The security experts who had assessed the iOS 18.1 say that a new security feature that was released to users last month can restart a user’s smartphone if it is not unlocked for three days, thereby protecting the device’s data from thieves. The ‘inactivity reset’ feature was introduced in the most recent iOS release, following a recent claim that iPhone handsets confiscated for forensic examination were rebooting themselves.
Law enforcement and forensic professionals were worried that some iPhones were restarting themselves for no apparent reason, making it more difficult for them to gain access to the devices and retrieve data, according to a story published last week by 404 Media. Later, 404 Media revealed that iOS 18 included a new “inactivity reboot” function that made the devices restart, citing security researchers.
A new function called ‘Inactivity Reboot’ was introduced by Apple last week, according to security researcher Jiska Classen. It would cause an unattended iPhone to reboot after a certain amount of time. Along with a demonstration of how it operates, the researcher has now disclosed that the feature is triggered after three days.
The researcher demonstrated an iPhone 14 Pro model running iOS 18.1 in a video uploaded on X (previously Twitter). The device restarted after 72 hours if it was not unlocked. When a smartphone is not in use, the security feature is intended to prevent unauthorised access.
The exact time it takes for this feature to activate is now known.
It was also confirmed that the feature’s timer is 72 hours by Magnet Forensics, a company that sells digital forensic solutions, such as the data extraction tool Graykey for Android and iPhone.
Classen posted on X, “Even if thieves leave your iPhone running for a long period, they won’t be able to unlock it with cheaper, outdated forensic tooling.” Although an inactivity reboot makes it more difficult for law enforcement to obtain data from offenders’ smartphones, it won’t totally shut them out. When working with expert analysts to coordinate steps, three days is still more than enough time.
The ‘Before First Unlock’ (BFU) state is reached when an iPhone reboots; during this time, the encryption keys that are used to safeguard user data are securely kept on the chipset of the device in a safe subsystem known as the Secure Enclave.
There are two distinct states for iPhones that can impact the ability of hackers, forensic specialists, or law enforcement to unlock them by brute-forcing the user’s passcode or obtaining data by taking advantage of security holes in the iPhone software. “Before First Unlock,” or BFU, and “After First Unlock,” or AFU, are the two states in question.
When an iPhone is in BFU state, all of the user’s data is completely encrypted and practically impossible to access unless the person attempting to gain access knows the passcode. On the other hand, even if the phone is locked, some device forensic tools may find it easier to extract data that is unencrypted in the AFU state.
Tihmstar, a security expert, also helped us to understand that as an iPhone security expert, the iPhones in those two states are also known as “hot” or “cold” devices, TechCrunch reported.
Since the user eventually input their proper passcode, which is kept in the memory of the iPhone’s safe enclave, Tihmstar stated that many forensic firms concentrate on “hot” devices in an AFU condition. However, since the memory on “cold” devices cannot be readily retrieved after the phone has restarted, they are much more difficult to compromise.
Law enforcement has been vocally against Apple’s new security measures for years, claiming that they make their jobs more difficult. The FBI sued Apple in 2016 to compel the corporation to provide a backdoor that would allow a mass shooter to unlock an iPhone. Azimuth Security, an Australian startup, eventually assisted the FBI in breaking into the phone.
Additionally, users can activate Stolen Data Protection, a function that was included with iOS 17.3 and requires biometric identification in order to modify crucial iPhone settings. This feature is turned off by default since it makes changing some settings more difficult, but with the impending iOS 18.2 update, customers will reportedly be asked to enable it while configuring their iPhone.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
