Apple recently introduced a new security feature with the iOS 18.1 update that rolled out to users on October 28 that could prove to be troublesome for both thieves and law enforcement officials. According to a report, police officials in the US noticed that some iPhone models that were stored for forensic examination were rebooting on their own, making it much more difficult to bypass the security of the smartphone. A security researcher has confirmed that the reboots were due to a new feature added to iOS 18.
iOS 18.1 Introduces 'Inactivity Reboot' Feature on iPhone
According to a report by 404 Media, police officials in Detroit discovered that some iPhone units that were in storage and waiting for forensic examination were rebooting, making it harder to unlock those devices using tools designed to gain access to seized devices.
The publication also referred to a Michigan police document that suggested Apple had introduced a feature that allowed an iPhone to “communicate” with other devices, sending them a signal to reboot. However, this theory was debunked after a security researcher dug into the iOS 18.2 code.
Security researcher Jiska (@jiska@chaos.social) explained in a post on Mastodon that Apple actually added a feature called “inactivity reboot” that appears to have nothing to do with the phone's network state. Instead, the feature is designed to reboot any iPhone running iOS 18.1 if it hasn't been unlocked for a while.
How Apple's 'Inactivity Reboot' Feature Impacts Thieves and Law Enforcement
Apple encrypts user data on a smartphone in two states — Before First Unlock (BFU) and After First Unlock (AFU). The former is the state when an iPhone has been restarted, and the handset can only receive calls. This is a heightened mode of security, which is lowered when the user unlocks it for the first time and enables support for Face ID or Touch ID.
An iPhone remains in AFU mode until another reboot is performed, which means that law enforcement officials (or thieves) can use specific tools (from companies like Cellebrite or GrayKey) designed to unlock the device and access its contents. However, when an iPhone is in BFU state, it is much harder for these tools to gain access to the device using brute force techniques.
This is not the first time that Apple has introduced a feature that protects the iPhone from unauthorized access. After the company refused to unlock an iPhone for the FBI in 2016 (the FBI eventually used a third-party to unlock the phone), the company added a setting that disabled USB debugging on its smartphones,