The idea that iPhones magically communicate with each other to “reboot randomly” when off a cellular network (assumably would happen on a plane easily) is pretty far fetched. The far more likely explanation is that iOS 18.0 has some radio/modem bugs that causes devices to randomly reboot, likely correlated with long periods of disuse or lack of network connectivity.
Or heck, if the phone thinks the cellular modem isn’t working (like the phone in a faraday cage), some watchdog might just timeout and reboot.
In any case, the idea that they’re randomly networking and intentionally rebooting to thwart this specific law enforcement attack seems pretty unlikely.
I don't think it's what's happening here, but iPhones absolutely communicate with each other when there's no cellular network.
The 'Find My' network uses all iPhones/iPads/Macs (unless disabled) to locate said devices and other items over Bluetooth LE.
> The Find My network is an encrypted, anonymous network of hundreds of millions of Apple devices that can help find your stuff, even when it’s offline. Nearby devices securely send the location of your missing device to iCloud, so you can find it in Find My. It’s all anonymous and encrypted to protect everyone’s privacy.
— https://support.apple.com/en-au/104978
What's interesting to me is that Apple's stance of not unlocking iPhones for law enforcement has led to this paranoia on law enforcements part. Honestly? Good.
Apple doesn’t have a stance of not unlocking phones for law enforcement. They give law enforcement whatever they’re asked for by subpoena.
Apple‘s stance is to build strong encryption so that they can’t access customers data. What they have refused to do is weaken that encryption so that they could start complying with future requests or sign tampered with firmware that would allow the decryption without user authorization.
My conspiracy theory here is that Apple knows that this is how law enforcement goes about unlocking phones with tech like Cellbrite so they add in code to thwart that effort but keep quiet so they can have the plausible deniability of it just being a bug.
Yea, it seems like this would be easily verified, if true, by security experts. Watch the network traffic in a faraday cage. See some strange packets that don't make sense with currently used protocols, okay, maybe there is some truth. But if all you see are packets that arn't surprising (in this case, a ping to try to find a cell tower) and a reboot occurs, then there is no mystery, its probably as you suggest a bug or trying to self health from a failed watchdog check.
Its all happening over RF, its not like they can implement this so a signal opens a inter-dimensional portal and comes back out making it undetectable on the RF spectrum.
> I don't see why that couldnt result in a reboot somehow
Because Find My is a reverse-engineered protocol that can be abused to broadcast false information to nearby devices? Trusting Find My to know when it's time for a reboot sounds like an amazing Flipper Zero feature but a not-so-great experience for iPhone owners.
Second this. It strikes me as a completely reasonable watchdog. Other than if you're keeping it around in a faraday cage it's very unlikely to receive *nothing* for an extended period. How many people take phones into such environments for extended periods? Thus if nothing is coming in it probably means something's messed up.
And if it reboots on the cops Apple probably considers that a plus.
They do communicate with each other for the "Find My" feature to work even when disconnected from cellular and wifi. It is basically the same operating principle behind Apple Tags.
I agree that it's unlikely but consider that Apple stores have a "dock" that can power on an iPhone and do an iOS upgrade while it's sealed in the box. Who knows what P2P communication protocols iPhones have.
Info from the future: it seems that fresh iOS18 versions reboot the phone if they haven't been unlocked for a specified amount of time (days it seems).
If it's in the hands of a legit owner, they just need to type the iCloud password and they're back in. If it was stolen or confiscated, it just became a very expensive brick unless they can coerce the owner to log in somehow.
> The idea that iPhones magically communicate with each other to “reboot randomly” when off a cellular network (assumably would happen on a plane easily) is pretty far fetched.
iOS devices communicate thru a separate ultra-wideband mesh network used for "Find My" and more recently the AirTags.
iPhones are already communicating with any and every bluetooth capable Apple device to enable the findmy/airtag functionality aren't they? I dont believe this is necessarily true just that its theoretically possible.
The issue is not that Apple devices communicate with each other. It's the absurd claim that there's a secret handshake between Apple devices that tells them to reboot if they've been offline and locked for too long.
So sit around in a less secure state for weeks and months and only when externally triggered reboot? That's a stupid feature and makes no sense. If you were to base any partial security measure off of how long a device has been powered up and locked, then just use a timer. Why wait for another phone to wander by?
Though the digital forensics lab claims they were all in airplane mode with one inside a faraday box, so how are they communicating with each other? This suggests incompetence on their part, perhaps not actually putting them in airplane mode or not understanding that bluetooth/wifi can be enabled (and may enable themselves) separately from the cellular radio.
It’s communication in that information is being passed, but it’s a one-way Bluetooth broadcast. It’s not any kind of two-way communication.
At most an iPhone may be able to broadcast a Bluetooth message saying “anybody out there?“. I don’t even know if that’s possible. I’m sure Apple‘s white paper has the answer but I don’t remember it.
It’s very well established by numerous studies that apple products continuously scan for other wireless devices in their proximity, especially Apple ones but including wifi routers, and then upload their hardware IDs and MAC addresses to apple server, together with GPS location.
It would be beyond hilarious if Apple now went and implemented this safeguard. I don't even think a hard reboot would be necessary, simply if the phone hasn't had reception for some preset period of time, or if there's been more than some amount of incorrect logins, or no successful logins in some given amount of time, revert everything to the freshly booted state, encryption and all.
Great to see Apple taking a firm stance on this, this above other fancy features maintain customer loyalty.
People often point out the law enforcement case for breaking into phones but conveniently forget that the very same security holes used by law enforcement are used to make stealing phones more profitable and by other nation-states to spy, commit corporate espionage, etc.
It's not based on communication, though. It's based on how long it's been since the phone was last unlocked - which is an even stronger safeguard, since it can't be spoofed.
Actually, it would be beyond reckless for Apple to do anything other than implement this as a safeguard. The cops just gave up the game. Their only way into a locked phone is one in an AFU state. Apple doesn't give backdoors to law enforcement, so in lieu of Apple being able to patch this vulnerability, they absolutely should implement protections against it, including this one we just heard from the horse's mouth.
If Apple doesn't make this an official feature, or worse: fixes this issue for the convenience of law enforcement, we need to read that as Apple selling out our privacy to the government.
Apple is in a weird position, on one hand they HAVE to give us government way to access people's iphone (CIA, NSA), and in a less direct way to the whole us government (local cops). On the other hand, privacy is a main point of their marketing so they have to look like they do things to protect it's users.
So they obviously have direct backdoor for the big ones like cia, and they let some wiggle room for 'security' companies that sell 0day exploit to local cops. If they didn't do, there would be lobbies until inevitably they too get their backdoor, which would look bad for apple. It would kill the myth of iphone privacy, any cop could leak about it.
I suspect this is either a bug or a feature that won't really prevent cops from accessing suspect's iphones, they will be annoyed until their 'unlock tool' get updated.
Don't count on Apple to actually fight any government to protect their customer privacy. If they did so, they would never have set up an alternate icloud on CCP controlled server for their Chinese customer, they Would have gone out of Chinese market.
Would the condition be irritating for me when am taking a very long multi transit flight and prefer to keep my phone on airplane mode because am trying to read My ebooks on my kindle during the journey and my phone keeps rebooting …
Airplane mode isn't the same as putting the phone inside a Faraday cage. The phone can tell the difference. Even in airplane mode the phone could receive rf; airplane mode is just supposed to disable transmission.
I think this is simply a matter of finding good defaults. In my opinion, the order of magnitude should be how many days without reception, not how many hours. A week sounds like a sane baseline for me, since that is more than ample time for most people to end up in a situation where you're connected again. Likewise you could reset the counter on a successful unlock. On the flip side, a week is not enough time to reasonably bruteforce anything if the time you have to wait before each retry goes up with every failure.
This reads more like a chain email forward than an actual analysis of the iPhone tech stack.
Fwd: Fwd: READ THIS!!! You won't believe what the iPhone does when off network and around other iPhones!!!
> It is believed that the iPhone devices with iOS 18.0 brought into the lab, if conditions were available, communicated with the other iPhone devices that were powered on in the vault in AFU. That communication sent a signal to devices to reboot after so much time had transpired since device activity or being off network.
The hypothesis doesn't make any sense because the phone doesn't need to communicate with other phones to decide to restart/lock based on lack of network signal.
> Matthew Green, a cryptographer and Johns Hopkins professor told 404 Media that the law enforcement officials' hypothesis about iOS 18 devices is "deeply suspect," but he was impressed with the concept.
The article also states that you can use a passcode or Face ID to get into AFU state, but of course you cannot – the main distinguisher (to a user at least) of BFU is that you must unlock with your passcode as biometrics are disabled.
GrapheneOS has a "reboot after x hours inactivity" feature specifically to prevent the scenario mentioned in the story. Otherwise leaving a phone powered on is a massive risk, especially if cops can keep it charged for months to wait for an exploit.
Yeah an option to "reboot after not being unlocked for x hours" where x is considerably longer than the average time the phone would ever be locked under normal circumstances, would be great for security.
Maybe designed to help with anti-theft? I already use a shortcut automation when airplane mode is turned on to lock my phone and turn off airplane mode, as that’s the first thing thieves would do.
You can just disable access to Control Center and Siri when locked. If you have an eSIM device, this is a really great thing to do, as it’ll always connect to a cellular network when available.
How is this shortcut even possible? Maybe it’s because I have an older model or haven’t figured out how to build good Shortcuts yet, but I thought that every shortcut requires some kind of manual activation. Would you launch the shortcut from an Apple Watch? Wouldn’t iOS require confirmation from the thief to turn off airplane mode?
That being said, I have heard of a weird automation someone made where it would open an app as soon as they went to the Home Screen. It took some thinking for them to deactivate it because the shortcut was really fast to activate.
This is a great idea. Perhaps add a moderate delay (say 30 seconds or 1 minute) to confuse them even more. Then they will think that airplane mode is active when it isn't.
When you say theft, do you mean by someone with interest in the hardware or the data? Assuming hardware, I'm not sure I understand why a thief who intends to wipe it anyway would care about an auto restart versus normal screen lock. Assuming data, that's exactly what the article is about.
Are thieves really even stealing phones anymore? You can't pawn or sell them anymore because they can't just be reset and setup with a new account, batteries are becoming impossible to remove...all you can really take is the screen which isn't really worth much either.
Personally I only use it for battery savings when camping or similar. It's not the kind of thing everyone cares about. I think we're long past the days where a flight full of phones frantically searching for towers during takeoff/landing would degrade the network for people on the ground, as may have been true way back when (and why) airplane mode was adopted as a standard feature.
I typically activate airplane mode twice and have it fail. Remember the automation, go deactivate the automation and then airplane mode works. On actual airplanes, I’m more likely to simply power off my phone.
I very much doubt it. Far more likely to be a memory leak in the baseband which is exposed when the devices are unable to talk to the cellular network for a period of time.
Ya, I'm guessing these cops don't have iPhones because if they did they would know that iOS is just buggy. I mean, the last time I restarted my iPhone before iOS 18 was when I installed the last iOS 17 patch. Since installing iOS 18 I've had to restart it twice because it stopped responding.
You actually don't have to power it down. If you hold the power and volume buttons for 2 seconds and reach the "slide to power off" screen, the phone is already hard locked. You then always have to enter the passcode to unlock it.
> You actually don't have to power it down. If you hold the power and volume buttons for 2 seconds and reach the "slide to power off" screen, the phone is already hard locked. You then always have to enter the passcode to unlock it.
Iphones have 2 states when it comes to encryption:
Before First Unlock (BFU) - everything is encrypted. The most difficult state to hack.
After First Unlock (AFU) - data isn’t fully encrypted. Maybe it's for performance reasons. In this state exploits exist which police can use to get data.
Your suggestion of getting to the 'slide to power off' screen does NOT hardlock the phone (it does not put it in BFU).
It just means it requires a passcode. However, since it is in AFU mode, data can be exfiltrated with the right tools.
This is wrong. While this clears a some keys and prevents anyone from holding the phone up your face to unlock it, it doesn’t bring the phone back into a full BFU state.
Some keys can still be read, and depending on the exploit they use a lot of data could be extracted. BFU + good passcode is always the way to go.
If you have an iPhone SE Gen 3 (Or any other iPhone with TouchID, but models older than the SEGen3 have other weaknesses to worry about), you can do the same by spamming the power button 5 times.
You can also ask Siri to reboot or turn off your phone, Siri will ask you to confirm you want to do the action, but it doesn't take too long to do. Just in case you don't want to reach for your phone for what ever reason.
IDK about iOS, but android (or at least calyxOS/grapheneOS) has a feature where you can make the phone automatically reboot after a certain amount of time (thus removing the keys from memory).
Unfortunately, though, you won't be able to do so while handing it over, and US cops will just kill you if you take too long handing over your phone because they can.
Any time a police encounter starts, you can at least tap the standby button 5 times. It's not as good as a shutdown, but it will at least disable biometrics so it will require a password to unlock. They can't legally force you to reveal your password.
> the reported iPhone reboots highlight the constant cat and mouse game between law enforcement officers and forensic experts on one side, and phone manufacturers Apple and Google on the other.
I don't think Google is in this same category at all. Didn't they just recently give nest door unlock codes to LEO without even asking for a warrant?
Apple and Google are on different planets when it comes to user privacy.
Readit News
Or heck, if the phone thinks the cellular modem isn’t working (like the phone in a faraday cage), some watchdog might just timeout and reboot.
In any case, the idea that they’re randomly networking and intentionally rebooting to thwart this specific law enforcement attack seems pretty unlikely.
The 'Find My' network uses all iPhones/iPads/Macs (unless disabled) to locate said devices and other items over Bluetooth LE.
> The Find My network is an encrypted, anonymous network of hundreds of millions of Apple devices that can help find your stuff, even when it’s offline. Nearby devices securely send the location of your missing device to iCloud, so you can find it in Find My. It’s all anonymous and encrypted to protect everyone’s privacy. — https://support.apple.com/en-au/104978
It’s like an automated ARP response packet that’s automatically transmitted occasionally without needing to hear a request.
Apple‘s stance is to build strong encryption so that they can’t access customers data. What they have refused to do is weaken that encryption so that they could start complying with future requests or sign tampered with firmware that would allow the decryption without user authorization.
Deleted Comment
Its all happening over RF, its not like they can implement this so a signal opens a inter-dimensional portal and comes back out making it undetectable on the RF spectrum.
[1]https://appleinsider.com/articles/24/11/07/iphones-stored-fo...
Two birds, one stone..
well they do silently communicate for the "find my" network. I don't see why that couldnt result in a reboot somehow
Because Find My is a reverse-engineered protocol that can be abused to broadcast false information to nearby devices? Trusting Find My to know when it's time for a reboot sounds like an amazing Flipper Zero feature but a not-so-great experience for iPhone owners.
And if it reboots on the cops Apple probably considers that a plus.
If it's in the hands of a legit owner, they just need to type the iCloud password and they're back in. If it was stolen or confiscated, it just became a very expensive brick unless they can coerce the owner to log in somehow.
iOS devices communicate thru a separate ultra-wideband mesh network used for "Find My" and more recently the AirTags.
So sit around in a less secure state for weeks and months and only when externally triggered reboot? That's a stupid feature and makes no sense. If you were to base any partial security measure off of how long a device has been powered up and locked, then just use a timer. Why wait for another phone to wander by?
Though the digital forensics lab claims they were all in airplane mode with one inside a faraday box, so how are they communicating with each other? This suggests incompetence on their part, perhaps not actually putting them in airplane mode or not understanding that bluetooth/wifi can be enabled (and may enable themselves) separately from the cellular radio.
At most an iPhone may be able to broadcast a Bluetooth message saying “anybody out there?“. I don’t even know if that’s possible. I’m sure Apple‘s white paper has the answer but I don’t remember it.
Dead Comment
https://www.scss.tcd.ie/doug.leith/apple_google.pdf
https://chaos.social/@jiska/113447894119816217
That would make sense since thieves know that they have to get an iPhone offline to prevent Find My tracking and remote locking.
People often point out the law enforcement case for breaking into phones but conveniently forget that the very same security holes used by law enforcement are used to make stealing phones more profitable and by other nation-states to spy, commit corporate espionage, etc.
If Apple doesn't make this an official feature, or worse: fixes this issue for the convenience of law enforcement, we need to read that as Apple selling out our privacy to the government.
So they obviously have direct backdoor for the big ones like cia, and they let some wiggle room for 'security' companies that sell 0day exploit to local cops. If they didn't do, there would be lobbies until inevitably they too get their backdoor, which would look bad for apple. It would kill the myth of iphone privacy, any cop could leak about it.
I suspect this is either a bug or a feature that won't really prevent cops from accessing suspect's iphones, they will be annoyed until their 'unlock tool' get updated.
Don't count on Apple to actually fight any government to protect their customer privacy. If they did so, they would never have set up an alternate icloud on CCP controlled server for their Chinese customer, they Would have gone out of Chinese market.
Fwd: Fwd: READ THIS!!! You won't believe what the iPhone does when off network and around other iPhones!!!
> It is believed that the iPhone devices with iOS 18.0 brought into the lab, if conditions were available, communicated with the other iPhone devices that were powered on in the vault in AFU. That communication sent a signal to devices to reboot after so much time had transpired since device activity or being off network.
The hypothesis doesn't make any sense because the phone doesn't need to communicate with other phones to decide to restart/lock based on lack of network signal.
> Matthew Green, a cryptographer and Johns Hopkins professor told 404 Media that the law enforcement officials' hypothesis about iOS 18 devices is "deeply suspect," but he was impressed with the concept.
Just about sums it up.
That being said, I have heard of a weird automation someone made where it would open an app as soon as they went to the Home Screen. It took some thinking for them to deactivate it because the shortcut was really fast to activate.
Deleted Comment
Iphones have 2 states when it comes to encryption:
Before First Unlock (BFU) - everything is encrypted. The most difficult state to hack.
After First Unlock (AFU) - data isn’t fully encrypted. Maybe it's for performance reasons. In this state exploits exist which police can use to get data.
Your suggestion of getting to the 'slide to power off' screen does NOT hardlock the phone (it does not put it in BFU).
It just means it requires a passcode. However, since it is in AFU mode, data can be exfiltrated with the right tools.
You should definitely power it down to be secure.
Some keys can still be read, and depending on the exploit they use a lot of data could be extracted. BFU + good passcode is always the way to go.
You can also ask Siri to reboot or turn off your phone, Siri will ask you to confirm you want to do the action, but it doesn't take too long to do. Just in case you don't want to reach for your phone for what ever reason.
Dead Comment
I don't think Google is in this same category at all. Didn't they just recently give nest door unlock codes to LEO without even asking for a warrant?
Apple and Google are on different planets when it comes to user privacy.
Did they? I don't remember seeing anything about that.