> I do believe it prevents 99.9% of the theft cases mentioned
I don't believe so, or at least where I am from. This 'only' provides additional protection against cases where thieves know your device passcode. I've had my phone stolen from me twice where they couldn't have known my passcode and couldn't remove it from Find My, and it was never seen again.
They probably stripped the phone down for parts. But there is another theft case where they hold a knife/gun to you and tell you to hand over the password/wipe the phone. Which this update solves.
The other issue could probably be resolved with more aggressive part ID checking. iPhones should just refuse to function if they have a part from a stolen phone.
Even if it prevents reselling the phone, it doesn't prevent the phone from being stolen. It would be a dumb criminal to leave you your phone to allow you to immediately call the police if you've been mugged. Just take the phone, trash it literally placing it in a bin or destroying it or both.
At the end of the day, you still don't have the phone whether the thief profits from it or not. All this will do is prevent criminals up to date with this info to not try to resell it. It does not prevent them from taking/destroying it.
This feature is not really about protecting your device from being stolen. It's about protecting your iCloud account and everything on your device from being compromised when somebody has stolen your device and also has your phone's passcode.
It's an attempt to resolve the fairly widespread iPhone / iCloud social engineering takeover attacks that were documented in great detail by Joanna Stern last year:
> This feature is not really about protecting your device from being stolen.
Once a thief has stolen his 10th iPhone that he can't do anything with, he'll probably be less likely to bother stealing iPhones. If anything it's a liability since it can be tracked as long as it still has some battery.
> Once a thief has stolen his 10th iPhone that he can't do anything with, he'll probably be less likely to bother stealing iPhones. If anything it's a liability since it can be tracked as long as it still has some battery.
Theft isn't just for the whole device, it's also for parts. By making the part market so difficult they essentially create a black market for it in third world countries where just the phone's battery could be worth a day's wages.
That’s why they require that you activate parts as well. Motherboard, screen and face id sensors are useless. The battery isn’t worth much, compared to newer Chinese knockoffs
The screen is still usable no? It just disables true tone IIRC.
A day's wage in Colombia is about $10-15 and people tend to preference and pay more for original parts since the cost of the device is too high to risk. An iPhone X costs close to a month's salary. They even tend to avoid third party cables or chargers as a consequence.
You have a lot of faith in the learning curve of a thief. In my area, the ATT fiber lines have been cut multiple times in the same area multiple times directly impacting my my friend's service. These have been due to the lines getting cut searching for copper. They still haven't learned and it keeps happening.
If you think in the systems of how criminals work, they tend to spend more time stealing things they think will pay off. Taking something that will cost them time and not gain them money will over time bias thieves to not taking iphones.
You can't really prevent "I stole your phone just to cause chaos". What Apple did with Find My was to remove the financial incentive to steal phones. What Apple does with this is protecting your iCloud account from someone who knows your passcode. (I would imagine that most people in relationships know their partner's passcode. Sometimes relationships sour.)
What prevents "I stole your phone just to cause chaos" is the risk/reward profile. Even though your phone is useless to someone that stole it, it's still theft, and you'll still have to face consequences if caught. If the incentive is "I'll be able to buy $1200 worth of shit", then people are probably going to take their chances with getting caught. If it's "I'll get nothing except the satisfaction of smashing someone else's electronics", then most people won't take their chances.
With the whole "knowing your passcode doesn't help" situation, it makes the long tail crimes even more difficult. "Tell me your passcode or I'll shoot you" no longer works, for example. It makes the crime significantly more difficult to commit, and requires committing crimes that carry significantly longer sentences. (Armed robbery turns into kidnapping. You could be looking at the rest of your life in prison for $300 in someone's checking account. Not worth it to most people.)
At the end of the day, there is only so much you can do. The rest is your insurance company's problem. The fewer viable attacks there are against you, and the less often they happen, the less your premiums are. (I actually don't know if there is insurance for this. I should check.)
An interesting scenario I heard was a fellow in, I think, Colombia. He was visiting, and was looking at his phone on the sidewalk. As he was looking at it, a pair of people rode up on a motorcycle or scooter, grabbed it out of his hand, and drove off.
They just got themselves an unlocked phone.
I assume this protects, somewhat, against this by the fact that were the thieves to try and change anything, there's another step of verification necessary than there was before.
And I think it was very clever of Apple to leverage the device location as an ad hoc "2FA". "Something you know, some place you are."
Thieves have been known to steal iPhones not just for the value of the parts but to compromise your entire digital existence. Most online banking transfers only require a 2nd factor from your phone (your saved passwords are already on there).
This is something that I find really interesting. Open-source OCR is lagging behing commercial applications and seeing someone trying ideas is always beneficial. Kudos!!
Agree. I'm getting tired of everyone saying that everything in the 90's was super duper fast and now everything is sluggish with RAM-hoarding tendencies
This is something that the average user fails to understand. One thing is saying I don't care they check on what I visit but once you aggregate enough information, it can become something of a "Big Brother".
With enough DNS data I can assure you I can see when you leave to work, get back, determine the moment when you leave for vacation and no one is home, etc.
Especially in Thailand, where free speech is almost non-existent.
Few months ago there were Twitter user who goes by the name "Anonymous" ("นิรนาม" in Thai) who have been arrested for spreading fake news and being a threat to the country. The Twitter user mainly tweets about topics subjected to lèse-majesté law. He never leave any traces, which leaves question on how officials managed to track him down if Twitter claims they didn't received any requests from our government.
My small group of friend came up with one scenario where official sent a honeypot URL via Twitter DM, then trace him via DNS query logs. This is assuming the scenario where he don't click on random links and using a browser that performs DNS prefetching of sorts. Everyone thought it was unlikely at the time, partly because nobody thought ISP would actually logging all DNS queries.
Apparently, all of us were wrong, at least on the latter.
Just for my understanding: this wouldn't have happened if the user in question would've used a VPN and/or TOR right?
Don't get me wrong, I really don't like this in Thailand and it's absurd that you would even need something like that. As a foreigner visiting Thailand I don't feel that comfortable with my browsing habits. Usually I trust a local provider enough to just browse and not care about what I'm looking up, Thailand is not one of those places and I always use a VPN. (Mostly routed to Singapore)
This was also why everyone believed it's unlikely. Also I don't think Twitter even has DNS prefetching turned on. However now it's revealed that logging is real, us Thais should be worried.
I hope someone takes the opportunity to download the entire database and serve it up as a torrent, because it would make a great source for studying the pictures that can be painted with contemporary ISP surveillance.
EDIT: Forgot to mention that a before and after will be included in the website as it has been mentioned multiple times as a great way of showing what the website does!
Somewhere I had the idea concrete math was a combination of continuous and discrete, but I seem to be mistaken.
"When DEK taught Concrete Mathematics at Stanford for the first time, he explained the somewhat strange title by saying that it was his attempt to teach a math course that was hard instead of soft. He announced that, contrary to the expectations of some of his colleagues, he was not going to teach the Theory of Aggregates, nor Stone's Embedding Theorem, nor even the Stone-Cech compactification. (Several students from the civil engineering department got up and quietly left the room.)"
