iPhones Seized by Cops Are Rebooting, and No One’s Sure Why

return2ozma@lemmy.world to Technology@lemmy.world – 245 points –
iPhones Seized by Cops Are Rebooting, and No One’s Sure Why
gizmodo.com
94

You are viewing a single comment

If this is indeed a security feature I'm about to buy my first iPhone.

CalyxOS and GrapheneOS have this as a feature.

Wouldn't this make your phone reboot all night while you're sleeping?

Just set the time too longer than you would be asleep. So in this screenshot above you could set it to 18 hours and most people at least that I know do not go 18 hours without unlocking their phone at least one time which would then reset the timer.

Yes. Alternatively, you can just.. power it off.

I keep mine on in case of family emergencies, it's also my alarm clock

The only solution would be to simply turn the setting off at night, or have developers add an automatic scheduling option. Of course, you can just set the timer to be longer than your sleep schedule as well, but then you miss out on security.

Iirc phone calls and alarms still work after a reboot in the lock status, it just disables biometric unlock and keeps the filesystem encrypted

Well, funny thing--I was once late for a job because my alarm didn't go off. Guess why? Yep, auto reboot. There was even a notification saying the alarm didn't go off. Very odd behaviour, but that's what happened.

Presumably it doesn't reboot unless it was already unlocked.

Two hours seems extremely low.

On grapheneos it's a setting, 18 hours by default I believe, but adjustable from 10 minutes to 72 hours.

What is the good thing about a phone rebooting?

When you input your password, then your biometrics (faceID, fingerprint, etc) become active. A restart requires you to enter that again. The police can make you put your finger on your phone or look at it, but they can't make you divulge your password without a court order.

There are have also been some exploits that are possible ONLY while the machine is booted and already in that state unlocked state, rebooting relocks all the HW encryption and clears main memory.

Law enforcement have tools to bypass lockscreens and access the data on the device. They use backdoors and exploits, so older phones are more vulnerable. Most exploits only work if the phone has been unlocked at some point since it was booted.

This is why law enforcement keep them powered-on, and in a faraday cage. They are in a state with a better chance of unlock, but have no signal so nobody can remotely find/lock/wipe it.

Don't switch to a privacy-violating platform just for a feature found in open source operating systems.

https://grapheneos.org/features#auto-reboot

Oh yeah, see they've done it perfectly by having it based on the last time you unlocked your screen.

This makes me even more interested in getting a newer pixel with graphene on it. I had the Pixel 3a back in the day, but have been using other devices since then with lineage. But this right here may very well bring me back. The only thing they need to do is have it on by default and set it to like a long time frame like 24 or 36 hours.

Back in the day? I'm reading this on a Pixel 3a.

I had a screen issue with mine after a while where the bottom right hand corner of the screen was trying to separate from the body a little bit and there was like this green line that showed up in the middle of my display. It was annoying as hell. Also, that was before I started only letting my battery charge up to 80% and so my battery was pretty well shot by the time that occurred as well.

On GrapheneOS, it is on by default and set to 18 hours. It makes sense to me to have the default be less than 24 hours.

I agree. I was thinking of 18 hours myself because 12 seems a little bit too short. But 24 or above seems far too long.

It should be, but it appears to be a bug.

Which is really sad quite frankly and if they did add it as a feature it should have a cooldown period of like 48 hours where it reboots twice in that time frame just so that if a cop turned the setting off it would still not help them

apple is not in business to obstruct law enforcement

You say obstruct, I say protect users from totalitarian regimes

Just use a pattern to lock your phone. Police can't do shit if you have that set up.

It's not the lock, it's the fact that phones are usually encrypted after a reboot (to oversimplify). As the article says you have extra security measures to protect a freshly booted phone.