And at the Microsoft Store...
*crickets*
"anyone want a free Lumina 19000? anyone here? hello? Dave, are we open?"
A thief in New York City was able lift more than $16,000 worth of Apple merchandise by dressing up as a store employee. The brazen bloke walked into the SoHo Apple Store location at around 5.30PM on June 1, and took 19 iPhones from the store without being detected. His clever disguise? A blue t-shirt that police said was " …
Again, the networks could do something about that, if they gave a shit.
Don't allow roaming registrations from SIMs issued by networks based in countries that don't participate. The countries concerned would then be looking at either doing something, or having their networks bleed to death from being unable to sell into the corp market.
They were stolen from the repair room. So these were either broken or refurbished then? I doubt nonrepairable phones are given new ones again (usually refurbished) and if so surely the new ones will be stored in the stock room? So if that is what the writedown on a refurb phone is, then what is the writedown on a boxed new one?
If Apple wanted to blacklist them they certainly don't need to wait until you come in for a repair. They can make it so the phone can't even be used at all - the moment it has a network connection and tries to check for software updates, activate or whatever they can brick it with a message "this phone was stolen, call this number for more info" and give them the number for Apple, or the authorities or whoever.
Though for $16,000 in phones it is probably not worth the effort. That's like 20-25 phones, hardly worth bothering about. The effort would be better spent in trying to make sure what this guy does can't be repeated.
Problem with that is that they'd have to know exactly which ones were nicked (and in retail, you never ever trust a stock list someone else made) and any sort of remote bricking for possible stolen units would harm only the current holder of the device - cue class actions for the manufacturer intentionally disabling a handset the current owner purchased for just $50 and didn't have any inkling was stolen, honest.
Inventory stock taking is mandatory for insurance purposes. This was a repair room,they will know the imei and details of each phone in there. Scan what remains and within 20 minutes you will have a list of what was stolen, their imeis blocked and replacents sorted for customers awaiting those repairs.
As for class action, nope. Buy stolen goods and it might be *you* proving you didnt know they were stolen in order to avoid a handling stolen goods rap. Bought it from ebay with the 'says IMEI blocked so selling as spares' might not be a good defence.
"Inventory stock taking is mandatory for insurance purposes."
Oh? Then explain the article El Reg had just last week: Computerised stock management? Nah, let’s use walkie-talkies.
And as noted before, what if they keep the stolen phones in faraday cages until their IMEIs are reprogrammed so that Apple can't see them anymore?
Especially iPhones. Apple will remotely lock them and they will be about as much use as a chocolate fireguard.
IMEI blacklisting notwithstanding, there is simply no point in stealing Apple devices even moreso perhaps than an Android-based one purely for the remote locking facility that's inherently present in Apple devices.. I just don't understand.
"Actually a lot of time the imei is reprogrammed and the phones shipped out of the country and into south america where they fetch more money."
So true. But we can "thank" the manufacturer, this case. I mean, the IMEI is programmed once - so it can be programmed twice. Hence, the thriving business of stolen mobiles.
The IMEI should be "write once, never change again". In hardware, as low level as possible. One idea would be to use two string of bits as a IMEI, but reversed. So, a bit with value "1" in one string should (by hardware) be complemented with a bit of value "0" on the other.
Make it so the that a good bit circuit is read as "1", and a burned one is read as "0". With the XOR approach would be impossible to change an once burned IMEI. And the time to create it would be the same.
No need to enforce it via hardware, it would be pretty simple to make it so the IMEI starts as all 0s, and the code that sets the IMEI checks for all 0s and thus can only be run once.
I assume there's some reason why the IMEI is allowed to change more than once, as that seems to be pretty universal in all phones.
IMEI blacklisting notwithstanding
....and there's the problem. If the networks made even a half-arsed attempt at IMEI blacklisting[1], mobile theft would go the way of the Dodo overnight.
[1] Which would start with actually working out the IMEI last associated and blacklisting it whenever a customer says their phone's been stolen, rather than just cutting a replacement SIM and letting that be the end of it.
Please let there be video footage of this..
I wonder if it was Jayson Street doing a pentest? You may remember him from his DEFCON 19 presentation "Steal Everything, Kill Everyone, Cause Total Financial Ruin!". He does this sort of thing quite a bit. Cheap embroidered polo-shirt, cheesy fake ID and within minutes has the run of the place.
Very true this, and I'm sure Apple will take a leaf out of other manufacturer's books by encoding security measures into all sub-components so that they can't be swapped for fakes. (A bit like the optical drives in XBOX consoles are locked to motherboards etc) Hasn't this already happened to a certain extent with the 3rd-party touch ID sensors?
Given that it costs a pittance even for a cheapy replacement screen, fitted properly, I can't see that their resale value would be in parts. A "genuine" piece of glass is basically indistinguishable (and, in a survey of 500+ iPads and iPhones that have come through my office, no less likely to break - Apple products really are shitty and crack with the slightest drop, yet I've thrown my Galaxy at the floor any number of times - with the dents to prove it).
My repairers also tell me that they are almost impossible to remove without damaging because of the glues and pressures used to put them in there in the first place. It's basically "smash it again and replace it entirely" when they need to do that (misalignments, etc.).
Nope, the second-hand value of a stolen iPhone adequately reflects their real value. Almost nothing. Find-my-iPhone, IMEI blocking, unable to disassemble, and people are incredibly suspicious of Apple products that don't cost the Earth (the biggest giveaway, really).
"Apple products really are shitty and crack with the slightest drop"
Really??? I have owned ( & dropped from ear height onto stone tiles!)) every version of the iPhone from the 3G onwards & not ONE of them has ever had a broken screen. My wife & step daughter have had my hand-me-downs & they haven't managed to break a screen either! The corners of the casing maybe chipped or scratched but no cracks, splits or breakage to the digitiser, LCD or back panel. Same with the iPads (& Surfaces) that we own. The only devices that have suffered screen breaks on dropping 18" onto soft padded carpet were the Samsung Tabs which we soon replaced with Surface's!
Maybe it is because we don't use cases or screen protectors that our devices are still in one piece with same components as were supplied out of the boxes.
"Given that it costs a pittance even for a cheapy replacement screen, fitted properly, I can't see that their resale value would be in parts."
£220 at my local Apple store. Just like literally any other 'fix' to an iPhone costs £220, no matter how trivial. Meanwhile, replacing it yourself really is rather easy, as long as you have an iScrewdriver for their preposterous proprietary screws..
Brand new iPhones maybe targeted buy I heard the opposite is true of ones belonging to people. Since icloud lock was introduced there was a massive drop in thefts and New York was mentioned in the figures. An iPhone with an icloud account on it would have a very low value to sell on as it is impossible to remove.
Given they were taken from a Genius Bar (where the phones go to get repaired), odds are the necessary credentials to unlock them were taken, too. Otherwise, the phones can't be verified fixed. Plus once they're taken, the thieves probably know a way to reprogram the IMEI and/or can then fence them off to foreign parts where blacklisting isn't enforced.
...but you have to hand it to someone with the balls to try this and get away with it!
Just for the kiddies: NO! Stealing is wrong and these are very, very bad men who should be taken out back and have bullets put through their skulls. This is a worse than rape and they need to be taught to never do it again!
So given that it's pretty pointless stealing a phone nowadays as it can be rendered useless, could it be that the thief did this purely to make a point and will courier the phones back to the relevant store in the next few days?
The point made being to pay attention to what is going on and get your face out of whatever screen it happened to be in when this stunt was pulled.
Just a thought.