Apple quietly introduced code into iOS 18.1 which reboots the device if it has not been unlocked for a period of time, reverting it to a state which improves the security of iPhones overall and is making it harder for police to break into the devices, according to multiple iPhone security experts.

On Thursday, 404 Media reported that law enforcement officials were freaking out that iPhones which had been stored for examination were mysteriously rebooting themselves. At the time the cause was unclear, with the officials only able to speculate why they were being locked out of the devices. Now a day later, the potential reason why is coming into view.

“Apple indeed added a feature called ‘inactivity reboot’ in iOS 18.1.,” Dr.-Ing. Jiska Classen, a research group leader at the Hasso Plattner Institute, tweeted after 404 Media published on Thursday along with screenshots that they presented as the relevant pieces of code.

    • NateNate60@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      7 days ago

      The police can engage in rubber-hose cryptanalysis. In many countries, it’s legal to keep a suspect in prison indefinitely until they comply with a warrant requiring them to divulge encryption keys. And that’s not to mention the countries where they’ll do more than keep you in a decently-clean cell with three meals a day to, ahem, encourage you to divulge the password.

      • NotMyOldRedditName@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        7 days ago

        That’s what you need distress codes for.

        Destruction of evidence is a much different crime.

        I would suspect it’d no longer be legal to hold them indefinitely and instead at best get the max prison sentence for that crime instead.

        A us law website says that’s no more than 20y as the absolute max, and getting max would probably be hard if they don’t have anything else on you.

        You’d have to weigh that against what’s on the device.

        Also, even better if the distress code nukes the bad content, and then has a real 2nd profile that looks real, which makes it even harder to prove you used a distress code.

        • NateNate60@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          6 days ago

          In most cases, destroying evidence will result in an adverse inference being drawn against the accused. It means that the court will assume that the evidence was incriminating which is why you destroyed it.

    • just_another_person@lemmy.world
      link
      fedilink
      English
      arrow-up
      44
      arrow-down
      1
      ·
      8 days ago

      Lawyer. Not true.

      Example: An officer pulls someone over and suspects them of something arrestable. Then says “Do you want me to get your personal belongings from your car?”

      Any person agreeing to this allows them to hold your phone as evidence indefinitely in the US now.

      • NotMyOldRedditName@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        3
        ·
        edit-2
        8 days ago

        That’s all lawful.

        They can search you and the area when arrested. They can search the car if they have probable cause that evidence will be in the vehicle

        I said have a warrant or seized lawfully, not nust have a warrant.

        Edit: I didn’t even write what I said I said correctly. Corrected it lol.

        • NιƙƙιDιɱҽʂ@lemmy.world
          link
          fedilink
          English
          arrow-up
          16
          ·
          8 days ago

          Seized or not, they can not force you to unlock your phone via pin without a warrant. They can only force you to use biometrics.

          • NotMyOldRedditName@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            2
            ·
            8 days ago

            Right, but this is about them bypassing you entirely.

            They don’t need your fingerprint or pass code if they can bypass it themselves. This feature protects you when they’ve seized it lawfully which can be for many reasons.

            • catloaf@lemm.ee
              link
              fedilink
              English
              arrow-up
              9
              ·
              8 days ago

              Or even if they’ve seized it unlawfully. Or if it’s been stolen by a regular thief, a cybercriminal, the mafia, or a cartel.

              • NotMyOldRedditName@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                8 days ago

                I’m not sure how much it would actually help for a regular thief.

                This is about protecting it against more sophisticated attacks. But the rest probably have those means if wanted.

          • just_another_person@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            1
            ·
            8 days ago

            Other people answered, but to your point, in some cases THEY CAN compel without a court order.

            Biometrics don’t conform to certain laws, and it gets even more complicated if you’re entering the US through customs. They can practically hold you indefinitely if you don’t comply. Whether you have legal representation is sort of an after thought.