Hi all :) I've added some answers to all your questions at the end of my blog post. naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html
That’s because it’s a research device. That iPhone is likely Apple’s property that they’re allowing devs to use for testing purposes. Inactivity reboot is going to be a normal reboot on end-users’ iPhones
It's an Apple Security Research Device. Apple loans you a phone (which isn't for personal use) It's used to find, test, validate, verify, and confirm a vulnerability
this resets the phone from an AFU (after first unlock) state to BFU (before first unlock) state, part of this meaning encryption keys are purged from memory and you must use your pin/password instead of just biometrics to unlock the first time. this makes it more difficult for law enforcement or other phone thieves in general to access the data on the phone, because they need to get the encryption keys, there are no potential bypasses, memory-related or otherwise
I mean this kinda sucks since when your device is in a BFU state the people calling wont appear as contacts but who doesnt touch their phone for 3 days in 2024 anyway
Once every 7-10 days when I try to unlock my iPhone 13 on iOS 17.4.1, iOS asks me to first enter my password. Is that same as what's shown in the video i.e., BFU or is that AFU? Also, when I press the power + volume buttons together for a couple of seconds and don't shut down my iPhone, it asks for my password. Is this BFU or AFU?
Both scenarios you describe are AFU. The second one restricts some interfaces but disk stays decrypted. You can easily try that out when calling your iPhone: In BFU, no contact info is shown. In AFU, contact info from your address book is shown.
Not necessarily. Apple also put some other mitigations in there that require you to enter the passcode under certain conditions. In some of these cases, the iPhone didn't reboot and is still in After First Unlock state.
Hi all :) I've added some answers to all your questions at the end of my blog post. naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html
The fact that the reboot is in verbose mode is interesting. Apple usually *really* doesn't allow things like that on production releases of software.
That’s because it’s a research device. That iPhone is likely Apple’s property that they’re allowing devs to use for testing purposes.
Inactivity reboot is going to be a normal reboot on end-users’ iPhones
Yeah, you can see the research device watermark before it turns back on
cool, it even comes with a console blurred for privacy.
Nah, I think the blur is an overlay. Look how the notch is also blurred.
@@bryanmartin_ r/woooosh
@@bryanmartin_ no that's a feature of the console
@@ethancarter-0ridQ38That wasn't even a joke idiot
It’s clearly edited in post prod
0:32 looks like jailbreak
Just a dev fused device provided by apple to certified security researchers
It’s one of the security research device units provided by Apple for security research. There’s a glimpse of the label on the boot screen
I first time see the "Security Research Device" WTH
They give that to Apple Security researchers to find bugs
how did you enable verbose boot?
It's an Apple Security Research Device. Apple loans you a phone (which isn't for personal use)
It's used to find, test, validate, verify, and confirm a vulnerability
It's a security research device, part of one of Apple's programs. It has it enabled by default
-v
@@ImSkyebro you can’t just change boot args
@ sure you can, you can temporarily set them via usb debugging.
Mr might be pretty good at searching security issues to get his hand on an SRD (these kind of devices are quite rare)
is this for like re-encryption?
Yeah, in BFU state pretty much all user data is encrypted
Yup, prevents law enforcement from accessing data from your locked phone.
Is this the same encryption as with a factory reset?
this resets the phone from an AFU (after first unlock) state to BFU (before first unlock) state, part of this meaning encryption keys are purged from memory and you must use your pin/password instead of just biometrics to unlock the first time. this makes it more difficult for law enforcement or other phone thieves in general to access the data on the phone, because they need to get the encryption keys, there are no potential bypasses, memory-related or otherwise
How did you got verbose boot on your iPhone?
Why isn' the full iPhone visible?
Is this case quadlock?
I mean this kinda sucks since when your device is in a BFU state the people calling wont appear as contacts but who doesnt touch their phone for 3 days in 2024 anyway
Does it erase all data on the phone and did apple allow debugging openly
This is an SRD, a modified iPhone for security research sent by Apple to experts
No, by rebooting the device, it's now in "before first unlock" mode, where all user data is encrypted.
Once every 7-10 days when I try to unlock my iPhone 13 on iOS 17.4.1, iOS asks me to first enter my password. Is that same as what's shown in the video i.e., BFU or is that AFU?
Also, when I press the power + volume buttons together for a couple of seconds and don't shut down my iPhone, it asks for my password. Is this BFU or AFU?
Both scenarios you describe are AFU. The second one restricts some interfaces but disk stays decrypted.
You can easily try that out when calling your iPhone: In BFU, no contact info is shown. In AFU, contact info from your address book is shown.
why does this happen? does this happen every 3 days?
naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html
Idk, every unstable system requires a reboot at least once a week. Otherwise, system performance will feel slower than usual.
thanks for the great article 👍
Interesting article and a very good read!
Oh now I get it, that’s why sometimes when I’m trying to swipe up my phone it needs a passcode first because it reboots 😅😅
Not necessarily. Apple also put some other mitigations in there that require you to enter the passcode under certain conditions. In some of these cases, the iPhone didn't reboot and is still in After First Unlock state.
good video!
Very nice article
So Good.
is that jailbreak on ios 18???????
No.
That’s an SRD, specially modified iPhone that allow for deep security research
its remove lock screen
Bruh