iOS 18.1 was introduced to users last month with a new security feature that can restart a user’s smartphone if it is not unlocked for three days, effectively protecting the data on the device from thieves, According to security experts who have tested this feature. A recent report revealed that iPhone units seized for forensic investigation were rebooting on their own, and it was later revealed that the ‘inactivity reboot’ functionality was added as part of the latest iOS update.
How Apple’s ‘Inactivity Reboot’ works on iPhone
Last week, security researcher Jiska Klaassen revealed that Apple has added a new feature called ‘Inactivity Reboot’, which will cause an unattended iPhone to reboot after a certain period of time. The researcher has now revealed that the feature activates after three days, while also demonstrating how it works.
See the latest iOS deactivation reboot in action!
iOS 18 comes with improved anti-theft measures. Three days after unlocking, the iPhone will reboot, preventing thieves from getting your data. (1/4) pic.twitter.com/H24Tfo1cSr
– Jiska (@naehrdine) 13 November 2024
In a video posted on X (formerly Twitter), the researcher showed an iPhone 14 Pro model running iOS 18.1 that rebooted if not unlocked within a 72-hour period. The security feature is designed to limit unauthorized access to the smartphone when it is not in active use.
When an iPhone is rebooted, it enters a state called ‘Before First Unlock’ (BFU) – this is when the encryption keys used to protect user data are stored in the Secure Enclave on the handset’s chipset. It is stored securely in a secure subsystem called.
It is much more difficult for someone in a BFU state to gain unauthorized access to a smartphone than in ‘After First Unlock’ (AFU), which, as the name suggests, occurs when the phone has been unlocked, and biometric authentication (Face ID) or Touch ID) is enabled.
However, the researcher warns that three days (in the AFU state) is enough time for law enforcement to gain access to user data, especially when professional tools or experts are used. However, it can prevent thieves from accessing the iPhone using older devices.
Users can also enable Stolen Data Protection – a feature introduced with iOS 17.3 – which circumvents the use of biometric authentication to change critical settings on the iPhone. This feature is disabled by default, as it adds more friction to the process of modifying certain settings, but users will reportedly be prompted to turn it on when setting up their iPhone with the upcoming iOS 18.2 update.