301 comments

[ 3.0 ms ] story [ 273 ms ] thread
TL;DR: Cops are likely wrong, iPhone just reboots after being disconnected for a while.

The article is kind of confusing about this.

What happens if one is in a place with no connectivity for a long time? There are areas of the world like that. Periodic forced reboots are useless and harmful there. Think about reading ebooks offline or following a map with only GPS on.
The phone isn't locked in either of those cases, no?

This is only happening on phones that are currently locked, but which were previously unlocked since the last reboot.

Additionally, this wouldn't require a periodic reboot; only one. So, phone in After First Unlock state loses cellular connection -> timeout period expires without being unlocked -> phone reboots. This process only restarts once the user unlocks it _and_ it has re-acquired a cellular connection.
What great problem do you imagine?

A reboot of a phone is hardly the end of the word, and it's trivial and obvious to simply have the trigger conditions be slightly less simple and stupid. Like require some user activity. Require the pin again or some other reassurance.

What happens if one is in a place with no connectivity? What indeed? Nothing much. That's what happens.

> The digital forensics lab that noticed the issue had several iPhones in AFU state reboot, including iPhones in Airplane mode and one in a faraday box.

You can stop reading there. iOS 18 doesn't add freaking telepathy to phones. Whether it's a bug or a new feature Apple added that reboots phones under certain circumstances, it's not "iPhones communicating to force reboots".

I'm glad HN doesn't allow emoji, but I do wish I could add :facepalm: or :eye-roll: here.

Why? This seems like a smart anti-theft measure. (Bunch of iPhones in a radio silent environment together, maybe also not moving or detecting light.)
Because iPhones can't ping each other when one's inside a Faraday cage.
You're probably right, but wouldn't intermittent audio sidestep a faraday cage?

Edit: I noticed it's "box" and not "cage" but I think the same what-if applies here.

Anything's possible, but I am highly skeptical of the notion. Their little speakers don't have infinite frequency response, and I haven't heard reports of young teens saying their phones make weird chirps. Also, why on Earth would Apple do this? The notion that iPhone A in AFU mode is anxiously listening for iPhone B to come along and send it an audio trigger that it should reboot is hard to believe. It would be way easier to just tell iPhone A to reboot after N hours in AFU mode if they wanted to accomplish such a thing. And why would iPhone B be sending the "OMG reboot yourself!" audio signal to iPhone A in the first place?
They don’t need infinite frequency response, and I don’t think it’s unusual to have a frequency response outside of human hearing. I know for a fact that Cisco uses frequencies outside human hearing to help pair your computer to meeting room screens
Faraday cages used by law enforcement, such as [1] aren't impervious to RF.

They provide enough attenuation to keep phones off the cellular network and prevent GNSS from working, but not enough to prevent communication with nearby devices via Bluetooth or wifi.

[1] https://ramseytest.com/rf-shielded/forensic-enclosure/

That sounds implausible.

A Faraday cage is an attenuator, which multiplicatively decreases signal strength by some constant (at least within a similar frequency band, which Bluetooth and 5G can be considered to be).

Unless the forensic lab has additional special shielding from cell towers, the received strength of both a reasonably close cell tower and a nearby Bluetooth transmitter would be pretty similar, so they'd both be attenuated similarly.

I assumed they have one cage they toss all the phones in.
Ah, then they could definitely communicate with each other.

And while I don't expect stock iPhones to do anything like what's being suggested in the article, I could see custom software activating a "panic mode" based on observations that plausibly suggest a device being in such an environment.

> That sounds implausible.

I can say from experience that it is not.

> A Faraday cage is an attenuator, which multiplicatively decreases signal strength by some constant

It's not constant at all. The level of attenuation varies greatly based on frequency. For the Ramsey STE3000 I have here, it varies by 40dB or more at the frequencies at which I've tested it. The enclosure good for around -100dB at 700MHz, but only -60dB or so at 2.4GHz.

> (at least within a similar frequency band, which Bluetooth and 5G can be considered to be).

Even if you exclude mmWave and consider only the sub-6 bands, AT&T for example has LTE and 5G bands from 700MHz to 3700MHz. They're not similar at all. Worlds of difference in terms of propagation characteristics.

> the received strength of both a reasonably close cell tower and a nearby Bluetooth transmitter would be pretty similar

No, they wouldn't.

On my Pixel 8 Pro right now I'm seeing -93dBm from a tower about half a mile down the road (700MHz LTE), and -40dBm from the BLE radio in the HVAC controller on the wall of this room, about 8 or 10 feet away. That's a 53dB difference.

If I put my phone in the box, it attenuates the LTE downlink from down the street to well below the thermal noise floor. It cannot do the same for BLE; my phone can still talk to the HVAC controller from inside.

>It cannot do the same for BLE; my phone can still talk to the HVAC controller from inside.

That's surprising, you'd think those boxes would be better at blocking signals since that's what they're designed to do.

They work very well, but it's physically impossible for them to be perfect.
It's the faraday box part in particular. Airplane mode isn't a true no-radios mode on iPhone (this is well-known, or should be on HN at least). But it does leave cellular radios off. Wifi and bluetooth might need to be separately disabled and with wifi, at least, it'll turn back on after a while. So maybe (being very generous), if bluetooth or wifi is enabled or becomes re-enabled, there's a signal between the iPhones that causes this reboot behavior.

But how is a device in a faraday box receiving this signal and rebooting? And why do they need a signal when they could just use their own clocks and determine that it's been X days or weeks since last going online and reboot?

> how is a device in a faraday box receiving this signal and rebooting?

Doesn’t need to. Being in a Faraday box is a reasonable trigger for a single reboot. That said, the most incredulous part of this story is that iPhones can detect when they’re in a Faraday cage.

But the claim is that other iPhones in the area are triggering the reboot. Setting that claim aside, though, how would the device even tell it's in a faraday box versus just out in the woods?
> the claim is that other iPhones in the area are triggering the reboot

Lack of motion? The information the other phones provide are proximity (it’s unusual for people to pile their phones together), that the radios still work and possibly a timeline, e.g. if the other phone says “I’ve been in a suspicious state for two days,” the first phone can change its priors.

I could easily see this as a security measure. Give the phone a concept of fear of being stolen. Phone, alone, continued source of power for an extended period. Somebody could have left it on a charger and gone away. Phone, continued source of power for an extended period and static bluetooth signals from other phones--what's going on here? This is very suspicious, turn defenses to max. It doesn't need to know the difference between thieves trying to thwart it and cops trying to thwart it.
environmental RF in the woods, vs band specific shielding in farady cage.
Out there in the woods there's still GPS data. There are very few places on Earth outside a faraday cage where you can go for a long time without receiving *anything*.
I'm going to go ahead and assert that they can't tell. A Faraday cage is just a deliberate construction of a situation that happens all the time anyway. Hospitals have lots of shielded rooms in and around the radiology department. The basement of a steel building is basically the same. So is anywhere on a ship. My aged house has lath and plaster walls that can simultaneously survive a nuclear blast and also block Wi-Fi unless the amp's turned up to 11. There's no sensor in an iPhone that could tell that it's in a specially-constructed Faraday cage instead of a plain old dresser drawer in my bedroom.
Could the phone detect that they are in a small conductive box: stronger interference back when they send a signal?
I'm not sure if that's possible. What's the difference between that and someone sitting their phone on a metal cabinet?

I'm even more confident that Apple hasn't spent the research hours required to do that reliably, then incorporate the electronics and software needed into off-the-shelf phones, all to protect criminals from having their phones hacked under very specific conditions. That seems like a huge money sink.

> What's the difference between that and someone sitting their phone on a metal cabinet?

In a zero-signal environment? With other iPhones in very close proximity?

You can even measure your false positive rate by timing to first successful unlock. If it happens more than once, turn down the sensitivity on the feature (or turn it off completely).

(Were I designing this feature, I’d let phones in this state poll the other phones on how long they’ve been in it.)

It's a dot zero release.

Could easily just be a memory leak that is accumulating until the OS crashes.

>Could easily just be a memory leak that is accumulating until the OS crashes.

That would be my assumption since they are storing them in labs while trying to crack them under non-normal conditions, so it could easily be a memory leak that doesn't happen under normal conditions. Either that or its the software they use to mess with the encryption causing issues.

Or not actually a leak, just overuse. Suppose there's some sort of log that accumulates while it's failing to communicate. Once it communicates the log gets dumped. Log gets too big, software faults, watchdog reboots it.
That's a good point. Developers often neglect to consider the size of logs since they generally aren't that big unless something out of the ordinary happens.
This is like the junior QA coming to you and is so sure of himself and he think his theory is 100% correct
Is there an audio command you can say to cause Siri to BFU?
Not an audio command, but even just holding down the volume and side buttons to open the power off menu, without actually powering off your phone, triggers the same behavior.
hmmm good one to add to the "before crossing an international border" toolkit
> good one to add to the "before crossing an international border" toolkit

You’re in for a bad time refusing to unlock at most borders.

That locks the phone, but a reboot presumably drops a lot of in-memory caches, to one degree or another. I don’t know whether (or how well) iOS zeroes out memory, but I can certainly imagine the AFU state is easier to target than the BFU state.
Frankly I'm all for phones detecting that they're in an unusual state and changing posture to a higher security level.
I very much doubt it. Far more likely to be a memory leak in the baseband which is exposed when the devices are unable to talk to the cellular network for a period of time.
If that's what's going on, it might be the best example of "it's not a bug, it's a feature!" ever.
Ya, I'm guessing these cops don't have iPhones because if they did they would know that iOS is just buggy. I mean, the last time I restarted my iPhone before iOS 18 was when I installed the last iOS 17 patch. Since installing iOS 18 I've had to restart it twice because it stopped responding.
I don’t think it’s other iPhones that are sending a signal. Rather, it’s probably a security option that’s easy for most people to overlook in the Settings app. I have little knowledge about iPhone hacking, but I think in the same place where you can say “delete my data after 10 failed passcode attempts”, you can also force ask for a passcode to start using accessories again if it’s been a long time since it’s been unlocked. But I don’t think I have ever seen anything around rebooting. That sounds like a very nice feature though since rebooting apparently is good for making sure the phone clears spyware access.
I haven't kept up with iOS feature developments, but modern Android devices can be configured to lock automatically if they go offline.

The purpose of this is to counter a thief putting your phone into aeroplane mode to prevent you remote locking or erasing the device.

Sounds like a timer, if not just a crash. Nothing here sounds like a the phones are communicating with each other.
iOS 18.1 has a release note about fixing unexpected restarts on iPhone 16 and iPhone 16 Pro models.

https://support.apple.com/en-us/121161#a181 (last item)

You sound right on the money here. Occam’s Razor suggests they’re rebooting for a reason we know about rather than an undocumented security feature.
Cops are some of the greatest "victims" in our society. Encryption will make their investigations more difficult. They'll be judged first by the basis of the race of their suspect and then by the suspected crime. Even bodycams (which they're now quick to hail as they're "recording too," when people record interactions with their phones) were going to impeded their ability to do their jobs.

There are fewer groups with so much power who see themselves as downtrodden. I could name others, but that'd be going off-topic.

You went off the deep end with the last line. Get some rest, eat a sandwich, see a sunset.
GrapheneOS has a "reboot after x hours inactivity" feature specifically to prevent the scenario mentioned in the story. Otherwise leaving a phone powered on is a massive risk, especially if cops can keep it charged for months to wait for an exploit.
Yeah an option to "reboot after not being unlocked for x hours" where x is considerably longer than the average time the phone would ever be locked under normal circumstances, would be great for security.
Another option is that whatever bug cellebrite was exploiting to extract data from iPhones in AFU mode is now subtly not working, leading to unexpected reboots when attempting extraction.
(comment deleted)
Great idea. How about reboot if more than 2 hours with no unlock?
Um, sleep? Make it at least mid teens if not 24+
What’s the harm if it reboots if you’re sleeping?
Very little, which is why if you enable automatic updates on iPhones they try to apply those updates at night while the device is locked and charging, when most people are sleeping. If you're using the phone it won't activate at night and will let you know that it couldn't install the update.
Only harm I could see if someone grabs their phone to make emergency call and it's rebooting or locked and in their sleepy state, have trouble unlocking it.

However, I do think 12 hour "Phone hasn't been unlocked, reboot it" seems logical security feature to add.

You never need to unlock an iPhone to make an emergency call (if you mean 911 versus urgently needing to call some other number).
The initial unlock will take a little longer, your apps aren't running, etc. Nothing major, still a bit annoying though.
Do alarms work on iphones if they are in the BFU state? I'm pretty sure they don't on my android, because it hasn't even unlocked most of the bootloader if you haven't put your pin in.
Yes. If your iPhone updates over night (as I mentioned in another comment, common time for automatic updates or just to kick them off manually) your alarm still goes off the next day after it restarts.
Horrible idea.

I don't have an iPhone, but it's not exactly alien for me to be in a situation where I've gone more than a couple of hours without touching my phone but while it is doing something important: recording where I am. (And, yes, I have fallback options, but they aren't nearly as good.)

If you're going to put in an auto reboot either make it long enough nobody will trip it while the phone is legitimately recording something or make it configurable.

(comment deleted)
“Find My” forms a mesh network with other Macs and iPhones.

Maybe the isolated phone has a feature where it reboots after being unable to find a peer?

This reads more like a chain email forward than an actual analysis of the iPhone tech stack.

Fwd: Fwd: READ THIS!!! You won't believe what the iPhone does when off network and around other iPhones!!!

> It is believed that the iPhone devices with iOS 18.0 brought into the lab, if conditions were available, communicated with the other iPhone devices that were powered on in the vault in AFU. That communication sent a signal to devices to reboot after so much time had transpired since device activity or being off network.

The hypothesis doesn't make any sense because the phone doesn't need to communicate with other phones to decide to restart/lock based on lack of network signal.

> Matthew Green, a cryptographer and Johns Hopkins professor told 404 Media that the law enforcement officials' hypothesis about iOS 18 devices is "deeply suspect," but he was impressed with the concept.

Just about sums it up.

The article also states that you can use a passcode or Face ID to get into AFU state, but of course you cannot – the main distinguisher (to a user at least) of BFU is that you must unlock with your passcode as biometrics are disabled.
Why would the iPhones need to communicate in order to reboot? Just detect a lost network connection, add a timer, lack of normal user activity, some other signal, ....
It's a good feature. A similar feature just got added to Android, too. If the phone loses network, it locks. If the accelerometer thinks that the phone has been snatched from your hand, it locks.
Btw, is there a way to set Android to automatically reboot at a fixed time? That'd only cost like 20 seconds more to unlock in the morning but reduce the chance of 3-letter-agencies being able to extract the content in AFU state.
Looks like Samsung can do it (though they offer it as advice to keep their buggy OS working, or to "to prevent it from slowing down or freezing" as they themselves put it): https://www.samsung.com/ph/support/mobile-devices/restart-yo...

My Xiaomi phone had a feature where it would boot the phone shortly before any alarms would go off, so you could shut it down before bed and barely drain the battery in the mean time. Still required manual shutdowns, though.

I'd be fine with this, EXCEPT:

1) Keep the alarm data in an insecure location so that app can work before login. (A read only cache is fine)

2) Let me _choose_ if some other apps can live in the insecure storage partition too. E.G. Google Voice comes to mind along with any basic carrier integration stuff you'd rather just have even on a fully locked phone. (Why GV in unlocked? It interacts with the insecure phone network anyway, so that's not exactly holding much back. Maybe make message history harder to get to with a still locked device.)

Apps can already choose to place some data in pre-unlock or post-unlock storage, so your alarm or google voice should be unaffected.
GrapheneOS has a feature to auto-reboot the device if it hasn't been unlocked in X hours.

Set it sufficiently low, and it's a pretty good option to ensure keys are evicted and if you use a SIM pin, it's even better.

That'd be exactly what I need.

Sadly GrapheneOS is only available on recent Pixel devices. I know I'm probably the only one that still cares about these features, but I won't buy a phone that requires me to hot-glue a USB dock to it just to get 3.5mm and microSD if I can simply buy a Sony instead :/

>but I won't buy a phone that requires me to hot-glue a USB dock to it just to get 3.5mm and microSD if I can simply buy a Sony instead :/

That's why I've been sticking with moto phones. I'd switch to pixel tomorrow if they made one with an audio jack and a micro sd slot.

There's a difference between locking a phone and entering Before First Unlock state. After a reboot and before authentication the credentials stored on a phone are locked down much more securely, to the point (most) apps can't even start in the background.

Locking and disabling biometrics are good ways to add a quick layer of protection, but rebooting makes it incredibly difficult for exploit kits and other hacking tools to dump the contents of a phone's storage.

I'm thinking this may just be a bug (how often does a real world iPhone get zero available networks of any kind? Probably not enough for that use case to be tested thoroughly for days) but with how hard law enforcement is panicking about this, maybe it should be a feature. If they care this much, I don't think their expensive hacking subscription they've bought is working anymore, so it's probably working around some pretty bad vulnerabilities in iOS.

For me iPhone looses all connectivity on a daily basis. No cellular signals are available in the underground parking lot that I use.
> If the phone loses network, it locks.

Am I the last person who regularly experinces dead zones, or does this sound crazy?

There's no need to lock the phone just because I'm on the highway at this one spot on the way out of town.

It's a minor inconvenience to reenter your PIN, and it's optional and disabled by default. Seems harmless.
Maybe designed to help with anti-theft? I already use a shortcut automation when airplane mode is turned on to lock my phone and turn off airplane mode, as that’s the first thing thieves would do.
Savvy thieves would just use a faraday cage case/bag I guess.
Sure. Or just power down. No FaceID or password code required. Find My may still work though, so thieves do use faraday bags.
Savvy thieves would probably choose a different occupation. Prisons are full of stupid criminals.
When you say theft, do you mean by someone with interest in the hardware or the data? Assuming hardware, I'm not sure I understand why a thief who intends to wipe it anyway would care about an auto restart versus normal screen lock. Assuming data, that's exactly what the article is about.
Are thieves really even stealing phones anymore? You can't pawn or sell them anymore because they can't just be reset and setup with a new account, batteries are becoming impossible to remove...all you can really take is the screen which isn't really worth much either.
> can't just be reset and setup with a new account

I know mobile networks keep lists of stolen devices, but they can't be used at all? Like all possible recovery modes demand authentication?

> I know mobile networks keep lists of stolen devices, but they can't be used at all? Like all possible recovery modes demand authentication?

Newer phones for, I want to say maybe the last 5 years, yeah.

If it's turned off and you don't have the code to boot it, you can't access any kind of bootloader or recovery mode, it just shows a screen with an obfuscated email that is required to unlock it or something similar.

Gone are the days of just being able to do a factory reset.

True, but my iPhone 15 Pro was stolen, powered down, and likely ended up in china for parts.
Apple calls this Activation Lock: https://support.apple.com/en-us/108794 https://support.apple.com/en-us/120610

Obviously, the logic board is locked to the owner's Apple account, but so is the display, battery, camera, and selfie camera. Basically the only thing you can reuse is the metal frame of the phone.

Phones are still stolen (since the cost of theft is $0) but stolen phones are worth closer to $5 than $1000.

> Phones are still stolen (since the cost of theft is $0) but stolen phones are worth closer to $5 than $1000.

I have read that there are services offered by specialized criminals to unlock stolen iPhones. These basically amount to phishing schemes where they trick the owner into entering their apple ID and password on a site under their control.

They can then factory reset the iPhone, but they also get to mine the phone/account for crypto, banking details, identity theft, etc.

Potentially the value of a stolen iPhone can be more than the aftermarket price, since draining a bank account has unbounded gain.

Low level thieves are getting $300-$600 for stolen phones.

https://abc7ny.com/amp/crime-spree-phones-stolen-nyc-migrant...

https://discussions.apple.com/thread/253640344?sortBy=rank

> Are thieves really even stealing phones anymore?

Why do you think iFixit and collaborators are so opposed to serialization of iPhone parts?

Neat trick. But in what cities do people need to live like this?
San Francisco. Or almost any other big American city for that matter.
When people say things like this what they're actually doing is falsely associating walkable urban fabric in cities like San Francisco, NYC, and large parts of Chicago as being especially dangerous just because it's only practical to be pick-pocketed on foot.

They say this while ignoring the generally low crime rates of those compared to peers. For example, Chicago has an almost 20% lower property crime rate than Peoria, IL. Fort Worth, TX has 52% higher property crime rate than New York City. Carmel, Indiana, an affluent suburb with a public high school ranked #354 in the country and 6th in Indiana, only manages to have a 28% better property crime rate than NYC.

(And driving a car around is a lot more statistically dangerous to your life than walking around a big city. I'd rather have my phone stolen than be t-boned by a drunk driver)

Any city with police that might steal your phone. So... all of them.
(comment deleted)
You can just disable access to Control Center and Siri when locked. If you have an eSIM device, this is a really great thing to do, as it’ll always connect to a cellular network when available.
I think the cool thing about this shortcut is that it'll work even if the thief stole your phone while unlocked.
How do you turn on airplane mode when that's actually what you want to do?
Personally I only use it for battery savings when camping or similar. It's not the kind of thing everyone cares about. I think we're long past the days where a flight full of phones frantically searching for towers during takeoff/landing would degrade the network for people on the ground, as may have been true way back when (and why) airplane mode was adopted as a standard feature.
It was never about that. It’s about interference with aircraft systems.

Look for “5G NOTAM” if you are someone who thinks this is bunk. Specifically, some radio altimeters (which are needed for some IMC approaches) can be interfered with by the adjacent 5G frequency bands due to not being built with a tight enough filter.

The 5G issue was more about flying in or over anywhere that had a 5G service using that particular band - it didn’t matter whether anyone on the phone did or did not have a phone on.

Hence the whole US aircraft fleet was upgraded (by the end of September 2023) so that band could be used for 5G there and it’s no longer a problem.

As I understand it, cellular modems wouldn’t transmit on a frequency if they can’t see a base station (tower) first on that channel, so I expect before the problem was fixed, the temporary solution was just to disable that band at the base stations.

If there was any actual known or suspected risk of electromagnetic compatibility issues with any consumer devices, there would be very strict laws about it (it might become a Federal offence not to have your phone in airplane mode, for example - but obviously it’s not)

We can further caveat that it wasn't "anywhere that had a 5G service" since the radio altimeter is not needed except on low visibility approaches into an airport.

Either way, it's about interference with aircraft systems from cellular infrastructure/devices. Certainly, if a tower talking on 5G can interfere with a radio altimeter, a bunch of cellphones onboard could do the same thing or even amplify the effect.

> it might become a Federal offence not to have your phone in airplane mode, for example - but obviously it’s not

Violating directions from the flight crew can be a federal offense. There is a chain of authority from the FAA to the airlines and to the PIC. The airline and PIC delegate part of that authority to the rest of the crew. Unless you are very aware of every regulation and particular company policy, I highly recommend that you don't test this.

Cellphones used to operate on a frequency band that was very close to the same band used by ground proximity warning systems, so theoretically they could interfere with the safety systems on a plane. Modern phones use different frequency bands now.
I have to think that if mobile phones presented an actual interference threat to aircraft avionics systems they simply would not be allowed on board. You cannot assume that all the passengers will follow the instructions to turn them off/disable the radios.
The rule isn't an FAA rule, it's FCC. The issue is about the cell networks, not the aircraft.
I typically activate airplane mode twice and have it fail. Remember the automation, go deactivate the automation and then airplane mode works. On actual airplanes, I’m more likely to simply power off my phone.
How is this shortcut even possible? Maybe it’s because I have an older model or haven’t figured out how to build good Shortcuts yet, but I thought that every shortcut requires some kind of manual activation. Would you launch the shortcut from an Apple Watch? Wouldn’t iOS require confirmation from the thief to turn off airplane mode?

That being said, I have heard of a weird automation someone made where it would open an app as soon as they went to the Home Screen. It took some thinking for them to deactivate it because the shortcut was really fast to activate.

It’s in the automation tab of the shortcuts.app. You define trigger conditions and the shortcut to trigger.
I see how to build it now, thank you. I imagine for this automation to serve its purpose, we also need to make the Control Center inaccessible when the phone is locked so that whoever has the phone can’t just try turning it off again. Well, that isn’t strictly necessary since the automation seems to run anytime Airplane Mode is enabled.
Settings > Face ID & Passcode > Allow Access When Locked: uncheck Control Center.
This is a great idea. Perhaps add a moderate delay (say 30 seconds or 1 minute) to confuse them even more. Then they will think that airplane mode is active when it isn't.
It seems like an untested theory that should be easily reproducible?
Why would phones need another phone nearby to “tell them to reboot”

Makes no sense.

They’re social animals, I guess.

This is absolutely some kind of non-technical user superstition style claim born from a little bit of paranoia that Apple hates cops because they don’t roll over easy (though they do follow subpoenas they are technically capable of following).

The truly scary part is we're not actually talking about 'cops' here, but 'detectives', you know, the police who *aren't* supposed to be knuckledraggers incapable of reasoning; the people who are entrusted to solve murders.
So what did we learn class? If you’re ever in a situation where your iPhone is being seized, power it down :)
You actually don't have to power it down. If you hold the power and volume buttons for 2 seconds and reach the "slide to power off" screen, the phone is already hard locked. You then always have to enter the passcode to unlock it.
If you have an iPhone SE Gen 3 (Or any other iPhone with TouchID, but models older than the SEGen3 have other weaknesses to worry about), you can do the same by spamming the power button 5 times.

You can also ask Siri to reboot or turn off your phone, Siri will ask you to confirm you want to do the action, but it doesn't take too long to do. Just in case you don't want to reach for your phone for what ever reason.

This is wrong. While this clears a some keys and prevents anyone from holding the phone up your face to unlock it, it doesn’t bring the phone back into a full BFU state.

Some keys can still be read, and depending on the exploit they use a lot of data could be extracted. BFU + good passcode is always the way to go.

>BFU state.

"Before first unlock", for those like me who weren't familiar with this particular acronym.

(comment deleted)
This was explained in the article.
> You actually don't have to power it down. If you hold the power and volume buttons for 2 seconds and reach the "slide to power off" screen, the phone is already hard locked. You then always have to enter the passcode to unlock it.

Iphones have 2 states when it comes to encryption:

Before First Unlock (BFU) - everything is encrypted. The most difficult state to hack.

After First Unlock (AFU) - data isn’t fully encrypted. Maybe it's for performance reasons. In this state exploits exist which police can use to get data.

Your suggestion of getting to the 'slide to power off' screen does NOT hardlock the phone (it does not put it in BFU).

It just means it requires a passcode. However, since it is in AFU mode, data can be exfiltrated with the right tools.

You should definitely power it down to be secure.

IDK about iOS, but android (or at least calyxOS/grapheneOS) has a feature where you can make the phone automatically reboot after a certain amount of time (thus removing the keys from memory).
Unfortunately, though, you won't be able to do so while handing it over, and US cops will just kill you if you take too long handing over your phone because they can.
Any time a police encounter starts, you can at least tap the standby button 5 times. It's not as good as a shutdown, but it will at least disable biometrics so it will require a password to unlock. They can't legally force you to reveal your password.
If the police encounter starts with a gun to your head, this makes it harder.
Unless you are shot dead for reaching into your pocket..
[flagged]
Everything that could happen must have already happened, and must have a linkable news story to boot. Or else it is not possible.
You probably don't have time. Especially if there is a gun pointed at you.