Apple Quietly Introduced iPhone Reboot Code Which is Locking Out Cops - eviltoast

Apple quietly introduced code into iOS 18.1 which reboots the device if it has not been unlocked for a period of time, reverting it to a state which improves the security of iPhones overall and is making it harder for police to break into the devices, according to multiple iPhone security experts.

On Thursday, 404 Media reported that law enforcement officials were freaking out that iPhones which had been stored for examination were mysteriously rebooting themselves. At the time the cause was unclear, with the officials only able to speculate why they were being locked out of the devices. Now a day later, the potential reason why is coming into view.

“Apple indeed added a feature called ‘inactivity reboot’ in iOS 18.1.,” Dr.-Ing. Jiska Classen, a research group leader at the Hasso Plattner Institute, tweeted after 404 Media published on Thursday along with screenshots that they presented as the relevant pieces of code.

  • nicerdicer@feddit.org
    link
    fedilink
    English
    arrow-up
    38
    ·
    11 days ago

    Once rebooted, you need to enter your PIN to unlock the phone (and the SIM as well). Before that it is not possible to unlock the phone with biometric credentials (face ID or fingerprint).

    As far as I’m aware, police can force you to hand over your biometric credentials (they can hold the phone to your face to unlock it when you have face ID enabled, or can move your finger to the fingerprint sensor). But they can’t force you to reveal the PIN number.

      • chiliedogg@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        11 days ago

        Yep: but they can’t force you to give them the password because of 5th Amendment protections from self-incrimination.

        And even if they did have the right to tell you to give them the password, they don’t have access if you simply refuse to cooperate. They can get your fingerprints, face ID, or retina scan by force. They cannot extract information from your brain.

        BTW: Lots if phones also have a “lockout mode” that can be enabled that will give you the option to lock it down to password-only without turning it off. It can be good for recording police interactions, because it will continue to record them while they can’t access the contents of the phone if they swipe it from you.

    • LifeInMultipleChoice@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      10
      ·
      edit-2
      11 days ago

      Yeah but that would imply they are bringing the phones to the person multiple times to use their face/finger, or they are keeping the phone active so it never locks, unless they are actively changing the settings to never lock somehow. Seems like an easier fix to just require you to enter your pin to change your lock setting to indefinitely.

      Side note: the last time I was arrested the officer asked me if I wanted to reboot my phone or turn it off before handing it over so I knew they weren’t going to go through it. Was surprised

      • MindlessZ@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        ·
        11 days ago

        The more full reason is that the device is still encrypted prior to first unlock and is harder to extract any information from. As to what you said about police requiring you to enter your PIN, they can’t. You can’t be forced to reveal your passwords/PINs but they can legally force you to unlock biometrics (fingerprint/face ID)

        • LifeInMultipleChoice@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          3
          ·
          11 days ago

          I never said they could require you to enter a pin, my words are often a jumble. I was saying cops actually asked me if I wanted to restart or shut down my phone so I had peace of mind that they wouldn’t go through it.

      • nicerdicer@feddit.org
        link
        fedilink
        English
        arrow-up
        4
        ·
        11 days ago

        I don’t know how the procedere would be executed, but I imagine that police could have the phone present during an interrogation and try to nlock it there (possibly by making you to look at the phone to unlock it, if the phone has been set up to unlock this way). Once unlocked, it would be sufficient to have a peek into the camera roll or messages, until the phone locks again. I don’t know about the law, but I can imagine that if a police officer had a look into your phone, even briefly, it may be held against the one who is being interrogated.

    • EndlessNightmare@reddthat.com
      link
      fedilink
      English
      arrow-up
      3
      ·
      11 days ago

      or can move your finger to the fingerprint sensor).

      Good luck guessing which finger and on which hand. You have 3 tries before a password is required.