The idea that iPhones magically communicate with each other to “reboot randomly” when off a cellular network (assumably would happen on a plane easily) is pretty far fetched. The far more likely explanation is that iOS 18.0 has some radio/modem bugs that causes devices to randomly reboot, likely correlated with long periods of disuse or lack of network connectivity.
Or heck, if the phone thinks the cellular modem isn’t working (like the phone in a faraday cage), some watchdog might just timeout and reboot.
In any case, the idea that they’re randomly networking and intentionally rebooting to thwart this specific law enforcement attack seems pretty unlikely.
It would be beyond hilarious if Apple now went and implemented this safeguard. I don't even think a hard reboot would be necessary, simply if the phone hasn't had reception for some preset period of time, or if there's been more than some amount of incorrect logins, or no successful logins in some given amount of time, revert everything to the freshly booted state, encryption and all.
This reads more like a chain email forward than an actual analysis of the iPhone tech stack.
Fwd: Fwd: READ THIS!!! You won't believe what the iPhone does when off network and around other iPhones!!!
> It is believed that the iPhone devices with iOS 18.0 brought into the lab, if conditions were available, communicated with the other iPhone devices that were powered on in the vault in AFU. That communication sent a signal to devices to reboot after so much time had transpired since device activity or being off network.
The hypothesis doesn't make any sense because the phone doesn't need to communicate with other phones to decide to restart/lock based on lack of network signal.
> Matthew Green, a cryptographer and Johns Hopkins professor told 404 Media that the law enforcement officials' hypothesis about iOS 18 devices is "deeply suspect," but he was impressed with the concept.
Just about sums it up.
GrapheneOS has a "reboot after x hours inactivity" feature specifically to prevent the scenario mentioned in the story. Otherwise leaving a phone powered on is a massive risk, especially if cops can keep it charged for months to wait for an exploit.
Maybe designed to help with anti-theft? I already use a shortcut automation when airplane mode is turned on to lock my phone and turn off airplane mode, as that’s the first thing thieves would do.
I very much doubt it. Far more likely to be a memory leak in the baseband which is exposed when the devices are unable to talk to the cellular network for a period of time.
So what did we learn class? If you’re ever in a situation where your iPhone is being seized, power it down :)
> the reported iPhone reboots highlight the constant cat and mouse game between law enforcement officers and forensic experts on one side, and phone manufacturers Apple and Google on the other.
I don't think Google is in this same category at all. Didn't they just recently give nest door unlock codes to LEO without even asking for a warrant?
Apple and Google are on different planets when it comes to user privacy.
The theory makes zero sense on many levels. Why are we are publishing cop’s guesses on how software giants work…
These articles should make fun of how silly these cops are instead of passing along their silly rumors as if they have any chance of being valid.
I haven't kept up with iOS feature developments, but modern Android devices can be configured to lock automatically if they go offline.
The purpose of this is to counter a thief putting your phone into aeroplane mode to prevent you remote locking or erasing the device.
My iPhone 16 on iOS 18 has been randomly respringing (as far as I can tell). Not fully rebooting but basically the UI crashes and it kicks me out to the lock screen.
I wonder if that's all this is. Probably a memory leak somewhere or some other bug.
Just today, I got a notification on my Pixel to turn on "Theft Offline Device Lock". I can't claim that it puts the phone into a pre-first-auth state, I've not tried it yet and the docs aren't clear. Along with it came a "Remote lock" features, where visiting android.com/lock and putting in your phone number will also lock your device, so it requires the screen lock to unlock.
It would be sensible if both these features put the phone into a pre-first-auth mode.
This is like the junior QA coming to you and is so sure of himself and he think his theory is 100% correct
Why would the iPhones need to communicate in order to reboot? Just detect a lost network connection, add a timer, lack of normal user activity, some other signal, ....
Why are they searching people's phones though?
Imagine the future when neurolink is going to be fully developed and the court would be able to authorise drilling into your skull to forcefully connect you to a computer to read your thoughts. Well, that's not much different.
“But the sufficiently nefarious might reboot or wipe their phone remotely,” is a component in the black letter law of the fourth amendment and exigency. Kind of interesting that now the handset manufacturer might be automatically doing that for all of us.
It's a good feature. A similar feature just got added to Android, too. If the phone loses network, it locks. If the accelerometer thinks that the phone has been snatched from your hand, it locks.
It seems like an untested theory that should be easily reproducible?
Why is nobody at Apple sitting around with a USB protocol analyzer and a Cellebrite and patching these vulnerabilities one by one?
Frankly I'm all for phones detecting that they're in an unusual state and changing posture to a higher security level.
Sounds like a timer, if not just a crash. Nothing here sounds like a the phones are communicating with each other.
> The digital forensics lab that noticed the issue had several iPhones in AFU state reboot, including iPhones in Airplane mode and one in a faraday box.
You can stop reading there. iOS 18 doesn't add freaking telepathy to phones. Whether it's a bug or a new feature Apple added that reboots phones under certain circumstances, it's not "iPhones communicating to force reboots".
I'm glad HN doesn't allow emoji, but I do wish I could add :facepalm: or :eye-roll: here.
GrapheneOS implements basically this as a security feature against non-persistent malware, and I think it's a great idea that all phones should do. Graphene has your phone reboot after an uptime greater than some value you pick.
I don’t think it’s other iPhones that are sending a signal. Rather, it’s probably a security option that’s easy for most people to overlook in the Settings app. I have little knowledge about iPhone hacking, but I think in the same place where you can say “delete my data after 10 failed passcode attempts”, you can also force ask for a passcode to start using accessories again if it’s been a long time since it’s been unlocked. But I don’t think I have ever seen anything around rebooting. That sounds like a very nice feature though since rebooting apparently is good for making sure the phone clears spyware access.
We need to write an app to automatically reboot your iphone every night as a user selectable time if reboot your iphone is apparently phone spies kryptonite.
There were a number of custom “crime phones”, run by criminal organizations. One of the features was rebooting when were arrested, as triggered by the criminal organization.
Law enforcement seems to be reading the behavior into the iPhone, which is understandable. They’ve see it before.
The real concern is how law enforcement seems to create these bright lines between “legitimate” and “illegitimate” security.
Shutting down when an attack is suspected is a reasonable security feature.
> Apple may have introduced a new security feature in iOS 18 that tells nearby iPhones to reboot if they have been disconnected from a cellular network for some time.
My guess (and this is just a complete random guess), its a bug not a feature, prob to do with Find My, all the phones are prob airplane mode and they are all trying to talk to each other (and to the mothership) regarding Find My and are crashing out.
> The idea that phones should reboot periodically after an extended period with no network is absolutely brilliant
If this is brilliant I'm Einstein
My time as a digital forensic investigator was short and over a decade ago now, but it was standard where I was to put each phone in a faraday bag to help reduce concerns around remote wiping capabilities.
What's odd to me in this article is it doesn't seem like faraday bags are being used. I'd assume concerns over this type of thing are greater than ever now.
Right. So, if you're about to go somewhere where your phone might be arbitrarily searched i.e. an airport in your own or another country, I guess this means it's a good idea to shutdown your phone and put it into a Before First Unlock state to protect your files.
It's a dot zero release.
Could easily just be a memory leak that is accumulating until the OS crashes.
Seems more like the phone batteries went to zero and then power came back on and they went back up but obviously restarted.
If you are not looking at a phone all day, you may not have noticed that the power was out to them over some weekend.
If I had a dollar for every time I'm surprised to find out one of my AOSP devices has rebooted, I'd buy an old-fashioned alarm clock.
Maybe iPhones just reboot sometimes too.
Great idea. How about reboot if more than 2 hours with no unlock?
Is there an audio command you can say to cause Siri to BFU?
So if I use a faraday bag for stretches of time to prevent my phone being tracked is that going to cause a reset? Any documentation?
Reality: A nasty resource leak causes segfault in the iOS kernel
News: Apple implemented auto-reboot as a security feature fending off cops
“Find My” forms a mesh network with other Macs and iPhones.
Maybe the isolated phone has a feature where it reboots after being unable to find a peer?
My money is on a memory leak in the 5G stack
Sounds like, if the cops take your iPhone, you should immediately deactivate your eSIM or cancel your service.
Why would phones need another phone nearby to “tell them to reboot”
Makes no sense.
What happens if one is in a place with no connectivity for a long time? There are areas of the world like that. Periodic forced reboots are useless and harmful there. Think about reading ebooks offline or following a map with only GPS on.
Betcha ten bucks it's an on device timer.
Insert it’s not q bug, it’s a feature image
Another option is that whatever bug cellebrite was exploiting to extract data from iPhones in AFU mode is now subtly not working, leading to unexpected reboots when attempting extraction.
TL;DR: Cops are likely wrong, iPhone just reboots after being disconnected for a while.
The article is kind of confusing about this.