[HN Gopher] Cops suspect iOS 18 iPhones are communicating to for...
___________________________________________________________________
Cops suspect iOS 18 iPhones are communicating to force reboots
Author : tosh
Score : 139 points
Date : 2024-11-07 22:34 UTC (1 days ago)
(HTM) web link (www.macrumors.com)
(TXT) w3m dump (www.macrumors.com)
| solarkraft wrote:
| TL;DR: Cops are likely wrong, iPhone just reboots after being
| disconnected for a while.
|
| The article is kind of confusing about this.
| pmontra wrote:
| What happens if one is in a place with no connectivity for a long
| time? There are areas of the world like that. Periodic forced
| reboots are useless and harmful there. Think about reading ebooks
| offline or following a map with only GPS on.
| cwillu wrote:
| The phone isn't locked in either of those cases, no?
|
| This is only happening on phones that are currently locked, but
| which were previously unlocked since the last reboot.
| askvictor wrote:
| Additionally, this wouldn't require a periodic reboot; only
| one. So, phone in After First Unlock state loses cellular
| connection -> timeout period expires without being unlocked
| -> phone reboots. This process only restarts once the user
| unlocks it _and_ it has re-acquired a cellular connection.
| JumpCrisscross wrote:
| Honestly, this is a solid security feature that I do not
| believe Apple has actually installed.
| duskwuff wrote:
| Actually... it looks like they may have just added
| somethign similar in iOS 18.1. It's based on the phone
| not being unlocked, though, not network activity.
|
| https://chaos.social/@jiska/113447894119816217
| Brian_K_White wrote:
| What great problem do you imagine?
|
| A reboot of a phone is hardly the end of the word, and it's
| trivial and obvious to simply have the trigger conditions be
| slightly less simple and stupid. Like require some user
| activity. Require the pin again or some other reassurance.
|
| What happens if one is in a place with no connectivity? What
| indeed? Nothing much. That's what happens.
| kstrauser wrote:
| > The digital forensics lab that noticed the issue had several
| iPhones in AFU state reboot, including iPhones in Airplane mode
| and one in a faraday box.
|
| You can stop reading there. iOS 18 doesn't add freaking telepathy
| to phones. Whether it's a bug or a new feature Apple added that
| reboots phones under certain circumstances, it's _not_ "iPhones
| communicating to force reboots".
|
| I'm glad HN doesn't allow emoji, but I do wish I could add
| :facepalm: or :eye-roll: here.
| JumpCrisscross wrote:
| Why? This seems like a smart anti-theft measure. (Bunch of
| iPhones in a radio silent environment together, maybe also not
| moving or detecting light.)
| kstrauser wrote:
| Because iPhones can't ping each other when one's inside a
| Faraday cage.
| nobodyandproud wrote:
| You're probably right, but wouldn't intermittent audio
| sidestep a faraday cage?
|
| Edit: I noticed it's "box" and not "cage" but I think the
| same what-if applies here.
| kstrauser wrote:
| Anything's possible, but I am highly skeptical of the
| notion. Their little speakers don't have infinite
| frequency response, and I haven't heard reports of young
| teens saying their phones make weird chirps. Also, why on
| Earth would Apple do this? The notion that iPhone A in
| AFU mode is anxiously listening for iPhone B to come
| along and send it an audio trigger that it should reboot
| is hard to believe. It would be _way_ easier to just tell
| iPhone A to reboot after N hours in AFU mode if they
| wanted to accomplish such a thing. And why would iPhone B
| be sending the "OMG reboot yourself!" audio signal to
| iPhone A in the first place?
| superb_dev wrote:
| They don't need infinite frequency response, and I don't
| think it's unusual to have a frequency response outside
| of human hearing. I know for a fact that Cisco uses
| frequencies outside human hearing to help pair your
| computer to meeting room screens
| bigfatkitten wrote:
| Faraday cages used by law enforcement, such as [1] aren't
| impervious to RF.
|
| They provide enough attenuation to keep phones off the
| cellular network and prevent GNSS from working, but not
| enough to prevent communication with nearby devices via
| Bluetooth or wifi.
|
| [1] https://ramseytest.com/rf-shielded/forensic-enclosure/
| lxgr wrote:
| That sounds implausible.
|
| A Faraday cage is an attenuator, which multiplicatively
| decreases signal strength by some constant (at least
| within a similar frequency band, which Bluetooth and 5G
| can be considered to be).
|
| Unless the forensic lab has additional special shielding
| from cell towers, the received strength of both a
| reasonably close cell tower and a nearby Bluetooth
| transmitter would be pretty similar, so they'd both be
| attenuated similarly.
| JumpCrisscross wrote:
| I assumed they have one cage they toss all the phones in.
| lxgr wrote:
| Ah, then they could definitely communicate with each
| other.
|
| And while I don't expect stock iPhones to do anything
| like what's being suggested in the article, I could see
| custom software activating a "panic mode" based on
| observations that plausibly suggest a device being in
| such an environment.
| bigfatkitten wrote:
| > That sounds implausible.
|
| I can say from experience that it is not.
|
| > A Faraday cage is an attenuator, which multiplicatively
| decreases signal strength by some constant
|
| It's not constant at all. The level of attenuation varies
| greatly based on frequency. For the Ramsey STE3000 I have
| here, it varies by 40dB or more at the frequencies at
| which I've tested it. The enclosure good for around
| -100dB at 700MHz, but only -60dB or so at 2.4GHz.
|
| > (at least within a similar frequency band, which
| Bluetooth and 5G can be considered to be).
|
| Even if you exclude mmWave and consider only the sub-6
| bands, AT&T for example has LTE and 5G bands from 700MHz
| to 3700MHz. They're not similar at all. Worlds of
| difference in terms of propagation characteristics.
|
| > the received strength of both a reasonably close cell
| tower and a nearby Bluetooth transmitter would be pretty
| similar
|
| No, they wouldn't.
|
| On my Pixel 8 Pro right now I'm seeing -93dBm from a
| tower about half a mile down the road (700MHz LTE), and
| -40dBm from the BLE radio in the HVAC controller on the
| wall of this room, about 8 or 10 feet away. That's a 53dB
| difference.
|
| If I put my phone in the box, it attenuates the LTE
| downlink from down the street to well below the thermal
| noise floor. It cannot do the same for BLE; my phone can
| still talk to the HVAC controller from inside.
| Suppafly wrote:
| >It cannot do the same for BLE; my phone can still talk
| to the HVAC controller from inside.
|
| That's surprising, you'd think those boxes would be
| better at blocking signals since that's what they're
| designed to do.
| bigfatkitten wrote:
| They work very well, but it's physically impossible for
| them to be perfect.
| Jtsummers wrote:
| It's the faraday box part in particular. Airplane mode isn't
| a true no-radios mode on iPhone (this is well-known, or
| should be on HN at least). But it does leave cellular radios
| off. Wifi and bluetooth might need to be separately disabled
| and with wifi, at least, it'll turn back on after a while. So
| maybe (being very generous), if bluetooth or wifi is enabled
| or becomes re-enabled, there's a signal between the iPhones
| that causes this reboot behavior.
|
| But how is a device in a faraday box receiving this signal
| and rebooting? And why do they need a signal when they could
| just use their own clocks and determine that it's been X days
| or weeks since last going online and reboot?
| JumpCrisscross wrote:
| > _how is a device in a faraday box receiving this signal
| and rebooting?_
|
| Doesn't need to. Being in a Faraday box is a reasonable
| trigger for a single reboot. That said, the most
| incredulous part of this story is that iPhones can detect
| when they're in a Faraday cage.
| Jtsummers wrote:
| But the claim is that other iPhones in the area are
| _triggering_ the reboot. Setting that claim aside,
| though, how would the device even tell it 's in a faraday
| box versus just out in the woods?
| JumpCrisscross wrote:
| > _the claim is that other iPhones in the area are
| triggering the reboot_
|
| Lack of motion? The information the other phones provide
| are proximity (it's unusual for people to pile their
| phones together), that the radios still work and possibly
| a timeline, _e.g._ if the other phone says "I've been in
| a suspicious state for two days," the first phone can
| change its priors.
| LorenPechtel wrote:
| I could easily see this as a security measure. Give the
| phone a concept of fear of being stolen. Phone, alone,
| continued source of power for an extended period.
| Somebody could have left it on a charger and gone away.
| Phone, continued source of power for an extended period
| and static bluetooth signals from other phones--what's
| going on here? This is very suspicious, turn defenses to
| max. It doesn't need to know the difference between
| thieves trying to thwart it and cops trying to thwart it.
| rolph wrote:
| environmental RF in the woods, vs band specific shielding
| in farady cage.
| LorenPechtel wrote:
| Out there in the woods there's still GPS data. There are
| very few places on Earth outside a faraday cage where you
| can go for a long time without receiving *anything*.
| kstrauser wrote:
| I'm going to go ahead and assert that they can't tell. A
| Faraday cage is just a deliberate construction of a
| situation that happens all the time anyway. Hospitals
| have lots of shielded rooms in and around the radiology
| department. The basement of a steel building is basically
| the same. So is anywhere on a ship. My aged house has
| lath and plaster walls that can simultaneously survive a
| nuclear blast and also block Wi-Fi unless the amp's
| turned up to 11. There's no sensor in an iPhone that
| could tell that it's in a specially-constructed Faraday
| cage instead of a plain old dresser drawer in my bedroom.
| bertil wrote:
| Could the phone detect that they are in a _small_
| conductive box: stronger interference back when they send
| a signal?
| kstrauser wrote:
| I'm not sure if that's possible. What's the difference
| between that and someone sitting their phone on a metal
| cabinet?
|
| I'm even more confident that Apple hasn't spent the
| research hours required to do that reliably, then
| incorporate the electronics and software needed into off-
| the-shelf phones, all to protect criminals from having
| their phones hacked under very specific conditions. That
| seems like a huge money sink.
| JumpCrisscross wrote:
| > _What 's the difference between that and someone
| sitting their phone on a metal cabinet?_
|
| In a zero-signal environment? With other iPhones in very
| close proximity?
|
| You can even measure your false positive rate by timing
| to first successful unlock. If it happens more than once,
| turn down the sensitivity on the feature (or turn it off
| completely).
|
| (Were I designing this feature, I'd let phones in this
| state poll the other phones on how long _they've_ been in
| it.)
| iamjackg wrote:
| Ultrasound?
| threeseed wrote:
| It's a dot zero release.
|
| Could easily just be a memory leak that is accumulating until the
| OS crashes.
| Suppafly wrote:
| >Could easily just be a memory leak that is accumulating until
| the OS crashes.
|
| That would be my assumption since they are storing them in labs
| while trying to crack them under non-normal conditions, so it
| could easily be a memory leak that doesn't happen under normal
| conditions. Either that or its the software they use to mess
| with the encryption causing issues.
| LorenPechtel wrote:
| Or not actually a leak, just overuse. Suppose there's some
| sort of log that accumulates while it's failing to
| communicate. Once it communicates the log gets dumped. Log
| gets too big, software faults, watchdog reboots it.
| m3kw9 wrote:
| This is like the junior QA coming to you and is so sure of
| himself and he think his theory is 100% correct
| JumpCrisscross wrote:
| Is there an audio command you can say to cause Siri to BFU?
| superb_dev wrote:
| "Hey Siri, reboot"?
| j5155 wrote:
| Not an audio command, but even just holding down the volume and
| side buttons to open the power off menu, without actually
| powering off your phone, triggers the same behavior.
| rconti wrote:
| hmmm good one to add to the "before crossing an international
| border" toolkit
| JumpCrisscross wrote:
| > _good one to add to the "before crossing an international
| border" toolkit_
|
| You're in for a bad time refusing to unlock at most
| borders.
| pcl wrote:
| That locks the phone, but a reboot presumably drops a lot of
| in-memory caches, to one degree or another. I don't know
| whether (or how well) iOS zeroes out memory, but I can
| certainly imagine the AFU state is easier to target than the
| BFU state.
| unsnap_biceps wrote:
| Frankly I'm all for phones detecting that they're in an unusual
| state and changing posture to a higher security level.
| izme wrote:
| I very much doubt it. Far more likely to be a memory leak in the
| baseband which is exposed when the devices are unable to talk to
| the cellular network for a period of time.
| thedanbob wrote:
| If that's what's going on, it might be the best example of
| "it's not a bug, it's a feature!" ever.
| bonestamp2 wrote:
| Ya, I'm guessing these cops don't have iPhones because if they
| did they would know that iOS is just buggy. I mean, the last
| time I restarted my iPhone before iOS 18 was when I installed
| the last iOS 17 patch. Since installing iOS 18 I've had to
| restart it twice because it stopped responding.
| layman51 wrote:
| I don't think it's other iPhones that are sending a signal.
| Rather, it's probably a security option that's easy for most
| people to overlook in the Settings app. I have little knowledge
| about iPhone hacking, but I think in the same place where you can
| say "delete my data after 10 failed passcode attempts", you can
| also force ask for a passcode to start using accessories again if
| it's been a long time since it's been unlocked. But I don't think
| I have ever seen anything around rebooting. That sounds like a
| very nice feature though since rebooting apparently is good for
| making sure the phone clears spyware access.
| bigfatkitten wrote:
| I haven't kept up with iOS feature developments, but modern
| Android devices can be configured to lock automatically if they
| go offline.
|
| The purpose of this is to counter a thief putting your phone into
| aeroplane mode to prevent you remote locking or erasing the
| device.
| scosman wrote:
| Sounds like a timer, if not just a crash. Nothing here sounds
| like a the phones are communicating with each other.
| withinrafael wrote:
| iOS 18.1 has a release note about fixing unexpected restarts on
| iPhone 16 and iPhone 16 Pro models.
|
| https://support.apple.com/en-us/121161#a181 (last item)
| moomin wrote:
| You sound right on the money here. Occam's Razor suggests
| they're rebooting for a reason we know about rather than an
| undocumented security feature.
| alsetmusic wrote:
| Cops are some of the greatest "victims" in our society.
| Encryption will make their investigations more difficult.
| They'll be judged first by the basis of the race of their
| suspect and then by the suspected crime. Even bodycams (which
| they're now quick to hail as they're "recording too," when
| people record interactions with their phones) were going to
| impeded their ability to do their jobs.
|
| There are fewer groups with so much power who see themselves as
| downtrodden. I could name others, but that'd be going off-
| topic.
| gruez wrote:
| GrapheneOS has a "reboot after x hours inactivity" feature
| specifically to prevent the scenario mentioned in the story.
| Otherwise leaving a phone powered on is a massive risk,
| especially if cops can keep it charged for months to wait for an
| exploit.
| ls612 wrote:
| Yeah an option to "reboot after not being unlocked for x hours"
| where x is considerably longer than the average time the phone
| would ever be locked under normal circumstances, would be great
| for security.
| colejohnson66 wrote:
| Good thing that's literally what happened here!
| https://chaos.social/@jiska/113447894119816217
| izme wrote:
| Another option is that whatever bug cellebrite was exploiting to
| extract data from iPhones in AFU mode is now subtly not working,
| leading to unexpected reboots when attempting extraction.
| tiahura wrote:
| Great idea. How about reboot if more than 2 hours with no unlock?
| potato3732842 wrote:
| Um, sleep? Make it at least mid teens if not 24+
| tiahura wrote:
| What's the harm if it reboots if you're sleeping?
| Jtsummers wrote:
| Very little, which is why if you enable automatic updates
| on iPhones they try to apply those updates at night while
| the device is locked and charging, when most people are
| sleeping. If you're using the phone it won't activate at
| night and will let you know that it couldn't install the
| update.
| stackskipton wrote:
| Only harm I could see if someone grabs their phone to make
| emergency call and it's rebooting or locked and in their
| sleepy state, have trouble unlocking it.
|
| However, I do think 12 hour "Phone hasn't been unlocked,
| reboot it" seems logical security feature to add.
| Jtsummers wrote:
| You never need to unlock an iPhone to make an emergency
| call (if you mean 911 versus urgently needing to call
| some other number).
| potato3732842 wrote:
| The initial unlock will take a little longer, your apps
| aren't running, etc. Nothing major, still a bit annoying
| though.
| Suppafly wrote:
| Do alarms work on iphones if they are in the BFU state? I'm
| pretty sure they don't on my android, because it hasn't
| even unlocked most of the bootloader if you haven't put
| your pin in.
| Jtsummers wrote:
| Yes. If your iPhone updates over night (as I mentioned in
| another comment, common time for automatic updates or
| just to kick them off manually) your alarm still goes off
| the next day after it restarts.
| LorenPechtel wrote:
| Horrible idea.
|
| I don't have an iPhone, but it's not exactly alien for me to be
| in a situation where I've gone more than a couple of hours
| without touching my phone but while it is doing something
| important: recording where I am. (And, yes, I have fallback
| options, but they aren't nearly as good.)
|
| If you're going to put in an auto reboot either make it long
| enough nobody will trip it while the phone is legitimately
| recording something or make it configurable.
| SanjayMehta wrote:
| "Find My" forms a mesh network with other Macs and iPhones.
|
| Maybe the isolated phone has a feature where it reboots after
| being unable to find a peer?
| paxys wrote:
| This reads more like a chain email forward than an actual
| analysis of the iPhone tech stack.
|
| Fwd: Fwd: READ THIS!!! You won't believe what the iPhone does
| when off network and around other iPhones!!!
|
| > It is believed that the iPhone devices with iOS 18.0 brought
| into the lab, if conditions were available, communicated with the
| other iPhone devices that were powered on in the vault in AFU.
| That communication sent a signal to devices to reboot after so
| much time had transpired since device activity or being off
| network.
|
| The hypothesis doesn't make any sense because the phone doesn't
| need to communicate with other phones to decide to restart/lock
| based on lack of network signal.
|
| > Matthew Green, a cryptographer and Johns Hopkins professor told
| 404 Media that the law enforcement officials' hypothesis about
| iOS 18 devices is "deeply suspect," but he was impressed with the
| concept.
|
| Just about sums it up.
| mmooss wrote:
| Why would the iPhones need to communicate in order to reboot?
| Just detect a lost network connection, add a timer, lack of
| normal user activity, some other signal, ....
| jeffbee wrote:
| It's a good feature. A similar feature just got added to Android,
| too. If the phone loses network, it locks. If the accelerometer
| thinks that the phone has been snatched from your hand, it locks.
| kuschku wrote:
| Btw, is there a way to set Android to automatically reboot at a
| fixed time? That'd only cost like 20 seconds more to unlock in
| the morning but reduce the chance of 3-letter-agencies being
| able to extract the content in AFU state.
| hunter2_ wrote:
| I can't find anything built into my Pixel, but it seems that
| Samsung and others offer it, or otherwise third party apps:
|
| https://www.reddit.com/r/androidapps/comments/1cscmu8/app_th.
| ..
| jeroenhd wrote:
| Looks like Samsung can do it (though they offer it as advice
| to keep their buggy OS working, or to "to prevent it from
| slowing down or freezing" as they themselves put it):
| https://www.samsung.com/ph/support/mobile-devices/restart-
| yo...
|
| My Xiaomi phone had a feature where it would boot the phone
| shortly before any alarms would go off, so you could shut it
| down before bed and barely drain the battery in the mean
| time. Still required manual shutdowns, though.
| mjevans wrote:
| I'd be fine with this, EXCEPT:
|
| 1) Keep the alarm data in an insecure location so that app
| can work before login. (A read only cache is fine)
|
| 2) Let me _choose_ if some other apps can live in the
| insecure storage partition too. E.G. Google Voice comes to
| mind along with any basic carrier integration stuff you'd
| rather just have even on a fully locked phone. (Why GV in
| unlocked? It interacts with the insecure phone network
| anyway, so that's not exactly holding much back. Maybe make
| message history harder to get to with a still locked device.)
| kuschku wrote:
| Apps can already choose to place some data in pre-unlock or
| post-unlock storage, so your alarm or google voice should
| be unaffected.
| mcsniff wrote:
| GrapheneOS has a feature to auto-reboot the device if it
| hasn't been unlocked in X hours.
|
| Set it sufficiently low, and it's a pretty good option to
| ensure keys are evicted and if you use a SIM pin, it's even
| better.
| kuschku wrote:
| That'd be exactly what I need.
|
| Sadly GrapheneOS is only available on recent Pixel devices.
| I know I'm probably the only one that still cares about
| these features, but I won't buy a phone that requires me to
| hot-glue a USB dock to it just to get 3.5mm and microSD if
| I can simply buy a Sony instead :/
| Suppafly wrote:
| >but I won't buy a phone that requires me to hot-glue a
| USB dock to it just to get 3.5mm and microSD if I can
| simply buy a Sony instead :/
|
| That's why I've been sticking with moto phones. I'd
| switch to pixel tomorrow if they made one with an audio
| jack and a micro sd slot.
| jeroenhd wrote:
| There's a difference between locking a phone and entering
| Before First Unlock state. After a reboot and before
| authentication the credentials stored on a phone are locked
| down much more securely, to the point (most) apps can't even
| start in the background.
|
| Locking and disabling biometrics are good ways to add a quick
| layer of protection, but rebooting makes it incredibly
| difficult for exploit kits and other hacking tools to dump the
| contents of a phone's storage.
|
| I'm thinking this may just be a bug (how often does a real
| world iPhone get zero available networks of any kind? Probably
| not enough for that use case to be tested thoroughly for days)
| but with how hard law enforcement is panicking about this,
| maybe it should be a feature. If they care this much, I don't
| think their expensive hacking subscription they've bought is
| working anymore, so it's probably working around some pretty
| bad vulnerabilities in iOS.
| fpoling wrote:
| For me iPhone looses all connectivity on a daily basis. No
| cellular signals are available in the underground parking lot
| that I use.
| toast0 wrote:
| > If the phone loses network, it locks.
|
| Am I the last person who regularly experinces dead zones, or
| does this sound crazy?
|
| There's no need to lock the phone just because I'm on the
| highway at this one spot on the way out of town.
| jeffbee wrote:
| It's a minor inconvenience to reenter your PIN, and it's
| optional and disabled by default. Seems harmless.
| uxjw wrote:
| Maybe designed to help with anti-theft? I already use a shortcut
| automation when airplane mode is turned on to lock my phone and
| turn off airplane mode, as that's the first thing thieves would
| do.
| ruthmarx wrote:
| Savvy thieves would just use a faraday cage case/bag I guess.
| sroussey wrote:
| Sure. Or just power down. No FaceID or password code
| required. Find My may still work though, so thieves do use
| faraday bags.
| zarzavat wrote:
| Savvy thieves would probably choose a different occupation.
| Prisons are full of stupid criminals.
| hunter2_ wrote:
| When you say theft, do you mean by someone with interest in the
| hardware or the data? Assuming hardware, I'm not sure I
| understand why a thief who intends to wipe it anyway would care
| about an auto restart versus normal screen lock. Assuming data,
| that's exactly what the article is about.
| ruthmarx wrote:
| Are thieves really even stealing phones anymore? You can't
| pawn or sell them anymore because they can't just be reset
| and setup with a new account, batteries are becoming
| impossible to remove...all you can really take is the screen
| which isn't really worth much either.
| hunter2_ wrote:
| > can't just be reset and setup with a new account
|
| I know mobile networks keep lists of stolen devices, but
| they can't be used at all? Like all possible recovery modes
| demand authentication?
| ruthmarx wrote:
| > I know mobile networks keep lists of stolen devices,
| but they can't be used at all? Like all possible recovery
| modes demand authentication?
|
| Newer phones for, I want to say maybe the last 5 years,
| yeah.
|
| If it's turned off and you don't have the code to boot
| it, you can't access any kind of bootloader or recovery
| mode, it just shows a screen with an obfuscated email
| that is required to unlock it or something similar.
|
| Gone are the days of just being able to do a factory
| reset.
| sroussey wrote:
| True, but my iPhone 15 Pro was stolen, powered down, and
| likely ended up in china for parts.
| sbierwagen wrote:
| Apple calls this Activation Lock:
| https://support.apple.com/en-us/108794
| https://support.apple.com/en-us/120610
|
| Obviously, the logic board is locked to the owner's Apple
| account, but so is the display, battery, camera, and
| selfie camera. Basically the only thing you can reuse is
| the metal frame of the phone.
|
| Phones are still stolen (since the cost of theft is $0)
| but stolen phones are worth closer to $5 than $1000.
| avidiax wrote:
| > Phones are still stolen (since the cost of theft is $0)
| but stolen phones are worth closer to $5 than $1000.
|
| I have read that there are services offered by
| specialized criminals to unlock stolen iPhones. These
| basically amount to phishing schemes where they trick the
| owner into entering their apple ID and password on a site
| under their control.
|
| They can then factory reset the iPhone, but they also get
| to mine the phone/account for crypto, banking details,
| identity theft, etc.
|
| Potentially the value of a stolen iPhone can be more than
| the aftermarket price, since draining a bank account has
| unbounded gain.
|
| Low level thieves are getting $300-$600 for stolen
| phones.
|
| https://abc7ny.com/amp/crime-spree-phones-stolen-nyc-
| migrant...
|
| https://discussions.apple.com/thread/253640344?sortBy=ran
| k
| tedunangst wrote:
| https://abc7ny.com/amp/crime-spree-phones-stolen-nyc-
| migrant...
| ruthmarx wrote:
| So they've given up on hardware and are now looking for
| insecure phones to try and access banking apps.
| Interesting.
| Eisenstein wrote:
| Yes. The part them out in China:
|
| * https://www.reddit.com/r/iphone/comments/1co38zn/stolen_i
| pho...
|
| * https://www.thetimes.com/uk/society/article/how-your-
| stolen-...
|
| *
| https://www.dailymail.co.uk/news/article-13757041/Chinese-
| ci...
| counternotions wrote:
| Neat trick. But in what cities do people need to live like
| this?
| ronsor wrote:
| San Francisco. Or almost any other big American city for that
| matter.
| dangus wrote:
| When people say things like this what they're actually
| doing is falsely associating walkable urban fabric in
| cities like San Francisco, NYC, and large parts of Chicago
| as being especially dangerous just because it's only
| practical to be pick-pocketed on foot.
|
| They say this while ignoring the generally low crime rates
| of those compared to peers. For example, Chicago has an
| almost 20% lower property crime rate than Peoria, IL. Fort
| Worth, TX has 52% higher property crime rate than New York
| City. Carmel, Indiana, an affluent suburb with a public
| high school ranked #354 in the country and 6th in Indiana,
| only manages to have a 28% better property crime rate than
| NYC.
|
| (And driving a car around is a lot more statistically
| dangerous to your life than walking around a big city. I'd
| rather have my phone stolen than be t-boned by a drunk
| driver)
| brendoelfrendo wrote:
| Any city with police that might steal your phone. So... all
| of them.
| Shank wrote:
| You can just disable access to Control Center and Siri when
| locked. If you have an eSIM device, this is a really great
| thing to do, as it'll always connect to a cellular network when
| available.
| dangus wrote:
| I think the cool thing about this shortcut is that it'll work
| even if the thief stole your phone while unlocked.
| chatmasta wrote:
| How do you turn on airplane mode when that's actually what you
| want to do?
| hunter2_ wrote:
| Personally I only use it for battery savings when camping or
| similar. It's not the kind of thing everyone cares about. I
| think we're long past the days where a flight full of phones
| frantically searching for towers during takeoff/landing would
| degrade the network for people on the ground, as may have
| been true way back when (and why) airplane mode was adopted
| as a standard feature.
| imoverclocked wrote:
| It was never about that. It's about interference with
| aircraft systems.
|
| Look for "5G NOTAM" if you are someone who thinks this is
| bunk. Specifically, some radio altimeters (which are needed
| for some IMC approaches) can be interfered with by the
| adjacent 5G frequency bands due to not being built with a
| tight enough filter.
| aplusbi wrote:
| Cellphones used to operate on a frequency band that was
| very close to the same band used by ground proximity
| warning systems, so theoretically they could interfere with
| the safety systems on a plane. Modern phones use different
| frequency bands now.
| SoftTalker wrote:
| I have to think that if mobile phones presented an actual
| interference threat to aircraft avionics systems they
| simply would not be allowed on board. You cannot assume
| that all the passengers will follow the instructions to
| turn them off/disable the radios.
| _moof wrote:
| The rule isn't an FAA rule, it's FCC. The issue is about
| the cell networks, not the aircraft.
| brewdad wrote:
| I typically activate airplane mode twice and have it fail.
| Remember the automation, go deactivate the automation and
| then airplane mode works. On actual airplanes, I'm more
| likely to simply power off my phone.
| layman51 wrote:
| How is this shortcut even possible? Maybe it's because I have
| an older model or haven't figured out how to build good
| Shortcuts yet, but I thought that every shortcut requires some
| kind of manual activation. Would you launch the shortcut from
| an Apple Watch? Wouldn't iOS require confirmation from the
| thief to turn off airplane mode?
|
| That being said, I have heard of a weird automation someone
| made where it would open an app as soon as they went to the
| Home Screen. It took some thinking for them to deactivate it
| because the shortcut was really fast to activate.
| skygazer wrote:
| It's in the automation tab of the shortcuts.app. You define
| trigger conditions and the shortcut to trigger.
| layman51 wrote:
| I see how to build it now, thank you. I imagine for this
| automation to serve its purpose, we also need to make the
| Control Center inaccessible when the phone is locked so
| that whoever has the phone can't just try turning it off
| again. Well, that isn't strictly necessary since the
| automation seems to run anytime Airplane Mode is enabled.
| skygazer wrote:
| Settings > Face ID & Passcode > Allow Access When Locked:
| uncheck Control Center.
| zarzavat wrote:
| This is a great idea. Perhaps add a moderate delay (say 30
| seconds or 1 minute) to confuse them even more. Then they will
| think that airplane mode is active when it isn't.
| leoqa wrote:
| It seems like an untested theory that should be easily
| reproducible?
| Havoc wrote:
| Why would phones need another phone nearby to "tell them to
| reboot"
|
| Makes no sense.
| MBCook wrote:
| They're social animals, I guess.
|
| This is absolutely some kind of non-technical user superstition
| style claim born from a little bit of paranoia that Apple hates
| cops because they don't roll over easy (though they do follow
| subpoenas they are technically capable of following).
| 486sx33 wrote:
| So what did we learn class? If you're ever in a situation where
| your iPhone is being seized, power it down :)
| paxys wrote:
| You actually don't have to power it down. If you hold the power
| and volume buttons for 2 seconds and reach the "slide to power
| off" screen, the phone is already hard locked. You then always
| have to enter the passcode to unlock it.
| Crosseye_Jack wrote:
| If you have an iPhone SE Gen 3 (Or any other iPhone with
| TouchID, but models older than the SEGen3 have other
| weaknesses to worry about), you can do the same by spamming
| the power button 5 times.
|
| You can also ask Siri to reboot or turn off your phone, Siri
| will ask you to confirm you want to do the action, but it
| doesn't take too long to do. Just in case you don't want to
| reach for your phone for what ever reason.
| SuperShibe wrote:
| This is wrong. While this clears a _some_ keys and prevents
| anyone from holding the phone up your face to unlock it, it
| doesn't bring the phone back into a full BFU state.
|
| Some keys can still be read, and depending on the exploit
| they use a lot of data could be extracted. BFU + good
| passcode is always the way to go.
| ziddoap wrote:
| > _BFU state._
|
| "Before first unlock", for those like me who weren't
| familiar with this particular acronym.
| smiley1437 wrote:
| > You actually don't have to power it down. If you hold the
| power and volume buttons for 2 seconds and reach the "slide
| to power off" screen, the phone is already hard locked. You
| then always have to enter the passcode to unlock it.
|
| Iphones have 2 states when it comes to encryption:
|
| Before First Unlock (BFU) - everything is encrypted. The most
| difficult state to hack.
|
| After First Unlock (AFU) - data isn't fully encrypted. Maybe
| it's for performance reasons. In this state exploits exist
| which police can use to get data.
|
| Your suggestion of getting to the 'slide to power off' screen
| does NOT hardlock the phone (it does not put it in BFU).
|
| It just means it requires a passcode. However, since it is in
| AFU mode, data can be exfiltrated with the right tools.
|
| You should definitely power it down to be secure.
| beeflet wrote:
| IDK about iOS, but android (or at least calyxOS/grapheneOS) has
| a feature where you can make the phone automatically reboot
| after a certain amount of time (thus removing the keys from
| memory).
| TheRealPomax wrote:
| Unfortunately, though, you won't be able to do so while handing
| it over, and US cops will just kill you if you take too long
| handing over your phone because they can.
| bonestamp2 wrote:
| Any time a police encounter starts, you can at least tap the
| standby button 5 times. It's not as good as a shutdown, but
| it will at least disable biometrics so it will require a
| password to unlock. They can't legally force you to reveal
| your password.
| avidiax wrote:
| > They can't legally force you to reveal your password.
|
| Indefinite contempt of court seems like "force" to me.
|
| https://arstechnica.com/tech-policy/2017/05/jail-looms-
| large...
| samatman wrote:
| Could you link to the news stories about cops killing someone
| for not handing a phone over promptly, please?
|
| I managed to miss all of them, which is strange given how
| ubiquitous this experience is.
|
| Possibly you're saying it's so commonplace that it isn't even
| newsworthy?
| joshstrange wrote:
| The theory makes zero sense on many levels. Why are we are
| publishing cop's guesses on how software giants work...
| MBCook wrote:
| "Helping criminals" gets headlines. Anything involving Apple
| gets headlines.
|
| Apple "helping criminals" is a gold mine.
|
| I can't read the full article, but I'd be surprised if the cops
| didn't manage to claim how this is somehow related to fentanyl
| in there somewhere.
| nxobject wrote:
| I don't think this is the case, but I genuinely want this to be
| gonzo advertising by Apple.
| Shank wrote:
| The idea that iPhones magically communicate with each other to
| "reboot randomly" when off a cellular network (assumably would
| happen on a plane easily) is pretty far fetched. The far more
| likely explanation is that iOS 18.0 has some radio/modem bugs
| that causes devices to randomly reboot, likely correlated with
| long periods of disuse or lack of network connectivity.
|
| Or heck, if the phone thinks the cellular modem isn't working
| (like the phone in a faraday cage), some watchdog might just
| timeout and reboot.
|
| In any case, the idea that they're randomly networking and
| intentionally rebooting to thwart this specific law enforcement
| attack seems pretty unlikely.
| kubectl_h wrote:
| What's interesting to me is that Apple's stance of not
| unlocking iPhones for law enforcement has led to this paranoia
| on law enforcements part. Honestly? Good.
| MBCook wrote:
| Apple doesn't have a stance of not unlocking phones for law
| enforcement. They give law enforcement whatever they're asked
| for by subpoena.
|
| Apple's stance is to build strong encryption so that they
| can't access customers data. What they have refused to do is
| weaken that encryption so that they could start complying
| with future requests or sign tampered with firmware that
| would allow the decryption without user authorization.
| skygazer wrote:
| They also refused to make a build (signed by Apple) which
| would remove any of those protections, though technically
| possible, but would have tainted their products as
| backdoored. They were prepared to argue forcing them to do
| that would be the government compelling speech, a violation
| of the First Amendment, a precedent the FBI didn't want,
| and so turned to a CellBright type service instead. Apple
| did make public statements at the time against backdooring
| devices which might be construed as a stance.
| TowerTall wrote:
| As far as I know the iCloud backup are unencrypted so law
| enforcement can just request a backup of those instead.
| philistine wrote:
| You're not up-to-date and your language is not exact:
|
| 1. Your backups are encrypted in transit and at rest. You
| have a key, Apple also has one.
|
| 2. You can optionally ask Apple to get rid of its key to
| your backup. (https://support.apple.com/en-us/108756)
| voxic11 wrote:
| Apple does have this stance. They have been subpoenaed
| before to assist in unlocking older iPhones that don't have
| as strong protection of user data as modern iPhones and
| they refused those orders as well.
|
| Basically older iPhones without the modern secure enclave
| enforced the password attempt lockout period in software so
| the FBI obtained a court order to force apple to create and
| sign a new version of iOS that would not enforce the
| lockout period, which would allow the FBI to guess the
| password. Apple refused to create this new version of iOS
| and the FBI eventually retracted their request.
|
| Modern iPhones enforce the lockout period in the secure
| enclave hardware so this is no longer something Apple could
| even possibly assist with.
|
| https://en.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption_
| d...
| EMIRELADERO wrote:
| > Modern iPhones enforce the lockout period in the secure
| enclave hardware so this is no longer something Apple
| could even possibly assist with.
|
| You mean in the sillicon itself? If it's done in the
| Secure Enclave's firmware then Apple _could_ assist with
| unlocking.
| kbolino wrote:
| I would think that the secure enclave controls the device
| (un-)locking process and also wouldn't install OTA
| firmware updates nor accept commands from USB-connected
| peripherals while the device is locked.
| altairprime wrote:
| Settings > Passcode > Allow access when locked: [_]
| Accessories.
|
| Off by default, providing a one hour timeout since last
| phone unlock; or instantly, upon biometric rejection or
| after holding power-volume-up to reach the power off
| menu.
|
| Macs are typically enabling an equivalent to this by
| default as well now, as of the latest macOS update.
| MBCook wrote:
| That's what I meant by this:
|
| > ...sign tampered with firmware that would allow the
| decryption without user authorization.
|
| Apple wrote the firmware for everything. I assume they
| could write firmware to not need authorization, embedded
| in a copy of iOS, and sign everything so it could be
| installed on a phone through DFU.
|
| They have been unwilling to do so. I think they're right
| not to. But I suspect it is technically possible.
| kubectl_h wrote:
| > Apple doesn't have a stance of not unlocking phones for
| law enforcement.
|
| Yes and they have also made it such that they can't bypass
| all that by providing a mechanism to unlock the phone.
| Hence they don't unlock the phone.
| briffle wrote:
| > Apple's stance is to build strong encryption so that they
| can't access customers data.
|
| In the US and EU, where it is politically easy.
| https://support.apple.com/en-us/111754
| mlindner wrote:
| More correctly: In states where individual rights are
| protected.
| _fat_santa wrote:
| My conspiracy theory here is that Apple knows that this is
| how law enforcement goes about unlocking phones with tech
| like Cellbrite so they add in code to thwart that effort but
| keep quiet so they can have the plausible deniability of it
| just being a bug.
| WorldMaker wrote:
| Easier to assume it's a theft ring deterrent, eliminating
| some of the routes to social engineering that theft rings
| have been using, further reducing the usefulness of
| collecting large numbers of stolen iPhones in the same
| central place.
| nxobject wrote:
| It's good if the countermeasures against the two things
| are indistinguishable.
| melq wrote:
| iPhones are already communicating with any and every bluetooth
| capable Apple device to enable the findmy/airtag functionality
| aren't they? I dont believe this is necessarily true just that
| its theoretically possible.
| Jtsummers wrote:
| The issue is not that Apple devices communicate with each
| other. It's the absurd claim that there's a secret handshake
| between Apple devices that tells them to reboot if they've
| been offline and locked for too long.
|
| So sit around in a less secure state for weeks and months and
| only when externally triggered reboot? That's a stupid
| feature and makes no sense. If you were to base any partial
| security measure off of how long a device has been powered up
| and locked, then just use a timer. Why wait for another phone
| to wander by?
|
| Though the digital forensics lab claims they were all in
| airplane mode with one inside a faraday box, so how are they
| communicating with each other? This suggests incompetence on
| their part, perhaps not actually putting them in airplane
| mode or not understanding that bluetooth/wifi can be enabled
| (and may enable themselves) separately from the cellular
| radio.
| MBCook wrote:
| It's communication in that information is being passed, but
| it's a one-way Bluetooth broadcast. It's not any kind of two-
| way communication.
|
| At most an iPhone may be able to broadcast a Bluetooth
| message saying "anybody out there?". I don't even know if
| that's possible. I'm sure Apple's white paper has the answer
| but I don't remember it.
| sherry-sherry wrote:
| I don't think it's what's happening here, but iPhones
| absolutely communicate with each other when there's no cellular
| network.
|
| The 'Find My' network uses all iPhones/iPads/Macs (unless
| disabled) to locate said devices and other items over Bluetooth
| LE.
|
| > The Find My network is an encrypted, anonymous network of
| hundreds of millions of Apple devices that can help find your
| stuff, even when it's offline. Nearby devices securely send the
| location of your missing device to iCloud, so you can find it
| in Find My. It's all anonymous and encrypted to protect
| everyone's privacy. -- https://support.apple.com/en-au/104978
| MBCook wrote:
| But that's just Bluetooth beacon stuff, it's one way
| broadcast communication to anything that's listening.
|
| It's like an automated ARP response packet that's
| automatically transmitted occasionally without needing to
| hear a request.
| mistrial9 wrote:
| do you have evidence that it is only a beacon signal
| between Apple devices post v18 ?
| jlarocco wrote:
| Sure, but iOS has to listen for them and do... something...
| when they see a "Find my iPhone" beacon.
|
| TBH I think it's very unlikely, but it's entirely possible
| they could add a flag to those beacon messages suggesting
| other iOS devices reboot.
|
| On the other hand, I can easily see it being an honest bug
| where being off a cellular network corrupts the beacon
| message somehow, and reading the corrupt messages triggers
| iOS to reboot.
|
| Who knows
| LorenPechtel wrote:
| Second this. It strikes me as a completely reasonable watchdog.
| Other than if you're keeping it around in a faraday cage it's
| very unlikely to receive *nothing* for an extended period. How
| many people take phones into such environments for extended
| periods? Thus if nothing is coming in it probably means
| something's messed up.
|
| And if it reboots on the cops Apple probably considers that a
| plus.
| xk_id wrote:
| It's very well established by numerous studies that apple
| products continuously scan for other wireless devices in their
| proximity, especially Apple ones but including wifi routers,
| and then upload their hardware IDs and MAC addresses to apple
| server, together with GPS location.
|
| https://www.scss.tcd.ie/doug.leith/apple_google.pdf
| reaperducer wrote:
| And what does that have to do with the article?
| xk_id wrote:
| Parent wrote (emphasis mine):
|
| > _the idea that they're randomly networking_ and
| intentionally rebooting to thwart this specific law
| enforcement attack _seems pretty unlikely_.
|
| So there is partial evidence for it at least.
| Someone wrote:
| > So there is partial evidence for it at least.
|
| Where? If you want that to be partial evidence, you have
| to parse that sentence as:
|
| _(they're randomly networking and intentionally
| rebooting) to thwart this specific law enforcement
| attack_
|
| which means
|
| (they're randomly networking to thwart this specific law
| enforcement attack) AND (they're intentionally rebooting
| to thwart this specific law enforcement attack)
|
| All you show is that they're randomly networking, not
| that it's for thwarting even any law enforcement attacks,
| so I don't think what you say is partial evidence.
| chasil wrote:
| Such a feature added intentionally would also impede theft
| rings, which might be the true intent.
| tcmart14 wrote:
| Yea, it seems like this would be easily verified, if true, by
| security experts. Watch the network traffic in a faraday cage.
| See some strange packets that don't make sense with currently
| used protocols, okay, maybe there is _some truth_. But if all
| you see are packets that arn 't surprising (in this case, a
| ping to try to find a cell tower) and a reboot occurs, then
| there is no mystery, its probably as you suggest a bug or
| trying to self health from a failed watchdog check.
|
| Its all happening over RF, its not like they can implement this
| so a signal opens a inter-dimensional portal and comes back out
| making it undetectable on the RF spectrum.
| CryptoBanker wrote:
| One of the devices was stored in a Faraday cage in airplane
| mode[1] - there's literally nothing to monitor
|
| [1]https://appleinsider.com/articles/24/11/07/iphones-stored-
| fo...
| vlovich123 wrote:
| > The affected devices even included one that was in
| Airplane Mode and another that was kept in a Faraday cage
|
| > The officials hypothesize that an iPhone running iOS 18
| can send signals that make nearby units reboot if the
| device has been kept disconnected from cellular networks.
|
| Either the officials are storing multiple devices in 1
| cage, don't understand Faraday cages, or are arguing in bad
| faith.
|
| > In October of 2024, multiple users of iPhone 16 Pro and
| iPhone 16 Pro Max units reported that their devices kept
| restarting themselves for no apparent reason. This is a
| known issue that occurred during normal use and one that
| Apple fixed with the iOS 18.1 update.
|
| > This timeframe would also align with the creation of the
| alleged law enforcement document. Specifically, the
| document says that three iPhones with iOS 18.0 were brought
| into a forensics lab on October 3, after which they
| rebooted themselves.
|
| Ah ignorance or bad faith after all.
| NikkiA wrote:
| Faraday cages don't stop audio and we know [1] there are
| google/android devices that use ultrasound to communicate
| with other google/android devices.
|
| It's not ENTIRELY far fetched, but it is very unlikely.
|
| [1] https://www.wired.com/story/ultrasonic-signals-wild-
| west-of-...
| tcmart14 wrote:
| I agree it is very unlikely. And I don't think you are
| proposing this is the case, but for the sake of argument.
| However, wouldn't it still be rather easy to verify?
| Faraday cage just helps with isolation and filters out
| the noise, so you can analyze a smaller set of data, in
| this case meaning you have to parse through less
| signals/data. But you would still be able to pinpoint
| this. If you can just monitor ultrasound, filter out what
| isn't easily explained/common (like background background
| radiation is to the universe).
|
| To verify the original claim that it could happen over
| BLE, you don't need a faraday case to verify or prove
| this. The faraday cage just allows you to cut down on the
| data/signals to analyze.
| wmf wrote:
| I agree that it's unlikely but consider that Apple stores have
| a "dock" that can power on an iPhone and do an iOS upgrade
| _while it 's sealed in the box_. Who knows what P2P
| communication protocols iPhones have.
| Loudergood wrote:
| Does that work on a configured, encrypted iPhone?
| cududa wrote:
| Only the latest iPhones (15 and 16) support this
| elzbardico wrote:
| They do communicate with each other for the "Find My" feature
| to work even when disconnected from cellular and wifi. It is
| basically the same operating principle behind Apple Tags.
| beeflet wrote:
| >The idea that iPhones magically communicate with each other to
| "reboot randomly"
|
| well they do silently communicate for the "find my" network. I
| don't see why that couldnt result in a reboot somehow
| talldayo wrote:
| > I don't see why that couldnt result in a reboot somehow
|
| Because Find My is a reverse-engineered protocol that can be
| abused to broadcast false information to nearby devices?
| Trusting Find My to know when it's time for a reboot sounds
| like an amazing Flipper Zero feature but a not-so-great
| experience for iPhone owners.
| Crosseye_Jack wrote:
| > Apple may have introduced a new security feature in iOS 18 that
| tells nearby iPhones to reboot if they have been disconnected
| from a cellular network for some time.
|
| My guess (and this is just a complete random guess), its a bug
| not a feature, prob to do with Find My, all the phones are prob
| airplane mode and they are all trying to talk to each other (and
| to the mothership) regarding Find My and are crashing out.
| spike021 wrote:
| My iPhone 16 on iOS 18 has been randomly respringing (as far as I
| can tell). Not fully rebooting but basically the UI crashes and
| it kicks me out to the lock screen.
|
| I wonder if that's all this is. Probably a memory leak somewhere
| or some other bug.
| bonestamp2 wrote:
| I was thinking the same thing -- I've had to reboot my iPhone a
| couple of times since installing iOS 18 because it became
| unresponsive. It's been years since I've had an iPhone do that
| so this is very unusual.
| ChrisArchitect wrote:
| More discussion on the source:
| https://news.ycombinator.com/item?id=42083052
| declan_roberts wrote:
| > _the reported iPhone reboots highlight the constant cat and
| mouse game between law enforcement officers and forensic experts
| on one side, and phone manufacturers Apple and Google on the
| other._
|
| I don't think Google is in this same category at all. Didn't they
| just recently give nest door unlock codes to LEO without even
| asking for a warrant?
|
| Apple and Google are on different planets when it comes to user
| privacy.
| Suppafly wrote:
| >Didn't they just recently give nest door unlock codes to LEO
| without even asking for a warrant?
|
| Did they? I don't remember seeing anything about that.
| sroussey wrote:
| Seems more like the phone batteries went to zero and then power
| came back on and they went back up but obviously restarted.
|
| If you are not looking at a phone all day, you may not have
| noticed that the power was out to them over some weekend.
| Suppafly wrote:
| I'd assume they keep them powered up when they have them stored
| in a lab trying to crack the encryption on them.
| pyuser583 wrote:
| There were a number of custom "crime phones", run by criminal
| organizations. One of the features was rebooting when were
| arrested, as triggered by the criminal organization.
|
| Law enforcement seems to be reading the behavior into the iPhone,
| which is understandable. They've see it before.
|
| The real concern is how law enforcement seems to create these
| bright lines between "legitimate" and "illegitimate" security.
|
| Shutting down when an attack is suspected is a reasonable
| security feature.
| akimbostrawman wrote:
| Probably a bug but a feature on GrapheneOS
|
| https://grapheneos.org/features#auto-reboot
| daft_pink wrote:
| We need to write an app to automatically reboot your iphone every
| night as a user selectable time if reboot your iphone is
| apparently phone spies kryptonite.
| Jtsummers wrote:
| iPhone shortcuts can already do that. Create a shortcut to
| restart the device and an automation to run it at a particular
| time of day.
| slicktux wrote:
| Watchdog timer??
| int0x29 wrote:
| Betcha ten bucks it's an on device timer.
| the5avage wrote:
| > The idea that phones should reboot periodically after an
| extended period with no network is absolutely brilliant
|
| If this is brilliant I'm Einstein
| Etheryte wrote:
| It would be beyond hilarious if Apple now went and implemented
| this safeguard. I don't even think a hard reboot would be
| necessary, simply if the phone hasn't had reception for some
| preset period of time, or if there's been more than some amount
| of incorrect logins, or no successful logins in some given amount
| of time, revert everything to the freshly booted state,
| encryption and all.
| tripplyons wrote:
| I wish more people thought of it as a safeguard like you do.
| n_ary wrote:
| Would the condition be irritating for me when am taking a very
| long multi transit flight and prefer to keep my phone on
| airplane mode because am trying to read My ebooks on my kindle
| during the journey and my phone keeps rebooting ...
| autoexec wrote:
| I also spend a lot of time with my phone in airplane mode,
| but I'd have no problem with a reboot after two or three
| failed login attempts.
| Etheryte wrote:
| I think this is simply a matter of finding good defaults. In
| my opinion, the order of magnitude should be how many days
| without reception, not how many hours. A week sounds like a
| sane baseline for me, since that is more than ample time for
| most people to end up in a situation where you're connected
| again. Likewise you could reset the counter on a successful
| unlock. On the flip side, a week is not enough time to
| reasonably bruteforce anything if the time you have to wait
| before each retry goes up with every failure.
| mycall wrote:
| Depending on the phone model and OS, airplane mode may
| disable Wi-Fi and Bluetooth, but it won't turn off GPS. If
| the iPhone is one of those devices, it could detect a fast
| elevation change and not reboot the phone until it comes
| back down in elevation in a motionless state.
| soraminazuki wrote:
| I'll be surprised if reading ebooks doesn't prevent an
| "inactivity reboot."
| fzzzy wrote:
| Airplane mode isn't the same as putting the phone inside a
| Faraday cage. The phone can tell the difference. Even in
| airplane mode the phone could receive rf; airplane mode is
| just supposed to disable transmission.
| whaleofatw2022 wrote:
| Based on the article it almost sounds like multiple phones
| may have to be present
| acdha wrote:
| They reportedly did:
|
| https://chaos.social/@jiska/113447894119816217
|
| That would make sense since thieves know that they have to get
| an iPhone offline to prevent Find My tracking and remote
| locking.
| aeternum wrote:
| Great to see Apple taking a firm stance on this, this above
| other fancy features maintain customer loyalty.
|
| People often point out the law enforcement case for breaking
| into phones but conveniently forget that the very same
| security holes used by law enforcement are used to make
| stealing phones more profitable and by other nation-states to
| spy, commit corporate espionage, etc.
| RIMR wrote:
| Actually, it would be beyond reckless for Apple to do anything
| other than implement this as a safeguard. The cops just gave up
| the game. Their only way into a locked phone is one in an AFU
| state. Apple doesn't give backdoors to law enforcement, so in
| lieu of Apple being able to patch this vulnerability, they
| absolutely should implement protections against it, including
| this one we just heard from the horse's mouth.
|
| If Apple doesn't make this an official feature, or worse: fixes
| this issue for the convenience of law enforcement, we need to
| read that as Apple selling out our privacy to the government.
| Suppafly wrote:
| These articles should make fun of how silly these cops are
| instead of passing along their silly rumors as if they have any
| chance of being valid.
| Izikiel43 wrote:
| Insert it's not q bug, it's a feature image
| singleshot_ wrote:
| "But the sufficiently nefarious might reboot or wipe their phone
| remotely," is a component in the black letter law of the fourth
| amendment and exigency. Kind of interesting that now the handset
| manufacturer might be automatically doing that for all of us.
| lisp2240 wrote:
| Sounds like, if the cops take your iPhone, you should immediately
| deactivate your eSIM or cancel your service.
| bonestamp2 wrote:
| But, assuming the cops are right for a minute, wouldn't you
| want your phone to reboot so it would be harder for them to
| brute force it?
| lisp2240 wrote:
| That's what I said?
| ssklash wrote:
| GrapheneOS implements basically this as a security feature
| against non-persistent malware, and I think it's a great idea
| that all phones should do. Graphene has your phone reboot after
| an uptime greater than some value you pick.
| realusername wrote:
| It's also available on Samsung (mine is set to reboot every
| day), not sure if it's standard on Android or not
| agile-gift0262 wrote:
| > Graphene has your phone reboot after an uptime greater than
| some value you pick.
|
| It automatically reboots after the device hasn't been unlocked
| within the selected duration, not after certain uptime has been
| reached
| andrewaylett wrote:
| Just today, I got a notification on my Pixel to turn on "Theft
| Offline Device Lock". I can't claim that it puts the phone into a
| pre-first-auth state, I've not tried it yet and the docs aren't
| clear. Along with it came a "Remote lock" features, where
| visiting android.com/lock and putting in your phone number will
| also lock your device, so it requires the screen lock to unlock.
|
| It would be sensible if both these features put the phone into a
| pre-first-auth mode.
| JSDevOps wrote:
| My money is on a memory leak in the 5G stack
| cynicalsecurity wrote:
| Why are they searching people's phones though?
|
| Imagine the future when neurolink is going to be fully developed
| and the court would be able to authorise drilling into your skull
| to forcefully connect you to a computer to read your thoughts.
| Well, that's not much different.
| asimpleusecase wrote:
| So if I use a faraday bag for stretches of time to prevent my
| phone being tracked is that going to cause a reset? Any
| documentation?
| 15155 wrote:
| Why is nobody at Apple sitting around with a USB protocol
| analyzer and a Cellebrite and patching these vulnerabilities one
| by one?
| talldayo wrote:
| Would it come as a surprise if I told you that the US has every
| opportunity to stop Cellebrite et. al but chooses not to?
___________________________________________________________________
(page generated 2024-11-08 23:01 UTC)