Skip to main content
  1. Home
  2. Phones
  3. Mobile
  4. News

A hidden iOS 18.1 upgrade made it harder to extract data from iPhones

Add as a preferred source on Google
A person holding the Apple iPhone 16 Plus.
Apple iPhone 16 Plus Andy Boxall / Digital Trends

Apple Intelligence was the most notable upgrade that arrived on iPhones with the iOS 18 series of updates. But it seems Apple reinforced the security protocols in the background that could prevent bad actors from gaining unauthorized access to iPhones that haven’t been unlocked in a while by their legitimate owner.

Earlier this month, 404Media reported that law enforcement officials are troubled by iPhones that are mysteriously rebooting. Citing a report courtesy of officials in Michigan, the outlet notes that the reboots are hampering the ability to access what’s stored on the phones through brute-force unlock methods.

Recommended Videos

Following the report, Dr.-Ing. Jiska Classen, a wireless and mobile security researcher at the Hasso Plattner Institute, shared on social media about a new iOS 18.1 feature called inactivity reboot. It kicks into action when an unlock action is attempted on an iPhone.

“While most people won’t have their phone forensically analyzed, many more will have their devices stolen. It protects user data in both cases,” she explained. The whole system is tied to patterns of inactivity and how a phone taps into a secure state after being restarted.

Specifically, a phone enters a Before First Unlock (BFU) state following a restart. It only exits that stage after the phone has been unlocked. BFU is a critical security measure, as it encrypts files individually on the phone, which means they can be accessed only after the phone has been unlocked.

Cellebrite UFED device.
A Cellebrite device used to extract data from smartphones. Cellebrite

On iPhones, unlocking it after a restart (or the BFU phase) generates a decryption key, which subsequently decrypts the files and allows access to them. “Almost all the content of an iPhone is encrypted until the point when the user unlocks it to enable the phone to start up,” explains Celleberite, a company that makes devices used by law enforcement to extract data from phones.

The BFU state doesn’t seem to block access to all data, but it does impose some serious restrictions. “Remember, if you seize an iPhone and it is already powered on, try to keep it that way,” Cellebrite warns investigators in another blog post.

Apple’s new inactivity reboot system throws another obstacle in the way of accessing the data on an iPhone even if it hasn’t been unlocked in a while, thanks to the automatic reboot process that puts the phone in BFU mode.

Now, the BFU state itself is not impenetrable on its own. Cellebrite claims that its Premium package — which includes a UFED device and special software — can help extract data from devices in the BFU state.

However, as per a research paper by experts at the Department of Electrical Engineering (Faculty of Engineering, Universitas Indonesia), they could “see just around 40% of the media obtained in BFU locked device extraction” using the Cellbrite Premium system.

Apple hasn’t officially commented on the inactivity reboot system that it implemented with iOS 18.1 yet. However, the company still cooperates with law enforcement authorities to unlock iPhones with proper warrant or legal authorization.

Nadeem Sarwar
Nadeem is the Managing Editor at Digital Trends.
OxygenOS made OnePlus phones special. Now, it might go away forever
The Android skin that defined what a clean, fast phone could be is officially ending. ColorOS is what comes next.
Person holding OnePlus 15.

If you bought a OnePlus because of OxygenOS, for the relatively clean, fast, and actually-useful Android experience, your phone may be the last one to get it. 

According to a report from the Indian outlet Smartprix, OxygenOS and Realme UI are both reportedly being phased out. If accurate, everything would move to ColorOS, the skin atop Android on Oppo smartphones, globally, across all three brands.

Read more
This flower identification app turns every walk into Pokémon Go for plants
flormie lets iPhone users scan flowers, save them as collectibles, and build a calmer kind of real-world collection game.
Electronics, Mobile Phone, Phone

A new flower identification app wants daily walks to feel a little more like Pokémon Go, only with fewer raids and far less public phone shouting.

flormie is an iPhone app built around a simple loop. Find a flower outside, scan it, and add it to a growing collection. That turns a normal walk into a low-pressure nature hunt, without pretending every sidewalk needs battle mechanics.

Read more
Your iPhone will soon warn you before you fall for a scam
iOS 27's new Trust Insights system watches for signs of coercion during calls, texts, and email to help users avoid scams.
iOS 27 Trust Insights featured

Apple is introducing a new anti-fraud system with iOS 27 that's designed to catch scam attempts in real time. The framework, called Trust Insights, monitors user behavior during calls, text conversations, or email exchanges and can trigger a warning or add a verification step if it detects signs of manipulation.

How Trust Insights works

Read more