Apple's Activation Lock Website Played Key Role in Hack, Perhaps Explaining its Removal
Apple recently removed the Activation Lock status checker from its website, giving no explanation as to why a seemingly useful tool was eliminated. The Activation Lock website was designed to make sure a used device being purchased wasn't locked with Activation Lock, rendering it unusable.
As it turns out, the Activation Lock website was a vital part of a bypass hack used to unlock devices bricked by Activation Lock, perhaps hinting at why Apple shelved it.
The process is demonstrated in the video below. By changing one or two characters of an invalid serial number, hackers are able to generate a valid serial number, using the Activation Lock tool for verification purposes to make sure it's functional. That valid number, which belongs to a legitimate device owner, can then be used to unlock a previously non-functional iPhone or iPad.
The Activation Lock scheme that steals valid serial numbers from existing iOS users potentially explains a mysterious Apple ID bug that's been plaguing iPhone owners for months.
When attempting to activate a new or recently restored device, some iPhone owners have found their devices inexplicably locked to another Apple ID account - one with an unknown name and password. The problem has been affecting iPhone 6s, 6s Plus, 7, and 7 Plus models since September and can only be fixed by Apple.
Apple has not confirmed that the hack shown in the video is related to the Apple ID Activation Lock bug, but as the hack uses valid serial numbers from existing owners, it's a plausible theory. If the two are linked, it explains why the Activation Lock website was shut down so suddenly, and it should put an end to the Apple ID issue.
Introduced alongside iOS 7, Activation Lock has proven to be a successful theft deterrent. It effectively locks an iOS device to a user's Apple ID account and even when wiped, the device will continue to require an original Apple ID and password. Activation Lock is extremely difficult to bypass and has led to complicated hacks like the one in the video above to attempt to get around it.
It's not clear if Apple will provide a new Activation Lock website for customers who used it legitimately, but unless the company comes up with a method to prevent it from being misused, it seems unlikely.
Top Rated Comments
The black market for iDevices is insane. Working at Apple, we saw many resellers every day. Same guy would come in every day with 2 phones that don't turn on, are registered to someone on the other side of the country, and they don't care about the data on the device. Usually they tell some ridiculous story (in very broken english) about how it's their sister's phone and she can't be here, and it got hot and doesn't turn on, yada yada yada...They come in looking to get them swapped for new phones. Somewhere down the line I am convinced that organized crime is involved.
Phones are stolen by petty thieves on the street and out of cars...The thieves sell the phones cheap to people involved in organized crime. The phones are activation locked of course, so they can't just be resold. So they tamper with them and either switch the serial number (shown in this video) or make them unable to power on (usually by damaging certain logic board components.) Bring them to Apple, get them swapped for good new phones, and then re-sell...or better yet, illegally smuggle them back into China without paying taxes and sell them for massive profit. basically iPhone laundering
and yea, the video was not meant to be something the average user can do. But the devices could pay for themselves if say, a wealthy criminal made the initial investment and could easily re-coup with the hundreds of stolen devices he launders