←back to thread

New Apple security feature reboots iPhones after 3 days, researchers confirm

(techcrunch.com)
286 points joegibbs | 6 comments | 15 Nov 24 01:55 UTC | HN request time: 0.447s | source | bottom
Show context
noident ◴[15 Nov 24 02:38 UTC] No.42143494[source]
This "novel" feature is already supported by GrapheneOS and set to trigger after 18 hours by default, with the option for the user to adjust it to their preference. There is no good reason to force the choice of 72 hours on everybody. That's a user-hostile design decision.
replies(7): >>42143499 #>>42143613 #>>42143615 #>>42143626 #>>42143707 #>>42143726 #>>42143864 #
1. summermusic ◴[15 Nov 24 04:03 UTC] No.42143864[source]
This is an essential feature for my personal GrapheneOS phone. I only tend to use it once or twice a day most days, which means it is usually freshly rebooted every time I go to use it.

I remember reading somewhere that many new exploits in the mobile space only exist in memory and are thwarted by a simple reboot, including the infamous Pegasus spyware.

replies(2): >>42144722 #>>42145477 #
2. ruthmarx ◴[15 Nov 24 07:45 UTC] No.42144722[source]
Graphene might be great, but the Google specific hardware that is the only thing it will run on might not be as trustworthy.
replies(1): >>42145243 #
3. bohdanqq ◴[15 Nov 24 09:26 UTC] No.42145243[source]
Graphene is not limited to Google hardware, it's just that Google hardware meets their hardware requirements... (https://grapheneos.org/faq#future-devices).

AFAIK (from observing GOS comm channels) verified boot (alternative OSes but even the mechanism itself since some OEMs customize quite a bit), hardware rate limiting and timely security patches (which include modem firmware, preloaders - i.e. hardware) are the main reasons other devices are not supported.

replies(1): >>42145359 #
4. Malidir ◴[15 Nov 24 09:47 UTC] No.42145359{3}[source]
It is limited at moment to just pixel!
5. saagarjha ◴[15 Nov 24 10:08 UTC] No.42145477[source]
I am curious why you feel this is an "essential" feature. If you only use your phone once or twice a day, why would a hypothetical attacker bother targeting it?
replies(1): >>42150611 #
6. consteval ◴[15 Nov 24 20:30 UTC] No.42150611[source]
If your phone contains sensitive information, perhaps pictures, financial information, texts, etc, and it gets stolen - this data could be extracted. But typically, when a phone is rebooted, the drive is encrypted. So you're good to go. Phone theft is quite common, and probably the thief won't bother trying to extract data, but they might.