"There is an apparently new iOS 18 security feature that reboots iPhones that haven’t been unlocked in a few days, frustrating police by making it harder to break into suspects’ iPhones

Apple added “inactivity reboot” code in iOS 18.1 that triggers iPhones to restart after they’ve been locked for four days"

    • Dave@lemmy.nz
      link
      fedilink
      arrow-up
      23
      ·
      4 days ago

      Its in GrapheneOS(an android custom ROM) if you’re that way inclined.

        • Dave@lemmy.nz
          link
          fedilink
          arrow-up
          6
          ·
          4 days ago

          Ah, I don’t use my personal phone for work stuff or my work phone for personal stuff. GrapheneOS also only supports Pixel phones.

        • Phoenixz@lemmy.ca
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          4 days ago

          If you use your personal phone for work you can do with it whatever the hell you want, it’s your phone. If work requires you to do something they can give you a phone in which tondo that

          • m-p{3}@lemmy.ca
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            4 days ago

            My primary phone is a corporate phone, so no.

            I use an eSIM to have my personal phone number and the work stuff is in a container.

        • Dave@lemmy.nz
          link
          fedilink
          arrow-up
          6
          ·
          4 days ago

          I get that it’s not actually ROM, but this is the normal term used. For example, https://en.wikipedia.org/wiki/List_of_custom_Android_distributions

          This is a list of Android distributions, Android-based operating systems (OS) commonly referred to as Custom ROMs or Android ROMs, forked from the Android Open Source Project (AOSP) without Google Play Services included officially in some or all markets, yet maintained independent coverage in notable Android-related sources.

          Emphasis mine.

      • m-p{3}@lemmy.ca
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        4 days ago

        The encryption key of the device storage is kept in memory while in AFU state for practical reasons, you don’t want to wait for the encryption key to be generated everytime you unlock the device, then wait for apps to restart and sync their data.

        A reboot will discard that key from memory and return the phone back in BFU state, making it much more difficult to extract data from a device.

        https://blogs.dsu.edu/digforce/2023/08/23/bfu-and-afu-lock-states/

  • Ghostalmedia@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    4 days ago

    Last week it was theorized that iOS 18 would reboot after 24 hours if it lost connection from the internet. That would be even better, since it would fuck people trying to work around FindMy.

    • lengau@midwest.social
      link
      fedilink
      arrow-up
      1
      ·
      4 days ago

      Hopefully they’ve implemented it in a way that the phone can still get wiped before initial unlock.

      • Ghostalmedia@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        4 days ago

        Yeah, it will wipe if it’s locked. It wipes as soon as it gets the request from cloud. So immediately if it’s online, or if it’s unable to reach the internet, it wipes once it connects to a cellular or wifi network.

      • Ghostalmedia@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        4 days ago

        Thieves, authorities, crazy ex, anyone.

        FindMy will allow you to remotely secure or wipe the device. But the device needs to be online to get that request to lock or wipe from iCloud.

        • Link@rentadrunk.org
          link
          fedilink
          arrow-up
          1
          ·
          4 days ago

          Surely the user could just take out the SIM card and that would prevent it from ever connecting to the internet?

          Sure it could connect over Wi-Fi still but the chances of it being next to a network it has connected to before are very slim.

              • JWBananas@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                4 days ago

                The last 3 generations of iPhone released in the US do not have physical SIM card slots at all.

                • Ghostalmedia@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  4 days ago

                  Yeah, and a bunch of other manufacturers were quick to follow.

                  I’m still on the fence of whether or not this is a good thing. In this scenario, it’s a pro. Cops or crooks can’t remove a SIM if there is no physical SIM.

          • Ghostalmedia@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 days ago

            That’s my point. People try to keep stolen or confiscated phones from reaching the cloud. Many have proposed a faster auto-reboot for phones that aren’t online. Maybe reducing it from 72 hours to 12 or 24.

    • Zron@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      4 days ago

      Every time the phone reboots, it disables biometric unlocking until the correct pin is entered.

      Most hacking tools that police have access to take advantage of the weaker security found in the biometric unlock mode.

      By randomly restarting, the phone’s storage stays fully encrypted until the correct pin or passcode is entered, which is far more secure as it takes either a brute force attack to guess the correct pin, or a court order compelling the person to provide the pin or passcode.

      Fun fact, in the United States, a pin or passcode is considered private property, and the police can’t legally force you to provide it without a warrant. However, your face or fingerprints are not considered private property, and they can and have used biometrics to unlock phones without user consent or a warrant before.

      If you ever get stopped by the cops, make sure to reboot your phone so they have a harder time finding incriminating evidence.

      • lud@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        4 days ago

        Is it hard to get a court order? I can’t imagine it would be much harder than a house warrant.

      • TenderfootGungi@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        4 days ago

        You don’t have to reboot it. You just have to click the main side button several times (10?). Which you can do by feel.

        • bamboo@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          3 days ago

          This disables biometrics, but doesn’t delete the decryption key in memory. This is sufficient to prevent being compelled to unlock with biometrics, but with the decryption key in memory, it is still possible to access data via an exploit. A full reboot deletes the decryption key until the user enters their pin.