- cross-posted to:
- apple_enthusiast@lemmy.world
- cross-posted to:
- apple_enthusiast@lemmy.world
Speculation is that ios 18 is communicating with other phones while locked to determine security. This can more likely be a NSA/US empire backdoor than a user protection feature. Lowly police systems are just not on the “hacker list”. One way the backdoor could work is that if a “NSA/Mossad list phone” is present, protect the other phones, unless the phones are in an NSA/Mossad secure facility.
Or it could just be using the inactivity reboot feature that was recently added to iOS.
ok. I’d suspect spy agency back doors if the feature was unannounced. If it was an announced feature, then that is reasonable explanation.
It’s literally a documented feature AND it’s weird super secret spy agency shit is the easiest answer for you tbh.
I thanked you for explanation. OP did not suggest that as an explanation.
You did though. Lmao
Android has an app that you can install that auto wipes a phone after X amount of time if the phone hasnt been unlocked:
https://f-droid.org/en/packages/me.lucky.wasted/
Also theres an app that allows you to set a fake password that wipes the phone:
https://f-droid.org/en/packages/me.lucky.duress/
All open source, I have tested these apps on my phones, they work great. The second app about the duress password is a bit glitchy and didnt work on some of my phones.
Disclaimer: I am not a lawyer and setting your phone to automatically wipe itself may be considered destruction of evidence in a court of law.
Thanks but I literally cannot figure out how to use these apps after installing
For the “Wasted” app:
-
Check the box saying “Wipe Data” (you can optionally check wipe eSim if yiu also want that to happen)
-
Tap the bottom button saying [Off] which would ask you to give permission to the app as a Device Administrator, giving it the power to wipe your device.
-
Tap the gear button on top right
-
Scroll down to the “Lock” and check that
-
Tap the upper left button with the 3 horizontal lines
-
Tap the “Lock” menu option
-
Enter a value. I personally would use something like 24 or 48 hours. Note that 24H automatically becomes 1D in the app, idk why but thats just some weird quirks with the app.
For the Duress app, it doesn’t really work anymore on the phone I’m using, so you might have to do your own testing.
Edit: Make sure you dont get drunk and passed out for 24 hours because then your phone gets wiped lol. Good luck, I didn’t make the app so be careful with it, don’t blame me if your accidentally get your device wiped when you didnt want it to.
Edit 2: Also you cant really know if these apps works on your particular phone unless you test it yourself, that means wiping it. So you might wanna back up your phone then trigger the wipe to see if it works. Dont wanna get caught at a protest only to find out the app failed.
-
Nice, I think making your phone go into Before First Unlock mode cannot be considered destruction of evidence
Well they might charge you with “Obstruction of Justice” instead. Then plug it in some cellebrite device and boom, unlocked.
Best way to not have to deal with stuff like this is just to not have the incriminating evidence in the first place. If you are, for example, doing a protest, only chat with contacts in a safe place, then wipe chat logs every time, any data you wish to keep should be encrypted then uploaded anonymously via VPN/Tor and wiped from local storage. Hide the fact that such data exists so you wouldn’t have a scenario where the government is trying to get you to give them the data, since they dont even know what data exists. Plausable deniability.
Edit: Those apps I’ve linked is still a good idea since “Destruction of Evidence” is probably a lesser charge than something like “Rioting”.
Cellebrite struggles with iPhones already, this reboot is part of the cat and mouse game they’re playing
That’s what they say. I mean the news literally base this off the FBI’s own words, so there’s no way for us to tell if they actually manage to break the encryption but then turns around that say “the encryption is too strong”. Besides, iOS is closed source.
Intelligence agencies have made this “Anom Phone” that is this supposed encrypted phone that drug dealers and various criminals used to communicate, turned out to be a honeypot.
I’ve used cellebrite before.
Anecdote of 1 for you, iOS is a pain in the ass.
There are different versions.
One is where they sell the cellebrite device to law enforcement.
Another where the cellebrite device remain in control of cellebrite, and law enforcement has to send the phone to cellebrite.
Unless you actually work for cellebrite and got access to their more advanced tools, which then I doubt they would let you share the details of since that must be breaking some non-disclosure agreement.
Yes, I am well aware.
shipping a phone to them or waiting for the tech to arrive, that transit time, is what my mind went to immediately when this feature was introduced.
The phones are significantly more difficult to get into after the reboot.
I’m disclosing absolutely nothing.
Cellebrite? I don’t think that’s how encryption works
There are attacks where rather than trying to crank the password you just capture the hash which is stored in memory somewhere and then using a tool that lets you bypass the standard login inject that hash into the app, totally bypassing the UI interface and the password hashing algorithm.
The app sees the hash is correct and isn’t aware that the information has been input via nonstandard methods, and so allows access.
The attacker still doesn’t have a clue what your password was, but they don’t need to. Interestingly enough this means that every time they want access to your data they have to do this because they don’t have a way of actually changing the password or finding out what it was.
Link? That sounds incredibly stupid design
Yeah. It is. Every design has assumptions and every design can be abused by those assumptions. I’d like to say it’s not a failure in design but it’s really just a failure of imagination. No one thought this would be an issue, turns out it is, so someone fixed it.
The problem is that not every system gets updated.
It might work that way, actually .
Just because the phone is encrypted doesn’t mean there’s not an exploit that makes it easier to bypass or extract the passphrase. Celebrite is unfortunately pretty good at attacking out of support phone and breaking into them.
Use a modern, supported OS on a device put out by a trusted vendor and you’re probably ok. But old software/hardware makes it much easier to bypass.
Apparently some phones have a totally isolated electrically separated microcomputer which is in charge of encryption and decryption. Your phone doesn’t actually know how the encryption decryption is done because it’s separated from the microcontroller.
Any attempts to modify the microcontroller or replace any of its components with more cooperative components, will result in all of the data being wiped. This is implemented at the firmware level with the instructions being in ROM.
If this is indeed a security feature I’m about to buy my first iPhone.
CalyxOS and GrapheneOS have this as a feature.
Two hours seems extremely low.
On grapheneos it’s a setting, 18 hours by default I believe, but adjustable from 10 minutes to 72 hours.
That seems much more reasonable. Thanks for the info.
Wouldn’t this make your phone reboot all night while you’re sleeping?
It will only reboot once unless it is unlocked again https://grapheneos.org/features#auto-reboot
Yes. Alternatively, you can just… power it off.
I keep mine on in case of family emergencies, it’s also my alarm clock
What is the good thing about a phone rebooting?
When you input your password, then your biometrics (faceID, fingerprint, etc) become active. A restart requires you to enter that again. The police can make you put your finger on your phone or look at it, but they can’t make you divulge your password without a court order.
There are have also been some exploits that are possible ONLY while the machine is booted and already in that state unlocked state, rebooting relocks all the HW encryption and clears main memory.
Don’t switch to a privacy-violating platform just for a feature found in open source operating systems.
It should be, but it appears to be a bug.
Which is really sad quite frankly and if they did add it as a feature it should have a cooldown period of like 48 hours where it reboots twice in that time frame just so that if a cop turned the setting off it would still not help them
apple is not in business to obstruct law enforcement
You say obstruct, I say protect users from totalitarian regimes
apple’s entire existence depends on the US government… whose team do you think they play for?
Just use a pattern to lock your phone. Police can’t do shit if you have that set up.
It’s not the lock, it’s the fact that phones are usually encrypted after a reboot (to oversimplify). As the article says you have extra security measures to protect a freshly booted phone.
Note to those wishing for such a function, it’s possible by creating an iOS Shortcut - New Shortcut > Shutdown > Change it to ‘Restart’.
From there, you create an automation in Shortcuts to run based on time, location, etc.
Alas, it asks if you want to restart.
this is the police we’re talking about, they probably just forgot to charge them and are trying to shift the blame
I guess if you have the 10 seconds to do so, you could invoke the operating system hard reboot function, which at least on Android is pressing and holding power and volume up for 10 seconds. I don’t know what it is on the iPhone.
Edit: Too bad there’s not some sort of haptic to let you know that it accepted the command before it shuts down though.
Hot take: this is actually a bug not a feature.
The police could just ask Apple, it isn’t like they are going to have some secret reboot process that they would hide from the police.
And what would Apple be able to do about it? They don’t have your password*, so they’ll be just as unable to decrypt the device as the police.
*you can give them your password via iCloud I believe but you don’t have to