Apple quietly introduced code into iOS 18.1 which reboots the device if it has not been unlocked for a period of time, reverting it to a state which improves the security of iPhones overall and is making it harder for police to break into the devices, according to multiple iPhone security experts.

On Thursday, 404 Media reported that law enforcement officials were freaking out that iPhones which had been stored for examination were mysteriously rebooting themselves. At the time the cause was unclear, with the officials only able to speculate why they were being locked out of the devices. Now a day later, the potential reason why is coming into view.

“Apple indeed added a feature called ‘inactivity reboot’ in iOS 18.1.,” Dr.-Ing. Jiska Classen, a research group leader at the Hasso Plattner Institute, tweeted after 404 Media published on Thursday along with screenshots that they presented as the relevant pieces of code.

  • @NotMyOldRedditName
    link
    English
    -231 month ago

    They usually do have a warrant or it was seized lawfully.

    This is about keeping them out even when it’s lawful.

    • @just_another_person
      link
      English
      431 month ago

      Lawyer. Not true.

      Example: An officer pulls someone over and suspects them of something arrestable. Then says “Do you want me to get your personal belongings from your car?”

      Any person agreeing to this allows them to hold your phone as evidence indefinitely in the US now.

      • @NotMyOldRedditName
        link
        English
        3
        edit-2
        1 month ago

        That’s all lawful.

        They can search you and the area when arrested. They can search the car if they have probable cause that evidence will be in the vehicle

        I said have a warrant or seized lawfully, not nust have a warrant.

        Edit: I didn’t even write what I said I said correctly. Corrected it lol.

        • NιƙƙιDιɱҽʂ
          link
          English
          161 month ago

          Seized or not, they can not force you to unlock your phone via pin without a warrant. They can only force you to use biometrics.

          • @NotMyOldRedditName
            link
            English
            41 month ago

            Right, but this is about them bypassing you entirely.

            They don’t need your fingerprint or pass code if they can bypass it themselves. This feature protects you when they’ve seized it lawfully which can be for many reasons.

            • @[email protected]
              link
              fedilink
              English
              91 month ago

              Or even if they’ve seized it unlawfully. Or if it’s been stolen by a regular thief, a cybercriminal, the mafia, or a cartel.

              • @NotMyOldRedditName
                link
                English
                01 month ago

                I’m not sure how much it would actually help for a regular thief.

                This is about protecting it against more sophisticated attacks. But the rest probably have those means if wanted.

            • umami_wasabi
              link
              fedilink
              English
              71 month ago

              It is their job to find evidences, not my resposibility to provide them.

              • @NotMyOldRedditName
                link
                English
                11 month ago

                I’ve never said otherwise.

                It’s their job to find a way to hack into the phone.

                This feature makes that even harder.

          • @just_another_person
            link
            English
            31 month ago

            Other people answered, but to your point, in some cases THEY CAN compel without a court order.

            Biometrics don’t conform to certain laws, and it gets even more complicated if you’re entering the US through customs. They can practically hold you indefinitely if you don’t comply. Whether you have legal representation is sort of an after thought.

    • @NateNate60
      link
      English
      31 month ago

      The police can engage in rubber-hose cryptanalysis. In many countries, it’s legal to keep a suspect in prison indefinitely until they comply with a warrant requiring them to divulge encryption keys. And that’s not to mention the countries where they’ll do more than keep you in a decently-clean cell with three meals a day to, ahem, encourage you to divulge the password.

      • @NotMyOldRedditName
        link
        English
        2
        edit-2
        1 month ago

        That’s what you need distress codes for.

        Destruction of evidence is a much different crime.

        I would suspect it’d no longer be legal to hold them indefinitely and instead at best get the max prison sentence for that crime instead.

        A us law website says that’s no more than 20y as the absolute max, and getting max would probably be hard if they don’t have anything else on you.

        You’d have to weigh that against what’s on the device.

        Also, even better if the distress code nukes the bad content, and then has a real 2nd profile that looks real, which makes it even harder to prove you used a distress code.

        • @NateNate60
          link
          English
          21 month ago

          In most cases, destroying evidence will result in an adverse inference being drawn against the accused. It means that the court will assume that the evidence was incriminating which is why you destroyed it.