Tech
Cops think iPhones are secretly communicating with each other to reboot [U] – 9to5Mac
Update: A security researcher on Mastodon has cracked the case on this, proving that it has nothing to do with iPhones secretly communicating with each other.
A new report from 404 Media says that law enforcement officials in Detroit, Michigan believe that iOS 18 includes a “new security feature that tells nearby iPhones to reboot if they have been disconnected from a cellular network for some time.”
After an iPhone reboots, users generally have to enter their passcode again. Law enforcement officials are concerned that this makes iPhones stored for forensic explanation harder to unlock. A document being distributed among law enforcement officials and obtained by 404 Media explains the change.
404 Media writes:
The document says that a digital forensics lab had a number of iPhones in their forensics laboratory that were in an After First Unlock (AFU) state. AFU means that since the last time the device was powered on, someone (typically the owner) has unlocked the device with their passcode or similar at least once. Generally, law enforcement have an easier time accessing devices in an AFU state with specialized tools.
After a reboot, the iPhones in question entered the Before First Unlock (BFU) state. “This made unlocking them significantly harder, and according to the document, cracking them is now not possible with current tooling,” the report explains.
Law enforcement officials say that this has affected iPhones that were in Airplane Mode and one that was inside a farday box.
The document says that three iPhones running iOS 18.0, the latest major iteration of Apple’s operating system, were brought into the lab on October 3. The law enforcement officials’ hypothesis is that “the iPhone devices with iOS 18.0 brought into the lab, if conditions were available, communicated with the other iPhone devices that were powered on in the vault in AFU. That communication sent a signal to devices to reboot after so much time had transpired since device activity or being off network.” They believe this could apply to iOS 18.0 devices that are not just entered as evidence, but also personal devices belonging to forensic examiners.
Apple has not commented on this report or law enforcement document. It’s unclear if this is a bug in iOS 18, a deliberate feature change by Apple, confusion among law enforcement officials, or a combination of all the above.
Matthew Green, a cryptographer and associate professor at Johns Hopkins University, told 404 Media that the law enforcement theory iPhones are secretly communicating with each other is “utterly bizarre and amazing.” Green, however, said he finds the hypothesis to be “deeply suspect.”
You can read the full report on the 404 Media website.
FTC: We use income earning auto affiliate links. More.