Apple has quietly slipped into iPhones a new “inactivity reboot” feature that would make it harder for thieves as well as law enforcement officials to password-crack the smartphone. iPhones with iOS 18.1 that stay unlocked for a certain number of days appear to reboot on their own. Once it powers up again, the device becomes harder to unlock using digital forensic tools, according to a report by 404 Media that cites multiple security experts. Last week, US law enforcement officials reportedly warned each other that iPhones kept in their custody for forensic examination were mysteriously rebooting themselves. The news outlet said it accessed messages shared by a forensic specialist named Christopher Vance on a law enforcement and forensic expert group chat that read, “We have identified code within iOS 18 and higher that is an inactivity timer.” “This timer will cause devices in an AFU state to reboot to a BFU state after a set period of time which we have also identified,” Vance, who works for a firm called Magnet Forensics that sells investigative tools to law enforcement, reportedly said. Apple indeed added a feature called "inactivity reboot" in iOS 18.1. This is implemented in keybagd and the AppleSEPKeyStore kernel extension. It seems to have nothing to do with phone/wireless network state. Keystore is used when unlocking the device. pic.twitter.com/O3jijuqpN0 — Jiska (@naehrdine) November 8, 2024 AFU stands for After First Unlock, which means that the phone has been unlocked at least once since being rebooted. Before First Unlock (BFU) is when the phone has not been unlocked even once since being turned on, and it is reportedly harder to gain access into the device at this stage. The inactivity reboot feature in iPhones comes in the backdrop of a long-standing tussle between law enforcement officials looking to extract data from seized devices to aid their investigations and smartphone brands like Apple that have positioned themselves as user privacy-focused to stand out from other manufacturers. Earlier this year, the US-based tech giant reportedly refused to comply with a request from India’s Enforcement Directorate (ED) to unlock an iPhone belonging to then-Delhi CM Arvind Kejriwal in connection with a money laundering case. The ED was told by Apple that a password was necessary for retrieving any data, which Kejriwal refused to share, The Indian Express had reported.
