Apple’s automatic ‘idle restart’ feature for iPhones could affect thieves and law enforcement

Author:

Apple recently introduced a new security feature with the iOS 18.1 update that was released to users on October 28, and it could be a problem for thieves and law enforcement alike. According to the report, police in the US noticed that some iPhone models kept for forensics were rebooting themselves, making it much more difficult to bypass the smartphone’s security. A security researcher confirmed that the reboots were related to a new feature added in iOS 18.

iOS 18.1 introduces the “Restart without activity” feature on iPhone

According to a report by 404 Media, police in Detroit found that some iPhones in storage awaiting forensics were rebooting, making it difficult to unlock the devices with tools designed to access seized devices.

The paper also cited a Michigan police document that says Apple introduced a feature that allowed the iPhone to “talk” to other devices by sending them a reboot signal. However, this theory was debunked after a security researcher dug into the iOS 18.2 code

Security researcher Jiska ( @jiska@chaos.social ) explained in a post on Mastodon that Apple actually added a feature called “inactive reboot” that doesn’t seem to have anything to do with the phone’s network status. Instead, this feature is designed to reboot any iPhone running iOS 18.1 if it hasn’t been unlocked in a while.

How Apple’s Reboot without Activity Affects Thieves and Law Enforcement

Apple encrypts user data on a smartphone in two states — before the first unlock (BFU) and after the first unlock (AFU). The first is when the iPhone is rebooted and the phone can only receive calls. This is an advanced security mode that lowers when the user unlocks it for the first time, and includes support for Face ID or Touch ID.

The iPhone remains in AFU mode until the next reboot, which means law enforcement officers (or thieves) can use special tools (from companies like Cellebrite or GrayKey) designed to unlock the device and access its contents. However, when an iPhone is in a BFU state, it is much more difficult for these tools to access the device using brute force methods.

This is not the first time Apple has introduced a feature that protects the iPhone from unauthorized access. After the company refused to unlock iPhones for the FBI in 2016 (the FBI ended up using a third party to unlock the phone), the company added a setting that disabled USB debugging on its smartphones.

Categories: Phones

Leave a Reply

Your email address will not be published. Required fields are marked *