In recent weeks, law enforcement in the United States discovered, to their dismay, that iPhones were automatically rebooting themselves after a few days of inactivity, thereby denying them access to the contents of these phones. After a lot of speculation online, Jiska Classen dove into this story to find out what was going on, and through reverse-engineering they discovered that this was a new security feature built by Apple as part of iOS 18.1, to further make stolen iPhones useless for both thieves as well as law enforcement officers.
It’s a rather clever feature. The Secure Enclave Processor inside the iPhone keeps track of when the phone was last unlocked, and if that period exceeds 72 hours, the SEP will inform a kernel module. This kernel module will then, in turn, tell the phone to gracefully reboot, meaning no data is lost in this process. If the phone for whatever reason does not reboot and remains powered on, the module will assume the phone’s been tampered with somehow and kernel-panic. Interestingly, if the reboot takes place properly, an analytics report stating how long the phone was not unlocked will be sent to Apple.
The reason this is such a powerful feature is that a locked iPhone is entirely useless to anyone who doesn’t have the right code or biometrics to unlock it. Everything on the device is encrypted, and only properly unlocking it will decrypt the phone’s contents; in fact, a locked phone can’t even join a Wi-Fi network, because the stored passwords are encrypted (and I’m assuming that a locked phone does not provide access to any methods of joining an open network either). When you have a SIM card without any pincode, the iPhone will connect to the cellular network, but any notifications or calls coming in will effectively be empty, since incoming phone numbers can’t be linked to any of the still-encrypted contacts, and while the phone can tell it’s received notifications, it can’t show you any of their contents.
A thief who’s now holding this phone can’t do much with it if it locks itself like this after a few days, and law enforcement won’t be able to access the phone either. This is a big deal in places where arrests based purely on skin colour or ethnicity or whatever are common, like in the United States (and in Europe too, just to a far lesser degree), or in places where people have to fear the authorities for other reasons, like in totalitarian dictatorships like Russia, China or Iran, where any hint of dissent can end you in harsh prisons.
Apple is always at the forefront with features such as these, with Google and Android drunkenly stumbling into the open door a year later with copies that take ages to propagate through the Android user base. I’m legitimately thankful for Apple raising awareness of the need of features such as these – even if they’re too cowardly to enable them in places like China – as it’s quite clear a lot more people need to start caring about these things, with recent developments and all.
Mandatory disclaimer. If you are a dissident and your life depends on it note that your iPhone will be unlocked in a breeze.
In understand the anti police/anti government aspect to this. But not the anti theft one. Anyone care to explain that?
The thief’s steal the phone, then I and do what? Steal the users photos? or notes? And criminals can do things with phones that are powered on but locked? How common is that? I know law enforcement/governments can but I’d be surprised if criminals can. And confused at what they are getting out of it. I think they still need credentials of the user to deregister the phone from the customer to allow it to be reused/sold. Or at least that was true as of two years ago.
Also the police/governments will just contract with a source that can crack the phones one way or the other. this might just make them pay a little more, I’d guess.
EDIT:
I missed the relavant part in the article that explains criminals end up buying equipment that cops previously used on ebay somehow. And the state of first boot unlock is more secure than any other lock states. So it is anti theft. To state the obvious, maybe ebay shouldn’t sell them? And maybe cops shouldn’t sell them? This is as dumb as cops selling guns to straw purchasers.
The problem with providing a backdoor for the cops is not that “the cops” will sell their tools, the problem is that there will be a cop who sells them, similar to what happened to those master keys for tsa approved locks.
Once a single master key got out in the wild, copies turned the entire proposition into theater where flyers have to assume that anyone can open their luggage.
Mote,
Yeah, I agree secrecy doesn’t scale. But at the same time it doesn’t really matter because those master keys were bound to be reverse engineered regardless. The TSA locks have to cater to customers who expect to pay less than $50 or so for a suitcase lock, yet those paying that price can’t really expect much security.
I guess it has some merit in keeping “honest people honest”, but a real thief could steal the entire luggage and get into it at their leisure.
People have gotten clever by planting trackers on their luggage, but they’re racing against time especially if criminals get wise to that.
I wonder does this kill off forwarding to stop iPhones working as a messaging relay?
Thom Holwerda,
It is extremely rare for people to use secure passwords though. Even biometrics aren’t really that unique when you have to minimize false negatives. To this end, vendors try to limit the number of login attempts, which stops naive attacks. But such mechanisms should never be conflated with cryptographic security, especially not against sophisticated adversaries.
A local PD probably won’t be equipped to crack device security, but law enforcement might compel vendors to remove restrictions via court orders. This was a conceivable outcome in the San Bernardino case if it wasn’t cracked by a 3rd party first.
Ultimately I think privacy is important and IMHO governments routinely overstep our privacy. I’m glad to see tech companies taking a stand, but at the same time owners may never see their hardware again if the governments confiscate their property and can’t crack it.