> make it so that the phone cannot be turned off by the power switch on the device itself.
I used to have the same idea [1], having been a victim of theft and robbery myself, but as others in that thread pointed out, it would be trivial for thieves to take out the SIM, or to wrap it up in something that blocks all signals.
I think a better way might be to introduce a PANIC MODE; a special state that could be activated with a predefined fingerprint or PIN, different from the ones you use for unlocking. Say your left pinky.
In Panic Mode, the device would present a "fake" environment, which allows most operations but:
* Keeps the device secretly powered on even after being powered off.
* Regularly connects to open networks AND also transmits an SOS to all nearby Apple devices, to use THEIR network and transmit its location to Find My Phone.
* If not powered off, defaults to an easy passcode, like 0000 or 1234, and disables lockout protection for invalid retries.
* When unlocked, presents a home screen that looks identical to a freshly installed OS, with empty or random Notes, Contacts, Calendar etc.
* Allows calls to any local number, but for a duration of one minute only, so the networks can aid law enforcement in tracking it as well.
----
TL;DR: Make the device appear unsecured to the thieves, so they don't have to force the owner to remove all protections, and entice them to keep using it normally for as long as possible while secretly and aggressively tracking them.
You're not fooling any thieves. They knew it was a legit stolen phone that was PIN-locked when they stole it. A faked "fresh install" isn't going to trick them into using the phone.
iPhone thefts will decrease when thieves know that the iPhone that they just stole is going to get them caught.
I understand that some don't like the privacy implications of a phone that can be forced into spy mode with Apple ID credentials. Fine. Give the user the option to disable this functionality on the device (and only on the physical device). Users that don't want it can disable it in their settings and the phone will act just like the phones do today when stolen, regardless of what happens on the iCloud side.
It would still make a big difference where I live, where most phones are taken at gunpoint, and later sold for their screen, battery and shell if nothing else, unless you were walking down a particularly deserted neighborhood, in which case the muggers will make you unlock the phone and remove the passcode/fingerprint.
However, many don't know about iCloud/Find My Phone yet, and it requires an internet connection to disable anyway, which most people don't have outdoors, here.
Some kind of "fake mode," filled with random data, would also help with government coercion in, ahem, the more civilized countries.
What if your phone hangs (input/touch ID stops responding too). You have to resort to a forced shutdown. If that requires a password, how would you reset the phone while you are travelling ?
A 'forced shutdown' (by holding the Power and Home button for 8+ seconds) does not simply shutdown the device. Rather, it forces a reboot, which would not effect the security implications of requiring a passcode to fully power off.
I used to have the same idea [1], having been a victim of theft and robbery myself, but as others in that thread pointed out, it would be trivial for thieves to take out the SIM, or to wrap it up in something that blocks all signals.
I think a better way might be to introduce a PANIC MODE; a special state that could be activated with a predefined fingerprint or PIN, different from the ones you use for unlocking. Say your left pinky.
In Panic Mode, the device would present a "fake" environment, which allows most operations but:
* Keeps the device secretly powered on even after being powered off.
* Regularly connects to open networks AND also transmits an SOS to all nearby Apple devices, to use THEIR network and transmit its location to Find My Phone.
* If not powered off, defaults to an easy passcode, like 0000 or 1234, and disables lockout protection for invalid retries.
* When unlocked, presents a home screen that looks identical to a freshly installed OS, with empty or random Notes, Contacts, Calendar etc.
* Allows calls to any local number, but for a duration of one minute only, so the networks can aid law enforcement in tracking it as well.
----
TL;DR: Make the device appear unsecured to the thieves, so they don't have to force the owner to remove all protections, and entice them to keep using it normally for as long as possible while secretly and aggressively tracking them.
[1]: https://news.ycombinator.com/item?id=12058169