Most active commenters
  • chatmasta(4)
  • threeseed(3)
  • saagarjha(3)

←back to thread

New Apple security feature reboots iPhones after 3 days, researchers confirm

(techcrunch.com)
286 points joegibbs | 33 comments | 15 Nov 24 01:55 UTC | HN request time: 0.627s | source | bottom
1. SoftTalker ◴[15 Nov 24 02:32 UTC] No.42143463[source]
If this is true, then it's a trivial enhancement to make that a configurable setting. 72 hours could be the default, if your security needs are higher, you could turn that down to 12 hours, or even less.
replies(5): >>42143486 #>>42143699 #>>42144046 #>>42144580 #>>42145188 #
2. itake ◴[15 Nov 24 02:36 UTC] No.42143486[source]
I agree, but it sounds like apple is choosing 72 hours to give time for the cops, because cops are more coordinated than criminals?
replies(4): >>42143655 #>>42144049 #>>42144583 #>>42145461 #
3. xethos ◴[15 Nov 24 03:11 UTC] No.42143655[source]
I wouldn't assume this is explicitely to help LEO, but more because this is (AFAIK) the first time this is being trialed by Apple. 72 hours is a touch long, IMO (and based on some comments, it's not just me), but when your update touches millions of devices, it's also best to test thoroughly and have the first iteration be too long rather than too short.

It's easy to drop the 72 hours in a future update, or tie a shorter delay to (as I believe Apple calls it) Lockdown Mode - the more important thing might be to keep the "It just works" assumption most people (myself not included) seem to have vis-a-vis Apple products.

Notably, I assume it will never be user-configurable directly. Possibly through Lockdown Mode ("If enabled then shorter delay"), but I wouldn't count on Apple adding an explicit setting.

replies(2): >>42143901 #>>42144419 #
4. chatmasta ◴[15 Nov 24 03:22 UTC] No.42143699[source]
If this were configurable, I would make it 30 minutes and increase it if I noticed any inconvenience. But I doubt that I would. I already have my phone in permanent do-not-disturb (so a reboot causing delayed notifications wouldn't be an issue), and it's not like I mind entering my passcode instead of FaceID every 30 minutes.
replies(4): >>42143720 #>>42143792 #>>42144287 #>>42144673 #
5. karlgkk ◴[15 Nov 24 03:26 UTC] No.42143720[source]
I don't know where you live, but in the US it's basically understood by the courts that FaceID is not protected, but PIN is.

So if your threat model includes the sort of attacker that has a phone exploit or the ability to confiscate it, you should not be using FaceID. Instead, consider using six digit PIN with auto-delete after 10 attempts. Also enable Lockdown Mode And if you use iCloud, enable Advanced Data Protection.

replies(1): >>42143730 #
6. chatmasta ◴[15 Nov 24 03:29 UTC] No.42143730{3}[source]
Yeah, I consider FaceID to be basically a time-limited vulnerability akin to "remember me," because unlocking is a matter of just showing your face. It's convenient and I like it, but I don't get too upset when it asks me to enter a PIN (although I am annoyed when it doesn't respond well to the "swipe up to enter passcode").
7. duskwuff ◴[15 Nov 24 03:43 UTC] No.42143792[source]
30 minutes would be excessive. Keep in mind that the phone is unusable while it's rebooting, and that rebooting uses a nontrivial amount of power.
replies(2): >>42143853 #>>42144546 #
8. chatmasta ◴[15 Nov 24 04:01 UTC] No.42143853{3}[source]
Rebooting takes ~7 seconds and ideally only happens when I attempt to use it.

But regardless of that.... why does it take a nontrivial amount of power?

replies(3): >>42144072 #>>42144274 #>>42144515 #
9. macintux ◴[15 Nov 24 04:12 UTC] No.42143901{3}[source]
I’m betting it’ll be configurable via MDM.
10. threeseed ◴[15 Nov 24 04:49 UTC] No.42144046[source]
> If this is true, then it's a trivial enhancement to make that a configurable setting

It could be hard-coded into the Secure Enclave so it can't be disabled if the phone is jailbroken.

replies(1): >>42145494 #
11. threeseed ◴[15 Nov 24 04:50 UTC] No.42144049[source]
It could just be for the user experience.

There are people I know especially older who don't use their phone every day.

12. klausa ◴[15 Nov 24 04:56 UTC] No.42144072{4}[source]
Because booting is relatively CPU-intensive, compared to being at idle.

But iPhones do not boot in 7 seconds either — it's closer to 40. At least that's what it took on my 16 Pro Max right now when I tested it.

replies(1): >>42144586 #
13. asadotzler ◴[15 Nov 24 05:53 UTC] No.42144274{4}[source]
wow. that's quick. my two year old galaxy takes ~37 seconds.
14. bigiain ◴[15 Nov 24 05:55 UTC] No.42144287[source]
I don't trust FaceID (technically, I don' trust the cops with FaceID), so I'm entering my (6 digit) PIN every time I take my phone out of my pocket anyway. The only thing that'd make me hesitate to set this down to single digit minutes would be the risk of missed calls/notifications while the phone reboots.
replies(1): >>42144555 #
15. alwillis ◴[15 Nov 24 06:34 UTC] No.42144419{3}[source]
I’m assuming the ability to configure this will be added to Apple Configurator at some point.

Any savvy user can download it for free. I used it recently to create a profile for a friend I’m working with to configure their email account.

If you’re the tech person for your friends and family, Apple Configurator is quite handy: https://support.apple.com/guide/apple-configurator-mac/intro...

16. forgotoldacc ◴[15 Nov 24 06:57 UTC] No.42144515{4}[source]
I'd love to know what model of iPhone you have a see a video of it shutting down and starting back up in 7 seconds. Sounds like an incredible piece of hardware.
17. karel-3d ◴[15 Nov 24 07:03 UTC] No.42144546{3}[source]
Also you cannot read your notifications, if I am not wrong.

I think 3 days is actually perfect

18. astrange ◴[15 Nov 24 07:05 UTC] No.42144555{3}[source]
If you're outside the house that's less secure, because a security camera or a shoulder surfer can see your PIN.
replies(2): >>42144750 #>>42145072 #
19. eleveriven ◴[15 Nov 24 07:11 UTC] No.42144580[source]
Making it configurable would be a logical next step
20. eleveriven ◴[15 Nov 24 07:12 UTC] No.42144583[source]
A balance between security and giving law enforcement a reasonable window to act
21. fnueiwfg923 ◴[15 Nov 24 07:14 UTC] No.42144586{5}[source]
My iphone 15 just rebooted in 12 seconds.
replies(1): >>42144764 #
22. babyent ◴[15 Nov 24 07:33 UTC] No.42144673[source]
Speaking of Face ID, I still use the iPhone SE (latest edition).

I like Touch ID and I like the small form factor.

23. layman51 ◴[15 Nov 24 07:49 UTC] No.42144750{4}[source]
Agreed. I don’t understand how someone would be careful to not use biometrics and yet use a six digit passcode instead of an alphanumeric password.
24. oarsinsync ◴[15 Nov 24 07:53 UTC] No.42144764{6}[source]
Rebooted or turned on?

I had to create a shortcut to actually trigger a reboot, as I couldn’t find a reboot option in settings. My iPhone 13 mini on iOS 17.7.1 took 29 seconds.

25. curious_ralts ◴[15 Nov 24 08:54 UTC] No.42145072{4}[source]
Graphene has a feature exactly for this which shows a shuffled unlock screen
replies(1): >>42145489 #
26. siva7 ◴[15 Nov 24 10:06 UTC] No.42145461[source]
No because 3 days is about the timeframe a phone would survive without recharging and without confusing the masses why things stopped working
27. saagarjha ◴[15 Nov 24 10:10 UTC] No.42145489{5}[source]
This sounds like an excellent way to make it even easier for people to watch you enter your PIN.
replies(1): >>42148462 #
28. saagarjha ◴[15 Nov 24 10:12 UTC] No.42145494[source]
A sufficiently powerful jailbreak would be able to override that.
replies(1): >>42146485 #
29. threeseed ◴[15 Nov 24 12:56 UTC] No.42146485{3}[source]
Not aware of anyone being able to patch the Secure Enclave code to date.
replies(1): >>42147498 #
30. benmmurphy ◴[15 Nov 24 15:00 UTC] No.42147498{4}[source]
there are public exploits to patch secure enclave code for some of the checkra1n devices. pongoOS uses the blackbird exploit on some models to remove a check that disables access to user data if the SEPOS boot code determines the phone has been DFU booted by checking the hardware TRNG state. https://github.com/checkra1n/PongoOS/blob/master/src/drivers...
31. cubesnooper ◴[15 Nov 24 16:36 UTC] No.42148462{6}[source]
Once you’ve had the PIN scramble turned on for a while, it becomes second nature. I enter my GrapheneOS scrambled PIN about as quickly as the unscrambled PIN on my non‐GrapheneOS work phone. But it’s more of a defense against figuring out my PIN from the finger marks on my screen.

In environments where shoulder surfing is a concern, I prefer to use the multiple profiles feature: log out of my main profile (which is actually a secondary profile) to completely evict its keys from memory, and switch to a burner secondary profile containing no personal data, which unlocks with my fingerprint for convenience.

replies(2): >>42155557 #>>42161715 #
32. saagarjha ◴[16 Nov 24 09:51 UTC] No.42155557{7}[source]
I am curious what you do with a phone that has no personal data beyond, like, call people whose number you have memorized and maybe look something up
33. chatmasta ◴[17 Nov 24 03:15 UTC] No.42161715{7}[source]
Second nature or not, I’m not sure how this protects you against the security camera watching you enter the passcode. I guess you’re hoping it can’t read the digit on each key?