Home Mobile Stolen Device Protection location flaw and fixes

Stolen Device Protection location flaw and fixes

The first thing that I did when I installed iOS 17.3 on my iPhone was enable Stolen Device Protection in Settings. It’s a feature I’ve been excited to test out myself ever since Apple announced it a few weeks ago. Combined with the other anti-iPhone theft protections I used, I figured it would eliminate all my concerns about having my iPhone stolen.

It turns out the Stolen Device Protection does have a flaw you should be aware of. Thankfully, a fix is already available in the iOS 17.4 beta, which I failed to enable initially. While you wait, there’s another fix you can employ in iOS 17.3, and it has to do with the significant locations your iPhone registers. It turns out I had already turned it on.

Stolen Device Protection gives you more time to react to someone stealing your phone by preventing the thief from changing key iPhone settings, including the Apple ID, after obtaining the device. You now have one hour to decide how to proceed.

Stolen Device Protection introduces a Security Delay of one hour between two successful Face ID / Touch ID authentications if the iPhone is not at a familiar location. You have to perform biometric authentication, wait an hour, and then perform the second one to alter key iPhone settings like the Apple ID. 

The default behavior is that the iPhone determines your current location. The thinking here is that a thief would attempt to change the settings soon after stealing the device.

Disabling Stolen Device Protection at an unfamiliar location will require a wait time of one hour. Image source: Chris Smith, BGR

Stolen Device Protection has a serious flaw

But, as ThioJoe observed on Twitter/X, you can’t pick your familiar locations. You can’t set your home and work or any other significant locations where it’s safe to make changes. 

Now, if a thief steals your iPhone at a location you visit frequently, like a bar, they might make changes to the iPhone immediately, even if that means risking spending a few more minutes in the bathroom or the parking lot. But two fixes can prevent this scenario.

Turn off Significant Locations in iOS 17.3

Go to Settings > Privacy & Security > Location Services > System Services > Significant Locations, and you’ll see a list of significant locations. You can disable the service completely. It turns out I already had it disabled, which explains the 1-hour delay I received while testing Stolen Device Protection a few days ago.

ThioJoe also advises clearing the history so the thief won’t be able to reenable Significant Locations. 

However, this fix is problematic if you still want to use Significant Locations. I’d also venture a guess that the feature could be more useful in iOS 18 and later when you might want to use Apple’s AI companion to perform tasks specifically related to your location.

iOS 17.4 has a better fix

As you might know, iOS 17.4 beta 1 is available now. It’s a release I’d skip if it weren’t for one big feature: Support for sideloading. Unfortunately, I found no evidence of sideloading or other DMA-related features in the beta. They’ll probably come much later.

But I did find a new menu for Stolen Device Protection. As you can see in the screenshot, you can tell the iPhone to always require a 1-hour security delay, even at a familiar location.

iOS 17.4 beta 1 brings changes to Stolen Device Protection.
iOS 17.4 beta 1 brings changes to Stolen Device Protection. Image source: Chris Smith, BGR

This setting serves the same purpose as the previous fix. But this time around, you’re not turning off the Significant Locations feature altogether. 

The downside is that you have to wait an hour before making changes to key iPhone settings when you’re at home, at the office, and anywhere else where it’s safe to do so. But it’s a small price to pay for the added peace of mind. 

If you aren’t looking to install the iOS 17.4 beta right now, you can always disable Significant Locations before the final iOS 17.4 build rolls out.



Denial of responsibility! TechCodex is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
DMCA compliant image

Leave a Comment