Apple added an inactivity timer that reboots iPhones to a more secure state when they haven’t been unlocked in a while.
Apple has rolled out a new security feature in iOS 18 that’s sending waves through law enforcement and digital forensics teams alike. Dubbed the “inactivity reboot,” this security measure forces iPhones to reboot if they haven’t been unlocked for several days, a move designed to make unauthorized access significantly harder—even for the police.
404 Media recently reported on police concerns over this new feature, which pushes iPhones to restart automatically after four days of inactivity. When this happens, the iPhone enters a high-security mode known as “Before First Unlock” (BFU), a state that dramatically limits access to data. Chris Wade, the founder of mobile analysis company Corellium, and digital forensics expert Dr.-Ing. Jiska Classen from the Hasso Plattner Institute, have noted that this feature appears to have been introduced in iOS 18.1, with code designed specifically to trigger these reboots.
So, what exactly does this mean? When an iPhone restarts, it requires the user to manually enter their passcode before granting access to most data on the device. Until then, the phone is locked in BFU mode, which means even if someone can access the device physically, they’re severely limited in terms of data they can extract. Digital forensics experts report that both iOS and Android phones enter this BFU state upon reboot. In this state, crucial data is encrypted and inaccessible, blocking digital forensics tools from digging into information until the device is unlocked with the user’s passcode.
How Does the New Feature Impact Law Enforcement?
For law enforcement and digital forensics teams, this automatic reboot is more than just a speed bump—it’s a roadblock. In ongoing investigations, time is often of the essence, and delaying access to a suspect’s phone can complicate matters, especially if other evidence is time-sensitive. Many teams use advanced tools and techniques to bypass phone security, yet the BFU state is a unique layer that even the most sophisticated tools struggle with, thanks to Apple’s hardware-based encryption.
Apple’s history of resisting law enforcement demands for easier access to its devices is well-documented. Over the years, the company has consistently enhanced iPhone security in ways that frustrate investigators. From encrypted iCloud backups to stronger privacy protections, Apple has doubled down on protecting its customers’ data, even if it means clashes with authorities. The addition of this “inactivity reboot” is another step in this direction.
Encryption Backdoors and Public Concerns
Apple’s stringent security measures also bring up an ongoing debate: Should tech companies be required to provide backdoors for government access? Although many law enforcement agencies argue that backdoors are essential for national security and crime prevention, Apple has repeatedly argued against this, citing risks to customer privacy and the potential for abuse. By refusing to weaken its encryption, Apple has stayed firm on its stance, while acknowledging that unauthorized access tools do exist.
While governments in some countries have pressured tech companies to create “lawful access” solutions, the public backlash against weakened security features has been strong. For many iPhone users, Apple’s resistance to creating backdoors is one of the key reasons they trust the brand to keep their data private. Security experts argue that if a backdoor were created, it could potentially be exploited by bad actors, not just law enforcement, putting everyone’s data at risk.
What This Means for iPhone Users
The “inactivity reboot” feature is part of Apple’s broader commitment to security, protecting users’ data even when their devices fall into the wrong hands. It’s a feature that emphasizes Apple’s dedication to customer privacy, ensuring that personal data remains encrypted and inaccessible without the rightful owner’s passcode.
With iOS 18, Apple has upped the ante in the ongoing tug-of-war between tech companies and government agencies. This new feature is likely to intensify the discussion around the balance of privacy and security in a digital world. By making it even harder for unauthorized parties to access sensitive information, Apple has underscored its dedication to users’ privacy, setting a high bar for device security and strengthening its commitment to protecting user data.
As technology evolves, so too will the debate between privacy advocates, security agencies, and the tech industry. But for now, with iOS 18, Apple has made its stance clear: privacy and security are paramount, and even the slightest compromise won’t be taken lightly.
