Posts Tagged: stolen
How to turn on Stolen Device Protection on your iPhone to secure your data
Apple’s Stolen Device Protection is a new feature that protects iPhone data and makes it harder for thieves to wreak havoc. Introduced in iOS 17.3, the feature requires a combination of Face ID (or Touch ID) scans and time delays before using payment features or changing account security when the device is away from familiar locations. Here’s precisely how Stolen Device Protection works.
What is Stolen Device Protection for iPhone
Stolen Device Protection takes a bad situation — someone stealing your iPhone — and reduces the chance of it spiraling into something much worse. When activated, the feature will prompt you to perform a biometric scan (Face ID or Touch ID) when you’re away from familiar locations, like home or work. In those situations, it won’t allow you (or an iPhone snatcher) to use your passcode as a backup method. It also incorporates time delays for some security-related features.
The tool may have been inspired by a Wall Street Journal report from early 2023 about an increasingly common practice of thieves spying on users while entering their passcode — right before snatching the phone and taking off.
If the perp has both the phone and its passcode (without Stolen Device Protection activated), they could reset the Apple ID password, turn off Find My, possibly steal payment info or passwords and factory reset the iPhone. If they’re experts, they could theoretically do all that within minutes (if not seconds) before you can log onto Find My and report your device as lost.
With Stolen Device Protection turned on, a thief in the same situation would be largely stymied. Requiring Face ID or Touch ID and time delays would prevent them from accessing your passwords and payment information, changing security features (to lock you out and further hijack your device) and factory resetting it. This gives you precious time to find another device, report your phone as lost in Find My, change your password and file a police report.
How does it work?
Stolen Device Protection requires a biometric (Face ID / Touch ID) scan — without the passcode as a backup option — for the following situations when your phone is away from your familiar locations:
-
Turning off Lost Mode
-
Performing a factory reset (“Erase all content and settings”)
-
Using or stealing saved passwords or passkeys for online accounts
-
Using payment methods saved for “autofill” in Safari
-
Using your phone to activate a new Apple device (Quick Start)
-
Viewing your Apple Card’s virtual card number
-
Applying for a new Apple Card
-
“Certain Apple Cash and Savings actions in Wallet” (examples include transferring money to or from Apple Cash or Savings)
In addition, the following actions require an extra time delay. With Stolen Device Protection activated, if someone away from your familiar locations tried to do anything on the list below, they would have to perform a Face ID (or Touch ID) scan, wait an hour and authenticate again with a second biometric scan:
-
Turning off Find My
-
Turning off Stolen Device Protection
-
Changing your Apple ID password
-
Signing out of your Apple ID
-
Adding or removing Face ID or Touch ID
-
Changing your phone’s passcode
-
Changing Apple ID account security (examples include creating a Recovery Key / Recovery Contact or adding / removing a trusted device)
-
Resetting all the phone’s settings
One thing missing from the list is Apple Pay. Someone with your stolen iPhone and passcode could still make Apple Pay purchases using only your passcode, which isn’t ideal.
How to turn on Stolen Device Protection
Before activating the feature, make sure your device is updated to iOS 17.3 (or higher). Head to Settings > General > Software Update on your iPhone to check for updates and ensure you’re on the latest software. (If your device is stuck on pre-iOS 17 software and won’t update past that, your model is too old to run the latest software.)
Once you’re running (at least) iOS 17.3, do the following on your iPhone:
-
Open the Settings app
-
Scroll down and tap Face ID & Passcode (it will be called Touch ID & Passcode on older models and the iPhone SE)
-
Enter your passcode
-
Scroll down until you see Stolen Device Protection
-
Tap Turn On Protection
If you ever want to deactivate the feature, follow the same steps — except you’d tap Turn Off Protection in step five. It would perform a Face ID or Touch ID scan to confirm the change.
For more on the latest iPhone features, you can check out Engadget’s review of the latest models and our in-depth review of iOS 17.
This article originally appeared on Engadget at https://www.engadget.com/how-to-turn-on-stolen-device-protection-on-your-iphone-to-secure-your-data-182721345.html?src=rss
Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics
Okta had another security incident, this time involving stolen source code
Okta is responding to a major security incident for the second time this year. As first reported by BleepingComputer, Okta began notifying customers earlier today via email of an event that saw an unnamed party steal the company’s source code. In early December, Okta was notified by GitHub of possible suspicious access to its online code repositories. Following an investigation, Okta determined someone had used that access to copy over its source code but that they had subsequently not gained unauthorized access to its identity and access management systems.
In a statement Okta shared with Engadget, the company confirmed it was notifying customers of a recent security incident, and pointed to a blog post it published moments ago. "In early December 2022, GitHub alerted Okta about possible suspicious access to Okta code repositories. We have confirmed no customer data was impacted, nor was there any other customer impact. No customer action is required and the Okta service remains fully operational and secure," an Okta spokesperson told Engadget. "Okta does not rely on the confidentiality of its source code for the security of its services. This event does not impact any other Okta products, and we have been in communication with our customers."
While the damage from the GitHub incident appears minimal, the event was still a significant test of Okta. Following the Lapsus$ breach that saw hackers from the ransomware gang access two active customer accounts, the company admitted it “made a mistake” in handling the disclosure of that data breach. You may recall it took Okta two months to notify customers of what had happened, and one of the things it promised to do in the aftermath of the incident was “communicate more rapidly with customers.” That pledge was put to the test.
Update 4:27PM ET: Added confirmation and comment from Okta.
Apple will reportedly no longer fix iPhones flagged as stolen or missing
Apple technicians will decline to fix iPhones that had been reported as stolen or lost, according to MacRumors. The tech giant has reportedly sent out a memo to Apple Stores and authorized providers not to accept a device for repair if they get a notice on their internal MobileGenius or GSX systems that the phone had been marked as missing. Presumably, that means technicians will check a device's IMEI against the GSMA Device Registry when a customer brings it in for repair.
The GSMA registry is a global database where owners can register their devices' IMEI and designate a status for them, such as whether they'd been lost, stolen or were fraudulently obtained. This move expands Apple's existing policy to decline repairs for devices whose owners cannot disable the Find My iPhone feature. It could discourage more people from buying second-hand devices outside of official and authorized sources in case they unknowingly end up with a stolen unit. That said, users could just as easily go to a third-party repair shop that doesn't care where they got their devices from.
Apple's iPhones have become increasingly cost-prohibitive over the years, giving rise to a market for second-hand units. According to a recent Bloomberg report, though, the tech giant is working on a subscription service for the iPhone and other hardware to make regular upgrades more accessible with monthly fees and no huge upfront costs.
Judge dismisses Genius lawsuit against Google over ‘stolen’ lyrics
Last year, Genius made headlines when it used a "watermark" made up of alternating styles of apostrophes that spelled out "red handed" in Morse code to highlight what it said was Google scraping its annotated lyrics. While the move was clever, it has…
Engadget RSS Feed
Ransomware attacks in US cities are using a stolen NSA tool
Engadget RSS Feed
Millions of dollars stolen in huge ad scam using Android apps
Hundreds of millions of dollars have been stolen through a fraudulent advertising network comprised of over 125 Android apps and websites. A report from BuzzFeed exposed the scheme in which scammers from “We Purchase Apps” took possession of established apps from developers and transferred them to front and shell companies in Cyprus, Malta, British Virgin Islands, […]
Come comment on this article: Millions of dollars stolen in huge ad scam using Android apps
Hackers tried selling celebrity info stolen from Instagram
Engadget RSS Feed
North Korea may have stolen U.S. fighter jet blueprints in a recent cyberattack
In a recent cyberattack, North Korean hackers are said to have stolen “tens of thousands of documents related to the defense industry — including U.S. fighter jet designs.”
The post North Korea may have stolen U.S. fighter jet blueprints in a recent cyberattack appeared first on Digital Trends.