recent report by 404 Media revealed that law enforcement agents have been concerned about iPhones automatically rebooting themselves
https://counter.social/@ecksmc/113449875247165441
which makes it very difficult to hack these devices. Security researcher Jiska Classen later discovered that this behavior is caused by a new feature called “Inactivity Reboot”
which has now been reverse-engineered by Classen.
The researcher detailed in a blog post how exactly Inactivity Reboot was implemented by Apple – which did everything quietly without publicly announcing the new security feature. Based on iOS code, it was possible to confirm that Inactivity Reboot was implemented in iOS 18.1, although iOS 18.2 beta code suggests that Apple is still making improvements to how it works.
https://naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html
Contrary to what was previously thought, the security feature has no relation to wireless connectivity. Instead, it uses the Secure Enclave Processor (SEP) to track when the iPhone was last unlocked. If the last time unlocked exceeds three days, SEP notifies a kernel that kills Springboard (which is the core of iOS) and initiates a reboot.
Unsurprisingly, according to Classen, Apple has implemented ways to prevent hackers from bypassing this process.
@ecksmc fascinating stuff! It makes me grateful to no longer be troubleshooting IOS connectivity issues. I'm happy to let some skills slip away now that I'm retired.
For example, if something prevents the kernel from rebooting the iPhone, the system will automatically cause a kernel panic to crash and reboot the device. The system also sends analytical data to Apple when a device enters the “aks-inactivity” state
-- 9to5mac