14 comments

  • philipov 2 hours ago
    > law enforcement officers and forensic experts were concerned that some iPhones were rebooting themselves under mysterious circumstances, which made it harder for them to get access to the devices and extract data.

    > iOS 18 comes with improved anti-theft measures. Three days w/o unlock, the iPhone will reboot, preventing thieves from getting your data.

    It's poetic, isn't it?

    • justahuman74 1 hour ago
      I'd like to be able to specify much shorter times than 3 days, I could have my phone reboot every night while sleeping if possible
      • scojjac 1 hour ago
        On iPhone, you can use the Shortcuts app to do this. Create a new shortcut with the Restart action and save it. Then go to the Automations tab, set the schedule, and select your new shortcut. Make sure it's set to Run immediately.
        • turbojet1321 16 minutes ago
          This leads to a confirmation prompt, and unless you select "Restart" it does nothing. Do you know a way around that?
          • rpicard 12 minutes ago
            The “run immediately” setting mentioned in the parent comments prevents this. I did this recently on my phone and can confirm it works.
        • lxgr 25 minutes ago
          Woah, I never cease to be surprised by the unexpected kinds of things that Shortcuts allows (given all the obvious ones it does not). Thank you!

          Out of curiosity (and because I'm not going to try that for tomorrow morning) – does that kill my alarms, or does iOS schedule/store these somewhere accessible before first unlock?

      • aryan14 1 hour ago
        Very good suggestion, however I’m not sure if it’s healthy for a phone to reboot 365d/year?
        • dcow 1 hour ago
          Why not?
          • readyplayernull 1 hour ago
            Because it's healthy to take some days off
            • MR4D 44 minutes ago
              Maybe it should reboot every day for 5 days and then not reboot for 2 days.

              Of course, that would be week security.

              /ducks

              • erikerikson 38 minutes ago
                Eh hem... 4 day work weeks are more productive so not rebooting for 3 days should be even weeker.
      • Refusing23 33 minutes ago
        my 2021 samsung can do that

        but my new pixel cannot

        • frankacter 16 minutes ago
          Just tested on my pixel:

          Go to Settings

          Tap on System

          Select "Advanced."

          Tap on "Scheduled restart."

          Toggle the switch to enable it.

          Choose the day and time you want your device to restart automatically.

        • zackify 26 minutes ago
          That’s why you gotta run graphene
    • starfezzy 1 hour ago
      I would be ok with 8 hours during daytime, and some smart functionality for sleepy time. After all it’s just a reboot. I can’t remember the last decade I didn’t unlock my phone during the daytime.
  • EVa5I7bHFq9mnYK 3 minutes ago
    Lol, once again Apple is introducing with much fanfare something (auto restart) that has existed in Samsung phones since Android 5 Lollipop, 10 years ago
  • arcticbull 2 hours ago
    Periodic reboots are actually a PCI requirement for payment terminals heh, basically every point of sale on the market reboots every 24h.
    • Gigachad 2 hours ago
      Seems like a good defence in depth strategy. These days most systems have a pretty good boot chain security, so after a reboot you know the system is in a valid state and any potential malicious changes have been flushed out.
    • paxys 2 hours ago
      And Boeing 787 airplanes
    • EasyMark 1 hour ago
      Yeah I reboot my iPhone every weekend whether it needs it or not.
      • khana 59 minutes ago
        [dead]
    • hackernewds 45 minutes ago
      also, pretty necessary for the Prism program at the NSA to reinstall and update their firmware
  • jsjohnst 3 hours ago
    Wish this could be reduced lower. If I don’t unlock my phone in a day, something is up and extra paranoia is warranted.
    • astrea 1 hour ago
      After reading your comment, I was interested in whether or not I could achieve this through the built-in Shortcuts app. Unfortunately, "Restart" is not an available action.

      Edit: Actually, I was looking in the wrong place. It’s an option for the "Shut Down” action. Thanks, @jwond!

      • elboru 1 hour ago
        It’s so frustrating having a nice Shortcut idea just to hit a limitation right away.
      • bobbylarrybobby 56 minutes ago
        But can you have it run a fixed period of time after last using your phone?
      • jwond 1 hour ago
        There is a restart action. You need to first add the Shut Down action, then you can change it to Restart.
        • designed 55 minutes ago
          Just tried it. Unfortunately, even when you choose "Run Immediately", it still asks for user input when the time comes ("Are you sure you want to restart this iPhone?")
        • RulerOf 1 hour ago
          Thank you very much. I've wanted to have a weekly reboot of my phone for years now, and it drove me nuts that I couldn't create a shortcuts automation for it.
        • buzzerbetrayed 1 hour ago
          Nice! Just created an automation to restart daily at 4:00am. Hopefully it works without user input.
        • astrea 1 hour ago
          I'm so dumb. I didn't even click into the "Blank Actions" tile.
    • Hamuko 21 minutes ago
      My guess would be that the three-day timer is the first version to test the waters. Put it out there to see if there are any unexpected problems. And if everything's peachy, lower it in some future release to make it more secure.
    • petesergeant 2 hours ago
      And for minimal hassle if you just hadn’t touched your phone. 12 hours would work great for me.
      • rcMgD2BwE72F 2 hours ago
        18h is the default on GrapheneOS IIRC. Got my phone stolen abroad days ago with tones of sensitive data and that features was a big reassurance. I set it to 6h I believe.
      • aaomidi 2 hours ago
        I think you may be able to do something like this with a shortcut.
        • HnUser12 2 hours ago
          Iirc reboot requires user input so you can’t automate.
          • itake 2 hours ago
            Yep. I tried to do it with a shortcut and it was basically a reminder to reboot that could be ignored.
  • gnabgib 3 hours ago
    Previously (36 points, 6 days ago, 24 comments) https://news.ycombinator.com/item?id=42090636

    Related Cops suspect iOS 18 iPhones are communicating to force reboots (234 points, 7 days ago, 288 comments) https://news.ycombinator.com/item?id=42081874

  • SoftTalker 3 hours ago
    If this is true, then it's a trivial enhancement to make that a configurable setting. 72 hours could be the default, if your security needs are higher, you could turn that down to 12 hours, or even less.
    • chatmasta 2 hours ago
      If this were configurable, I would make it 30 minutes and increase it if I noticed any inconvenience. But I doubt that I would. I already have my phone in permanent do-not-disturb (so a reboot causing delayed notifications wouldn't be an issue), and it's not like I mind entering my passcode instead of FaceID every 30 minutes.
      • karlgkk 2 hours ago
        I don't know where you live, but in the US it's basically understood by the courts that FaceID is not protected, but PIN is.

        So if your threat model includes the sort of attacker that has a phone exploit or the ability to confiscate it, you should not be using FaceID. Instead, consider using six digit PIN with auto-delete after 10 attempts. Also enable Lockdown Mode And if you use iCloud, enable Advanced Data Protection.

        • chatmasta 2 hours ago
          Yeah, I consider FaceID to be basically a time-limited vulnerability akin to "remember me," because unlocking is a matter of just showing your face. It's convenient and I like it, but I don't get too upset when it asks me to enter a PIN (although I am annoyed when it doesn't respond well to the "swipe up to enter passcode").
      • duskwuff 2 hours ago
        30 minutes would be excessive. Keep in mind that the phone is unusable while it's rebooting, and that rebooting uses a nontrivial amount of power.
        • chatmasta 1 hour ago
          Rebooting takes ~7 seconds and ideally only happens when I attempt to use it.

          But regardless of that.... why does it take a nontrivial amount of power?

          • klausa 47 minutes ago
            Because booting is relatively CPU-intensive, compared to being at idle.

            But iPhones do not boot in 7 seconds either — it's closer to 40. At least that's what it took on my 16 Pro Max right now when I tested it.

    • threeseed 54 minutes ago
      > If this is true, then it's a trivial enhancement to make that a configurable setting

      It could be hard-coded into the Secure Enclave so it can't be disabled if the phone is jailbroken.

    • itake 3 hours ago
      I agree, but it sounds like apple is choosing 72 hours to give time for the cops, because cops are more coordinated than criminals?
      • xethos 2 hours ago
        I wouldn't assume this is explicitely to help LEO, but more because this is (AFAIK) the first time this is being trialed by Apple. 72 hours is a touch long, IMO (and based on some comments, it's not just me), but when your update touches millions of devices, it's also best to test thoroughly and have the first iteration be too long rather than too short.

        It's easy to drop the 72 hours in a future update, or tie a shorter delay to (as I believe Apple calls it) Lockdown Mode - the more important thing might be to keep the "It just works" assumption most people (myself not included) seem to have vis-a-vis Apple products.

        Notably, I assume it will never be user-configurable directly. Possibly through Lockdown Mode ("If enabled then shorter delay"), but I wouldn't count on Apple adding an explicit setting.

        • macintux 1 hour ago
          I’m betting it’ll be configurable via MDM.
      • threeseed 53 minutes ago
        It could just be for the user experience.

        There are people I know especially older who don't use their phone every day.

  • dcow 1 hour ago
    Why not just go all the way and separate the program instruction memory from the data memory, physically? I know there’s an approximation of this at the page level, but why even let the kernel modify its own memory in the first place? Memory unit that only loads signed pages. etc.
    • pdpi 47 minutes ago
      What you're asking for is a Harvard architecture computer (as opposed to a von Neumann architecture). There's tradeoffs involved.

      Two things to keep in mind are that JITs are damn useful pieces of tech, so losing them is a pretty damn heft price to pay for that separation, and interpreters will still treat your data memory as program instruction memory, which limits the benefit.

  • tlyleung 1 hour ago
    I get that a locked phone needs to have everything already in memory, but what technical hurdles are stopping Apple from making a locked phone as secure as a rebooted phone?
    • Shank 1 hour ago
      In the BFU state, notification previews, contact information for incoming calls, and other user-specific data is locked because it’s not decrypted. These things would also change the user experience dramatically, so that’s why Apple doesn’t do it.
    • ghostpepper 44 minutes ago
      There's a good discussion of how this is implemented cryptographically https://www.youtube.com/watch?v=BLGFriOKz6U
  • noident 3 hours ago
    This "novel" feature is already supported by GrapheneOS and set to trigger after 18 hours by default, with the option for the user to adjust it to their preference. There is no good reason to force the choice of 72 hours on everybody. That's a user-hostile design decision.
    • karlgkk 2 hours ago
      > There is no good reason to force the choice of 72 hours on everybody. That's a user-hostile design decision.

      It apparently only triggers if the phone hasn't been successfully unlocked for three days. So, it really isn't something most users will notice.

    • summermusic 1 hour ago
      This is an essential feature for my personal GrapheneOS phone. I only tend to use it once or twice a day most days, which means it is usually freshly rebooted every time I go to use it.

      I remember reading somewhere that many new exploits in the mobile space only exist in memory and are thwarted by a simple reboot, including the infamous Pegasus spyware.

    • Twisell 2 hours ago
      It's probably more of a tradeoff.

      This longer delay won't prompt hectic headlines about users angry about random reboot, it is long enought so federal agencies won't publicly react and plea Trump for their backdoor again, and it is a low profile update that won't necessarily be noticed beside tech circles thus "small fry" bad actors won't know how to correctly cover their back.

      A user hostile design would have been to never implement it in the first place. It's basically Apple's signature to choose generic default value and don't bother the user (for the better and sometimes the worse).

    • chatmasta 2 hours ago
      Back in my day, this was a non-issue because our phone batteries didn't last more than 6 hours.

      (Although I guess this change applies also to powered-on phones? Which is cool... this is why I choose Apple products.)

    • mouse_ 2 hours ago
      I remember the first time I ever saw the camera flash used as a flashlight was a feature in Cyanogenmod 7. Wifi hotspot from your phone started as a Cydia app, when legitimate apps weren't particularly useful yet.

      Hacks have always brought the coolest features to phones, but OEMs have made them less accessible than ever :(

    • casper14 2 hours ago
      How is Graphene working for you?
      • rcMgD2BwE72F 2 hours ago
        GrapheneOS is great. I’m on iOS 18 for now (until I get a new Pixel after I got one stolen days ago) and I can’t wait to go back to GrapheneOS.
      • AzzyHN 2 hours ago
        Not OP, but very well!! The only things that don't work for me are Google Pay and Android Auto, which is a shame but I can live without both of those.
        • jacoblambda 33 minutes ago
          Android Auto works well for me on Graphene (Pixel 9 Pro) but I obv can't make GPay work given that it relies on the OS having Google's blessing and they are actively hostile to GOS as a project.
        • cubesnooper 2 hours ago
          GrapheneOS supports Android Auto now! I use it every day.
        • hmottestad 2 hours ago
          That kinda sucks. I don’t carry cash or a credit card anymore. I just pay with my phone.
        • rcMgD2BwE72F 2 hours ago
          Upgrade. Auto is supported now.
    • faggotbreath 3 hours ago
      [dead]
  • ryandrake 3 hours ago
    Wonder how they've determined it's a deliberate feature and not some memory leak or something that takes 72 hours to manifest.
  • Jiahang 1 hour ago
    Sometimes when I turn off my iPhone for a while, it turns on by itself.
  • fatcow 2 hours ago
    Question: is the apple reboot seriously displaying a dmesg log?
    • wmf 2 hours ago
      I assume that's a Security Research Device. https://security.apple.com/research-device/
      • duskwuff 2 hours ago
        It is. You can see a SRD screen pop up briefly before the boot messages.
    • Twisell 2 hours ago
      I guess not in final release, but security researchers used the developer beta, probably with some verbose mode enabled.
  • latchkey 1 hour ago
    what about my Apple Watch?
  • BenFranklin100 2 hours ago
    It annoys me to no end to listen to the Android/Google apologists claim that Apple does not care about security and privacy.
    • xethos 2 hours ago
      Presumably because they disagree about what should be kept private from whom, and whether the user should be allowed to be in control of the security of the hardware.

      Apple will vouch for applications running on, for example, MacOS. They'll check the developer's account is still in good standing, and will prevent apps from launching without this check. Sometimes this (arguably) helps. Other times it hurts [0]. And while I disagree with the choices made, these are valid trade-offs.

      Apple will tie things like the hardware for FaceID, to a specific phone, and require it be re-paired by an Apple authorized technician. Sometimes this is bad - just look at any Right to Repair thread. Sometimes this is good - Evil Maid attacks don't occur often, but it's easy enough (from Apple's POV) to block them that it would almost be irresponsible not to.

      There is room for these discussions, but it's geared more towards how one views general-purpose computing devices, IMO, and can't really be answered in a flamewar-style "Apple is evil" type of environment.

      [0] https://www.theverge.com/2020/11/12/21563092/apple-mac-apps-...