A hidden feature in iOS 18.1 will automatically reboot a locked iPhone when it is asleep but hasn't been unlocked for a while, presumably as a security measure.
Features like this exist for putting the phone back at rest when there hasn’t been a successful unlocking for X hours – GrapheneOS, an Android OS, has a similar feature. The objective is to limit the window of time an attacker has to try to exploit anything the phone may have in operation during a not-at-rest state (when the user is still ‘logged in’ to the phone, certain background services / features may be available to exploit).
Rebooting automatically, especially if the phone not has not been successfully unlocked recently, may place the phone in a less exploitable state, as those services / features might not be available without logging in first.
We already know that Israeli cyber company has spyware called pegasus, that can 0-click attacks to ios and Android. It is one time hack, and it is removed on boot. They sell it as service. This is why cyber security centers recommend boot once a day.
If the phone saves its state before rebooting, why would that help? It will still be accessible after the reboot. What’s the attack vector?
Features like this exist for putting the phone back at rest when there hasn’t been a successful unlocking for X hours – GrapheneOS, an Android OS, has a similar feature. The objective is to limit the window of time an attacker has to try to exploit anything the phone may have in operation during a not-at-rest state (when the user is still ‘logged in’ to the phone, certain background services / features may be available to exploit).
Rebooting automatically, especially if the phone not has not been successfully unlocked recently, may place the phone in a less exploitable state, as those services / features might not be available without logging in first.
We already know that Israeli cyber company has spyware called pegasus, that can 0-click attacks to ios and Android. It is one time hack, and it is removed on boot. They sell it as service. This is why cyber security centers recommend boot once a day.
https://en.m.wikipedia.org/wiki/Pegasus_(spyware)
They had spyware, anyway. We don’t know that it still works.
The current version of iOS is 18.1.0.
We won’t know what they have now until it is exposed after usage though.