for your iphone and download it and once its done. hold shift button and click update “not restore” and then choose the file which you want to install and once its finish, its done so you don’t need developer id for it.