Bypassing a Theft Threat Model
Thieves cut through the wall of a coffee shop to get to an Apple store, bypassing the alarms in the process.
I wrote about this kind of thing in 2000, in Secrets and Lies (page 318):
My favorite example is a band of California art thieves that would break into people’s houses by cutting a hole in their walls with a chainsaw. The attacker completely bypassed the threat model of the defender. The countermeasures that the homeowner put in place were door and window alarms; they didn’t make a difference to this attack.
The article says they took half a million dollars worth of iPhones. I don’t understand iPhone device security, but don’t they have a system of denying stolen phones access to the network?
EDITED TO ADD (4/13): A commenter says: “Locked idevices will still sell for 40-60% of their value on eBay and co, they will go to Chinese shops to be stripped for parts. A aftermarket ‘oem-quality’ iPhone 14 display is $400+ alone on ifixit.”
Donald van de Weyer • April 13, 2023 7:53 AM
The security control for users – activating “Find My” – is not yet active for new, still unsold (boxed) iPhones. Would be interesting to know if Apple has an inventory of individual devices not yet sold that would allow them to identify missing/stolen devices. It’s certainly possible, but will take some effort – say a device can only be activated if it marked as ‘sold’.