iPhone Tip: Find it and Wipe – But Can Find My iPhone be used Maliciously?

The Find My iPhone feature of MobileMe is cool, but how easy is it for someone to use it in a malicious way to remotely wipe your iPhone? As easy as getting your MobileMe password. An angry ex-spouse who knows your password could bomb your iPhone from anywhere. The folks at Palm might already be plotting ways to capture passwords for the accounts of Apple executives.

Fortunately if you are within reach of the computer you synced it with, you can restore your personal information and settings, as well as your content, by connecting the iPhone to your computer and restoring it from a previous backup using iTunes. Such an attack on your iPhone would therefore merely be a nuisance. But if you’re traveling without your computer, it could be a damn nuisance. You might want to disable the feature if you have enemies… but then, you won’t be able to find your iPhone if you lose it.

The Find My iPhone feature of MobileMe was well received at the Worldwide Apple Developer Conference, and already stories are surfacing about how useful it is and how folks have found their iPhones using it (such as the hilarious story of three Lego geeks in Chicago confronting a possible thief). If you have lost your iPhone or you think it may have been stolen, and you have already enabled the Find My iPhone feature, you can find its approximate location on me.com. You can also display a message and play a sound on your lost iPhone (a message such as “Please help me find my owner, call me at 415-xxx-xxxx!!”). And if you think the iPhone is stolen and you want to delete all personal information and media on it, you can remotely wipe it, restoring it to factory settings.

To learn more about now to use Find My iPhone, see “Find My iPhone with MobileMe” in Tony’s Free Tips (adapted from my iPhone app, Tony’s Tips for iPhone Users Manual).

The ability to remotely wipe all the data from your lost or stolen iPhone is an innovative way to protect information, and this capability plays well in the corporate world of trade secrets and high finance. As for the rest of us, are we entering a new weird phase of cyber devilry? The fact is, anyone with your MobileMe password can go find your iPhone and remotely wipe its contents.

A key weakness of the feature is that it can be easily disabled by removing the SIM card (if the iPhone thief is that clever). Also, if you contacted your service provider to report your iPhone lost or stolen before using the Find My iPhone feature, the SIM was most likely deactivated by the provider and you would no longer be able to locate, display a message on, or remotely wipe your iPhone. So use Find My iPhone first! For more details, read Apple’s KnowledgeBase article Troubleshooting Find My iPhone and Remote Wipe.

As a parent, I find Find My iPhone to be a remarkable way of keeping tabs on my sons’ locations and leaving them important notes. I can set up more than one iPhone and iPod touch under a MobileMe account, so I can track both my sons’ and my own at the same time. But these family arrangements can turn ugly if everyone in the family knows the password. Be careful out there!

Apple iTunes


Leave a Reply

Your email address will not be published. Required fields are marked *