- cross-posted to:
- apple_enthusiast@lemmy.world
- cross-posted to:
- apple_enthusiast@lemmy.world
You must log in or register to comment.
Android has an app that you can install that auto wipes a phone after X amount of time if the phone hasnt been unlocked:
https://f-droid.org/en/packages/me.lucky.wasted/
Also theres an app that allows you to set a fake password that wipes the phone:
https://f-droid.org/en/packages/me.lucky.duress/
All open source, I have tested these apps on my phones, they work great. The second app about the duress password is a bit glitchy and didnt work on some of my phones.
Disclaimer: I am not a lawyer and setting your phone to automatically wipe itself may be considered destruction of evidence in a court of law.
If this is indeed a security feature I’m about to buy my first iPhone.
CalyxOS and GrapheneOS have this as a feature.
Two hours seems extremely low.
On grapheneos it’s a setting, 18 hours by default I believe, but adjustable from 10 minutes to 72 hours.
That seems much more reasonable. Thanks for the info.
Wouldn’t this make your phone reboot all night while you’re sleeping?
It will only reboot once unless it is unlocked again https://grapheneos.org/features#auto-reboot
Just set the time too longer than you would be asleep. So in this screenshot above you could set it to 18 hours and most people at least that I know do not go 18 hours without unlocking their phone at least one time which would then reset the timer.
Yes. Alternatively, you can just… power it off.
Presumably it doesn’t reboot unless it was already unlocked.
You can adjust the time.
What is the good thing about a phone rebooting?
Law enforcement have tools to bypass lockscreens and access the data on the device. They use backdoors and exploits, so older phones are more vulnerable. Most exploits only work if the phone has been unlocked at some point since it was booted.
This is why law enforcement keep them powered-on, and in a faraday cage. They are in a state with a better chance of unlock, but have no signal so nobody can remotely find/lock/wipe it.
When you input your password, then your biometrics (faceID, fingerprint, etc) become active. A restart requires you to enter that again. The police can make you put your finger on your phone or look at it, but they can’t make you divulge your password without a court order.
There are have also been some exploits that are possible ONLY while the machine is booted and already in that state unlocked state, rebooting relocks all the HW encryption and clears main memory.
Don’t switch to a privacy-violating platform just for a feature found in open source operating systems.
Oh yeah, see they’ve done it perfectly by having it based on the last time you unlocked your screen.
This makes me even more interested in getting a newer pixel with graphene on it. I had the Pixel 3a back in the day, but have been using other devices since then with lineage. But this right here may very well bring me back. The only thing they need to do is have it on by default and set it to like a long time frame like 24 or 36 hours.
Back in the day? I’m reading this on a Pixel 3a.
I had a screen issue with mine after a while where the bottom right hand corner of the screen was trying to separate from the body a little bit and there was like this green line that showed up in the middle of my display. It was annoying as hell. Also, that was before I started only letting my battery charge up to 80% and so my battery was pretty well shot by the time that occurred as well.
On GrapheneOS, it is on by default and set to 18 hours. It makes sense to me to have the default be less than 24 hours.
I agree. I was thinking of 18 hours myself because 12 seems a little bit too short. But 24 or above seems far too long.
You can change it to what you need, i think default is 18
It should be, but it appears to be a bug.
Which is really sad quite frankly and if they did add it as a feature it should have a cooldown period of like 48 hours where it reboots twice in that time frame just so that if a cop turned the setting off it would still not help them
apple is not in business to obstruct law enforcement
You say obstruct, I say protect users from totalitarian regimes
apple’s entire existence depends on the US government… whose team do you think they play for?
so 3 Trillion USD apple is trailing a FOSS project on issues of security. checks out lol
Bug has been promoted to feature
SWEET!
It is a feature on grapheneos :)
Anything to make their job harder is perfectly okay by me. The only thing that would be needed would be for this to be a feature and to have a cool down period of like 48 hours where the phone would reboot twice in that time so that if it was held it would still reboot itself.
Edit: Even better idea. Turning off the feature requires a reboot.
this is the police we’re talking about, they probably just forgot to charge them and are trying to shift the blame
Whatever it is, incompetence, bug, or feature, I love it.
Note to those wishing for such a function, it’s possible by creating an iOS Shortcut - New Shortcut > Shutdown > Change it to ‘Restart’.
From there, you create an automation in Shortcuts to run based on time, location, etc.
Alas, it asks if you want to restart.
You could always take 10 seconds and invoke the operating system’s hard shutdown command if you have the 10 seconds to spare. On Android at least, that’s pressing and holding power and volume up for 10 seconds. But I do not know what it would be on the iPhone.
It would be best if the function was like if the phone has not been unlocked for at least 16 hours then reboot automatically. A time thing would be a problem though because then it would just reboot every day and that would be no fun.
I saw elsewhere this is a new feature in iOS 18.1, so it will probably pretty solid I’d think. But for shortcut wise, at minimum I suppose one could put automations that trigger when it detected within certain geofences or something… but then whenever you drive by your local police station it will kindly reboot your phone every time lol
What if they thought you would do that and specifically took it to a police station that you did not have a geofence for? Mind you, they wouldn’t necessarily know. But it’s not impossible.
It also might not be taken to a police station. Who knows where the actual forensics labs are. No real need for them to be on-site or even labeled.
If you have the 10 seconds, you could use the operating system’s hard reboot function, which at least on Android is pressing and holding power and volume up for 10 seconds. But I don’t know what it is on the iPhone.
Power and volume up for new phones, and then power and home for older ones with Touch ID.
Also, so you know, if you press power 5 times it will ask if you want an emergency call, say no, but after you do it your PIN is required to unlock. No biometrics work at that point. So, no one can force you to touch or look at it. I don’t know if it puts the phone in that “mode” or not, but it’s a handy trick.
Yeah, I knew that that was available, but I do not know whether it puts the phone in the before first use mode, like you mentioned, or just disables the biometrics, but leaves the device in after first use mode.
Someone said it in another thread yesterday, baseband memory leak. The firmware for that shit is terrible, I’ve had to deal with it in the past.
Apparently, there’s at least a chance that it is an intentional feature instead of a bug. There’s a comment link below somewhere in this thread that mentions it.
That seems at odds with release notes someone else found.
Hot take: this is actually a bug not a feature.
Which is the saddest part, honestly. If it was a feature, that would be fantastic news. And especially if it had a cooldown feature of like 48 hours, where it would reboot twice in that timeframe, so that if a cop turned off the setting, while it was in their possession, it wouldn’t matter because it would reboot anyway.
“new security feature” “warning”
🙂
I guess if you have the 10 seconds to do so, you could invoke the operating system hard reboot function, which at least on Android is pressing and holding power and volume up for 10 seconds. I don’t know what it is on the iPhone.
Edit: Too bad there’s not some sort of haptic to let you know that it accepted the command before it shuts down though.
Long press of power and volume up for a few seconds puts you into BFU.
Does it or does it just simply disable biometrics but leave it an AFU? I would hope that if it’s going to disable the biometrics, that it would put it in BFU. But I do not know.
I don’t know how it works under the hood, but from a user perspective it behaves like it’s in BFU. Biometrics disabled, phone code required.
Yeah, don’t get me wrong. Disabling the biometrics and requiring the pin is a good step. But I would like to see somebody test it to figure out whether it actually goes into BFU mode or not.
Phones that are repeatedly attempted to be unlocked auto hard reset. Been a feature for years.
This is not for devices where the pin has been entered incorrectly too many times. This is for devices that the police have seized and are awaiting forensics to pull data from.
The police could just ask Apple, it isn’t like they are going to have some secret reboot process that they would hide from the police.
And what would Apple be able to do about it? They don’t have your password*, so they’ll be just as unable to decrypt the device as the police.
*you can give them your password via iCloud I believe but you don’t have to
I’m not saying apple will do anything about it, just that they will let the cops know what is causing the reboots if asked.
