"There is an apparently new iOS 18 security feature that reboots iPhones that haven’t been unlocked in a few days, frustrating police by making it harder to break into suspects’ iPhones

Apple added “inactivity reboot” code in iOS 18.1 that triggers iPhones to restart after they’ve been locked for four days"

    • Zron@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      7 days ago

      Every time the phone reboots, it disables biometric unlocking until the correct pin is entered.

      Most hacking tools that police have access to take advantage of the weaker security found in the biometric unlock mode.

      By randomly restarting, the phone’s storage stays fully encrypted until the correct pin or passcode is entered, which is far more secure as it takes either a brute force attack to guess the correct pin, or a court order compelling the person to provide the pin or passcode.

      Fun fact, in the United States, a pin or passcode is considered private property, and the police can’t legally force you to provide it without a warrant. However, your face or fingerprints are not considered private property, and they can and have used biometrics to unlock phones without user consent or a warrant before.

      If you ever get stopped by the cops, make sure to reboot your phone so they have a harder time finding incriminating evidence.

      • lud@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        7 days ago

        Is it hard to get a court order? I can’t imagine it would be much harder than a house warrant.

      • TenderfootGungi@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        7 days ago

        You don’t have to reboot it. You just have to click the main side button several times (10?). Which you can do by feel.

        • bamboo@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          7 days ago

          This disables biometrics, but doesn’t delete the decryption key in memory. This is sufficient to prevent being compelled to unlock with biometrics, but with the decryption key in memory, it is still possible to access data via an exploit. A full reboot deletes the decryption key until the user enters their pin.