Inactivity Reboot Feature Makes iPhone More Secure
Police agencies suddenly issued alarms recently when they noticed that suddenly iPhones in their possession were quietly rebooting on their own, frustrating law enforcement who had previously seized the phone and wanted to extract information from them. It was later revealed that the culprit was the newest security feature that was put into Apple recent software update, called “inactivity reboot” which automatically resets iPhones to their “Before First Unlock” or BFU state after a phone has been locked for four consecutive days. The reset does not wipe the phone or its content, but it does crucially limit the forensic data that can be extracted by law enforcement or bad actors when the phone is in a BFU state, which requires a passcode to bypass. This could play a crucial role in protecting user’s data from law enforcement and potentially places the company at odds with law enforcement, who for years have tried to pressure Apple to create backdoor channels that would allow law enforcement to extract data quickly from suspects phones. Since this is a new development, it will be interesting to see how fast traditional cellphone forensic tools that are commonly used by law enforcement will adapt.
Law Enforcement Have Increased their Ability to Break Into Phones in Recent Years
After the assassination attempt of then-Republican presidential nominee Donald Trump over the summer, it was announced just two days after the shooting that the F.B.I. had “gained access” onto the suspect’s phone. Although not disclosed how or what was on the phone, law enforcement agencies both large and small have a plethora of different companies, services, and tools at their disposal to break into phones and extract forensic data. As security researcher Cooper Quintin said recently, “Almost every police department in the nation has a device called the Cellebrite, which is a device built for extracting data from phones, and it also has some capability to unlock phones.” A 2020 investigation found that even then already over 2,000 law enforcement agencies, with at least one in every state, had access to some of these jailbreaking tools, which can cost as much as $30,000, and there are new companies entering the market every year. While it is true that law enforcement can obtain information from a phone legally, the proliferation of the availability of such tools means that not just law enforcement, but potentially bad actors, can use tools to unlock a person’s phone and find out their most intimate details. It is troubling to those who value their privacy. Furthermore, there is always the potential for law enforcement to abuse their powers and use the new technology to obtain evidence in violation of a person’s Constitutional rights, as we have previously covered in other instances of police overstepping their authority while using new technology in an investigation. While some providers such as Apple continue to make their products more secure, it is clear that other companies will always be working to find ways to break into those devices in a proverbial arms race.