The purpose is to ensure that intruders don’t get unauthorized access to any iPhone, iPad or iPad Touch to disable Find my iPhone and avoid being tracked through web service by the owner. However, a new bug shows that this step quite easy to skin through and remove the iCloud account. This leaves the person in control to add iCloud credentials and restore the phone.
The video comprehensively demonstrates how the bug in iOS 7/7.1 can be exploited by a hacker. After going to Settings and choosing the iCloud opton, the ‘Find My iPhone’ and ‘Delete Account’ button can be tapped at the same time. Then the correct password for iCloud is required. This can be skipped by holding down the power button at the top and shutting the device normally. After the phone is powered on again, the user goes back to iCloud settings and deletes the account.
The knowledge of this process could allow anyone to easily remove iCloud account, which makes it impossible to track who’s using the device through the service.
Luckily, adding a passcode to the device with a timer will prevent this unauthorized access to iCloud settings, and until Apple does something about it, this is the only way to stay safe.
So do you think that you are safe on your iPhone ?
