Apple indeed added a feature called "inactivity reboot" in iOS 18.1 (opens in new tab)

(twitter.com)

39 pointsdevelatio1y ago24 comments

24 comments

Seems to me like it was low-hanging fruit that Apple (no pun intended) finally decided to pick. I imagine dropping to a BFU state will help curb possible brute force or physical access attacks. The relative security/ongoing improvements of iPhones/iOS have given LEOs a certain level of unjust paranoia whenever a new security feature is rolled out.

oever1y ago

And web apps on iOS cannot prevent the screen from dimming and locking, making many type of applications impossible to develop as PWA:

https://bugs.webkit.org/show_bug.cgi?id=254545

It's a bug that's been open for years and happens to be beneficial for the app store.

hollerith1y ago

Unless I'm missing something, it also happens to benefit the average user for a random web site not to be able to prevent the phone's screen from locking.

SigmundA1y ago

The bug states that it works in the browser just not in PWA's.

So random websites can actually do this, but not websites the users specifically installs as a PWA, which is kinda the opposite of what you would expect.

2 more replies

n8henrie1y ago

https://archive.is/lpoLQ

Terretta1y ago

“Apple's privacy is just marketing smoke and mirrors” — an HN commenter, probably

For every privacy feature Apple advertise to consumers about, there are ten they didn't, that still very much raise the bar.

The quiet improvements are so under-marketed that even technically savvy users aren't aware of most of them.

There was a period before MDM matured that certain three letter U.S. Gov agencies forbade iPhones. Not because they were insecure, but because the agency's infosec team couldn't surveil the devices or break in to do a data dump if the employee was under investigation.

Certainly, they still have zero days, and vulns dating back longer than anyone would like. So it's interesting what's happening to iOS use of C: https://blog.timac.org/2023/1019-state-of-swift-and-swiftui-...

lesuorac1y ago

Privacy is a vague term though.

While Apple may have features to ensure that only you have access to your phone. They still run a very large ad network.

Like Google has a lot of features to avoid other people from logging into your account. That doesn't mean they don't track your activities and centrally log it.

tonyedgecombe1y ago

>They still run a very large ad network.

If you expect perfection you are always going to be disappointed.

jmpman1y ago

Interesting point about MDM. Could the government compel my employer to use their MDM control of my device to gain access?

voidwtf1y ago

The MDM does not give your employer a way to retroactively unlock the phone. Depending on the MDM solution and capabilities they allowed they may be able to install an application though. But most people that have accepted MDM on their personal device from their employer, the only thing the employer can do is remotely wipe the device.

1 more reply

bigfatkitten1y ago

For many agencies, until Samsung came out with Knox, Blackberry and then later iPhones (with MDM) were the only approved mobile platforms.

ChrisArchitect1y ago

Cops Suspect iOS 18 iPhones Are Communicating to Force Reboots

https://news.ycombinator.com/item?id=42081874

draxter1y ago

I wonder if the recent retiring of the CEO of Cellebrite has something to do with this. I read that since IOS 17.4 they've been having troubles accessing devices.

alphan0n1y ago

Graykey, acquired by Magnet Forensics in its merger with Grayshift, is the market to watch here. They’re espousing support for unlocking iOS 18.x

https://www.magnetforensics.com/blog/graykey-supported-mobil...

xenospn1y ago

Oh that’s so simple and clever!

So the cops keep all phones plugged in and unlocked at all times to prevent them from re-locking?

avidiax1y ago

If they can't keep them unlocked, they at least don't want them to reboot, since that puts the phone in a less exploitable state.

If they never reboot, then the phone can just be kept powered and isolated for years if need be to find an exploit in the AFU (after first-unlock) decrypted but screenlocked state.

natebc1y ago

also being discussed here: https://news.ycombinator.com/item?id=42081874

dang1y ago

Thanks! Macroexpanded:

Cops suspect iOS 18 iPhones are communicating to force reboots - https://news.ycombinator.com/item?id=42081874 - Nov 2024 (282 comments)

fingerlocks1y ago

Does anyone know what IDE is used in the screenshot?

aseipp1y ago

They are using Binary Ninja.

johnisgood1y ago

Looks like VS Code.

j / k navigate · click thread line to collapse