Apple Watch Lacks Activation Lock, Allows Thieves to Reset the Device Without Entering the Password

[RaduTyrsina]

As you probably know, iPhones and iPads come with the Activation Lock option which prevents thieves from wiping and using a stolen Apple device with a new account. However, as iDownloadBlog website has discovered, the Apple Watch doesn't have this much-needed security feature, thus making it an easy target for thieves,

The Apple Watch has a passcode option that requires a sequence of numbers to be entered every time it's removed from a wrist, but as it turns out, the passcode protects only data. Thus, once a thief gets hold of an Apple watch, he can easily bypass the passcode with a reset.

He can do so by pressing down on the side button of the Apple Watch which brings up the power down options and then perform a force press on this screen to bring up an option to Erase All content and Settings. Have a look at the video from below to see how this can be done:

Furthermore, the Apple Watch is reliant on the iPhone, so there's also no Find My iPhone option to locate a lost or stolen Apple Watch. Apple needs to act fast and introduce stricter security measures in a future version of Watch OS. Who knows, maybe we could see this happen at the upcoming WWDC from next month.

Source: iDownloadBlog

 

[scifan57]

At the very least, a passcode should be required to authorize erasing the Apple Watch.

 

[John903]

My guess is they just didn't include it in the first shipped Watch OS so they could get it out.

 

[androis.ios]

I don't think that stealing an iDevice like stealing the Apple Watch, Apple Watch is chained to the hand. So i think no need to have Activation Lock, Passcode is fine with it.

 

[scifan57]

I don't think that stealing an iDevice like stealing the Apple Watch, Apple Watch is chained to the hand. So i think no need to have Activation Lock, Passcode is fine with it.

Not when the thief can simply erase the Apple watch. The passcode protects only the data on the watch, it cannot stop anybody from erasing your watch and using it themselves. This was the point of the news article.

 

[ardchoille]

Since the Apple Watch needs a paired iPhone to be feature-full, why not just lock the watch to the paired iPhone? Or implement iCloud Activation Lock on the watch? Would either of those be beneficial?

 

[twerppoet]

It's not possible to put iCloud Activation or the other 'Find my iPhone' security features on the watch. It does not have it's own connection to the internet, or iCloud.

Yes, it can connect to wi-fi, but only if the phone it is paired with has previously connected to that particular wi-fi network. By itself it communicates with nothing, and so can not be remotely locked, erased, located, or changed in any way.

If a theft deterrent is implemented, it will have use some other method. Perhaps the iPhone paring/lock thing already suggested. Consider this though, what happens when your iPhone breaks? Now your watch is useless as well, even if you get a new iPhone. Ways around that? Probably. But it will all have to be thought out carefully

Another point is that there is no indication that the Apple Watch is any more likely to be stollen than any other watch. I suppose it is possible that knocking people down and ripping their watch off their arm could be come popular among thieves, but so far it hasn't; even thought expensive watches (or other wrist wear) are hardly a new thing.

If Apple Watch thefts never become a thing, then any special security/locking thing Apple does to the watch could easily be more trouble than it's worth. Activation Lock on the iPhone is accepted because of the high theft rates. If no one stole iPhones then all it would be is a huge inconvenience whenever you try to sell or buy a used phone.


For the most part, this is just the typical blown out of proportion story common in Apple news.

 

[ardchoille]

It's not possible to put iCloud Activation or the other 'Find my iPhone' security features on the watch. It does not have it's own connection to the internet, or iCloud.

Yes, it can connect to wi-fi, but only if the phone it is paired with has previously connected to that particular wi-fi network. By itself it communicates with nothing, and so can not be remotely locked, erased, located, or changed in any way.

If a theft deterrent is implemented, it will have use some other method. Perhaps the iPhone paring/lock thing already suggested. Consider this though, what happens when your iPhone breaks? Now your watch is useless as well, even if you get a new iPhone. Ways around that? Probably. But it will all have to be thought out carefully

Another point is that there is no indication that the Apple Watch is any more likely to be stollen than any other watch. I suppose it is possible that knocking people down and ripping their watch off their arm could be come popular among thieves, but so far it hasn't; even thought expensive watches (or other wrist wear) are hardly a new thing.

If Apple Watch thefts never become a thing, then any special security/locking thing Apple does to the watch could easily be more trouble than it's worth. Activation Lock on the iPhone is accepted because of the high theft rates. If no one stole iPhones then all it would be is a huge inconvenience whenever you try to sell or buy a used phone.


For the most part, this is just the typical blown out of proportion story common in Apple news.

Some very good points made here. As usual, twerppoet, your insights are invaluable.

 

[col.bris]

Great discussion so true.