Whilst nobody wants to lose a gadget, the bigger loss could be its data. So many online services are now tied to email accounts, a phone with a sync’d email account is an easy target
Reported in the Guardian, Rob Freeman video-blogged and documented how he found an iPhone on a train and the challenge in getting it returned to its owner
First up, love Rob. Love his optimism. Would love to think everyone in the world would be more concerned with getting a lost phone back to its owner than keeping or selling it on.
Rob makes a great point of showing how it’s actually quite difficult to get a phone back to its owner. In this case, made more complicated by the phone being stuck in Airplane mode meaning attempts to use the ‘Find my phone’ feature would also fail. In the end, he brute cracks the passcode, powers up the phone on wifi and then has full access to the contents, including the most recent email sent to a Lost Property office containing a contact number to call… one phone re-united with its owner.
The closing tip is not a bad one – consider including your basic contact details on the background for the lock screen, similar to a luggage tag on your suitcase. So if a nice person finds your phone, they can contact you to return it without needing to get past the screen lock. And there are plenty of nice people in the world. But there also some not-so-nice people.
Thanks to the rise of online and mobile services, whilst my phone would be expensive to replace and I would be upset to lose it, its contents are far more valuable and protecting the data a bigger priority. If lost, I would first try calling the phone to retrieve it (note to self: be careful to never leave it in airplane mode except, well, on a plane), but I would be quick to remote wipe and write off the cost of the device. Preventing data theft is far more important than retrieving the hardware. Once it’s been remote-wiped, the home screen would be reset to the default so the closing tip would still fail. Short of laser-etching the case, the options for identifying ownership of the device are limited.
If I found an iPhone that looked lost, I’d probably take it to an Apple store first – they ought to be able to reunite it based on its serial number. (Not such an easy solution for other phones or locations without an Apple store nearby.) And if not, would hand it in a lost property office or the local police station. Or contact Apple and see if they’d be willing to figure it out. But full marks to Rob for persistence and ensuring one lost iPhone was reunited with its owner
It’s a good reminder of how we need to think about what can be done to protect our data. When I tested a Google Nexus phone earlier this year, the one aspect I was most uncomfortable about was the complete lack of ability to remote wipe without installing a third party solution. For business devices – phones and tablets – mobile device management (MDM) software is a must and most of the mainstream enterprise solutions cover the three main platforms: Apple iOS, Google Android and Microsoft Windows phones.
So many online services are now tied to email accounts, a phone with a sync’d email account is an easy target. How quickly could someone take control of your identity because the reset requests are sent to an email account they now have access to? Very quickly. As Matt Honan found out last year under different circumstance. Within one hour, his email account was taken over, his Twitter account used to send out abusive messages. But the ultimate insult? His iPhone, iPad and MacBook were remote-erased in front of his eyes.
- Lost iPHone: the secret to making sure you get yours back – The Guardian (UK), July 2013
- How Apple and Amazon security flaws led to my epic hacking – Matt Honan, Wired, June 2012
Featured image: iStockPhoto