this post was submitted on 09 Nov 2024
54 points (98.2% liked)

Pulse of Truth

521 readers
44 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago
MODERATORS
 

On Thursday 404 Media reported that police were freaking out about mysteriously rebooting iPhones. Now multiple experts have found that Apple introduced code that reboots locked phones after a period of time.

you are viewing a single comment's thread
view the rest of the comments
[–] schnokobaer 8 points 2 weeks ago (3 children)

What exactly does this do? From OP's excerpt it says the phones reboot when they are already locked and the rest is paywalled..

[–] halcyoncmdr@lemmy.world 66 points 2 weeks ago (1 children)

Your phone doesn't fully decrypt until you enter your passcode the first time after a reboot. Once you enter your passcode that first time, it is decrypted for use. This is also why biometrics don't let you unlock your phone until after that first unlock and decryption, biometrics are just a shortcut.

So if the phone isn't interacted with for a period of time, it will automatically reboot. This increases device security because it forces the device back to a fully encrypted state when unused for a while.

Police don't like this because it makes their job harder to get into a device the owner doesn't want them to have access to. It also means that the time they have to get a court to force someone to unlock a device via biometrics is much shorter since that won't work after a reboot.

[–] schnokobaer 20 points 2 weeks ago

Brilliantly explained, now even I got it, thank you

[–] jonne@infosec.pub 14 points 2 weeks ago

If your phone is running, your decryption key is stored in memory in the phone (this is slightly oversimplified, iPhones use a special chip with an enclave to do this). After a reboot, the decryption key doesn't actually exist yet until you enter your PIN (as the PIN is part of that decryption key), so it's harder to get to by an attacker.

[–] SweetCitrusBuzz@beehaw.org 5 points 2 weeks ago* (last edited 2 weeks ago)

Reboots if phone has been disconnected from network for some arbitrary time, it is suspected to be less than 24 hours that this happens in.

This stops cops from hacking the phone using exploits etc.