It appears that a bug in iMessage allows texts to be sent to a stolen iPhone, even after a remote wipe and disabling the SIM card, reports Ars Technica.
iMessage, introduced in iOS 5, is similar to RIM's BlackBerry messaging service. It sends text, picture, and video messages over Apple's servers instead of via the carrier's SMS service. This can lower the user's text messaging charges and adds features like delivery confirmation. It also allows users of non-cellular devices, like the iPad and iPod Touch, to send and receive text and picture messages -- as featured in a recent iPod Touch television ad.
According to Ars Technica:
Our attention was drawn to this story by Ars reader David Hovis, whose house was recently burglarized and his wife's iPhone 4S was stolen. According to Hovis, his wife deactivated her iPhone with her carrier, remote wiped it, and immediately changed her Apple ID password—"we picked up a new iPhone the next day, figuring that our insurance would end up paying for it," Hovis told Ars.
For most users, this would be the end of the story. The phone number had been transferred to a new device and the old one had been deactivated; what more is there to say? A lot, apparently, and in the form of iMessages. The thief who stole Mrs. Hovis' iPhone had sold the device to an unsuspecting buyer elsewhere in the state, and the buyer had begun sending and receiving iMessages from the phone as Mrs. Hovis—even though the stolen phone had apparently now been activated under a new number.
Hovis sent messages to new "owner" of his wife's old phone, with the messages going to both the old and new phone, but the other person was uncooperative. He discovered a thread on the MacRumors forums with several readers reporting the same issues.
Apple has not commented on the matter, but it's possible that the iMessage servers permanently links the UDID number of a particular handset to a phone number, so it knows what handset to deliver iMessages to. When the phone is remotely wiped, and a new SIM card installed, the iMessage servers don't update and messages continue to be sent to the stolen phone.
Top Rated Comments
I have been following this issue for a while, and there have been lots of threads about this happening. In some cases users were getting sexually explicit messages from random people.
Apple needs to resolve this problem.
But for this to be a permanent linkage is clearly a design flaw/oversight. The remote wipe should have nuked the UDID from iMessage's server-side database (or where ever the hell it's stored).
Very often it fails to send pictures.. and I end up having to wait a while or e-mail them
I'd also like to know if you can keep requesting a remote wipe - ie. keep erasing the stolen phone over and over again to cause maximum inconvenience for the undeserving new 'owner'.
I recently upgraded to a HTC Titan from a iPhone 4 last week. I did the upgrade through the AT&T .01 WP7 sale. I activated the Titan and when I did that, EVERYONE who still has an iPhone / iPad / iPod Touch who has ever sent me a text message before the switch, they are still going to my iPhone because of iMessaging. The iPhone has no service and no sim card installed. It is only on wi-fi and all of the texts go to it still.
I can send someone a SMS from my Titan and their response goes to my iPhone. It is super annoying and no one knows how to fix it.
IMO this is complete ******** really and it needs to be fixed. Currently I am a slave to this iPhone now :/