iOS 18.1 introduces a new security feature that improves iPhone protection for devices locked for long periods.
Background
Recently, law enforcement reported unusual behavior with seized iPhones. These devices restarted unexpectedly, making unlocking difficult. iPhones running iOS 18 are especially affected if they lose network connectivity for too long.
A police report indicated that certain iPhones with iOS 18.0 were communicating with other devices while stored. This interaction triggered a restart after a period of inactivity.
New Security Features
The inactivity restart feature causes a locked iPhone to reboot automatically after 72 hours of standby without being unlocked. This reboot happens regardless of battery status or network connection. Previously, the reboot timer in iOS 18.0 was set for 7 days.
This feature aims to strengthen security by making it harder for unauthorized users to access device data. It also helps protect against theft by rendering stolen devices unusable. Moreover, it aligns with strict data protection regulations, such as GDPR.
Several security researchers have confirmed this feature. Jiska Classen demonstrated that an iPhone inactive for 72 hours will restart automatically.
Magnet Forensics, in a blog post, noted the lack of official documentation from Apple regarding this feature. Matthew Green from Johns Hopkins University praised it, stating it protects against theft and hacking attempts by preventing attackers from storing stolen devices indefinitely.
There are two security states for iPhones:
- AFU (After First Unlock): The device is secured, but some cryptographic keys are accessible.
- BFU (Before First Unlock): After a restart, all data is fully encrypted until the user unlocks the device.
This new feature provides a layer of security for users and helps ensure their data remains safe.
