Without warning, Apple has just pushed the security of its devices a little further with iOS 18, to the great dismay of law enforcement. And yes, imagine that the latest update of their mobile OS hides a feature that is currently causing a lot of cringe.
The American police forces have indeed been in turmoil since they discovered strange behavior of iPhones running iOS 18, to say the least. It seems that the devices stored in their analysis labs are starting to restart autonomously, seriously complicating their investigative work.
But then why does a simple restart cause our police friends to panic so much?
Well, this is where it gets really interesting. On an iPhone, there are two distinct security states: BFU (Before First Unlock) et le mode SWEAT (After First Unlock). When your phone restarts, it automatically enters BFU mode, an ultra-secure state where most data is encrypted and inaccessible. Only after unlocking the device with your code does certain data become more easily accessible in AFU mode.
For a while, investigators have been counting on this AFU state, less restrictive, to extract information from seized devices using specialized tools like Cellebrite, which also equip law enforcement in France. But now it's more complicated.
So feature or bug?
Well after analysis by experts like Matthew Green of Johns Hopkins University, the hypothesis of an intentional functionality called “inactivity reboot” seems to be confirmed. This mechanism which forces the device to restart after a certain period of inactivity is an approach similar to that already implemented on certain Android systems such as GrapheneOS.
If you have an iPhone running iOS 18, here's what happens:
- Your phone remains inactive for an extended period of time because you are in police custody for example…
- It restarts automatically
- On reboot, all data is locked in BFU mode
- Thus, only your personal code can unlock access
The beauty of this system is its simplicity: no need for complex configuration, protection is activated automatically as soon as the conditions are met. It is transparent for the user and extremely effective against intrusion attempts.
Of course, this situation raises ethical questions about the balance between individual security and collective security, but Apple has long taken a strong position in favor of protecting the privacy of its users, even if it means offending the authorities.
Regardless, cryptography experts welcome this approach. According to Matthew Green, the idea of a phone automatically locking after a prolonged period of inactivity is “absolutely brilliant”. Indeed, the more time passes, the more the risks of attacks increase and a periodic reboot is therefore an excellent way to strengthen security.
Note that this behavior should not affect your daily usage as long as you use your device regularly. And if your phone restarts, that's a good sign: your data is well protected!
Source
