I wish CitizenLab would revisit this topic (or visit it at all, ot sure if they have) about BFU vs AFU mode now. Unless content has CompleteProtection, i believe certain important things can be accessed regardless or lock status if you’ve at least unlocked from boot once…
I know lockdown mode is supposed to prevent unauthorized usn accessories from connecting but the devil is always in the implementation and I’m not super certain Apple hasn’t fudged the details in some small nuanced but very real way as some people will likely come to find out. A little bit conjecturey but there’s reason to be skeptical.
Huh, you have a valid point. I haven’t tried it yet, but it probably doesn’t access/unencrypt too much more than the regular lock screen, given thats its just a glorified alarm clock with notifications. Ironically, some of the most private stuff (photos, notes) don’t have CompleteProtection, so that’s a current gaping vulnerability. And yes, if the FBI really wants your data, there are RAM reading tools for iPhone.
I think the main important thing is to ensure USB accessories are disabled and also to allow for automation actions that don’t require user confirmation like shutdown and reboot that can be triggered by actions like connecting a charging cord
Yeah, unfortunately iPhones don’t have a option to ask each time a USB cable is plugged in (has to unlock first), which is a feature I love in macOS. You can turn on a feature disabling USB Data after an hour of not unlocking on iOS though, which I do.
This StandBy feature sounds like a fantastic way to ensure phones are always in AFU mode and easier to compromise
The devices are still locked. It’s fine.
I wish CitizenLab would revisit this topic (or visit it at all, ot sure if they have) about BFU vs AFU mode now. Unless content has CompleteProtection, i believe certain important things can be accessed regardless or lock status if you’ve at least unlocked from boot once…
I know lockdown mode is supposed to prevent unauthorized usn accessories from connecting but the devil is always in the implementation and I’m not super certain Apple hasn’t fudged the details in some small nuanced but very real way as some people will likely come to find out. A little bit conjecturey but there’s reason to be skeptical.
Huh, you have a valid point. I haven’t tried it yet, but it probably doesn’t access/unencrypt too much more than the regular lock screen, given thats its just a glorified alarm clock with notifications. Ironically, some of the most private stuff (photos, notes) don’t have CompleteProtection, so that’s a current gaping vulnerability. And yes, if the FBI really wants your data, there are RAM reading tools for iPhone.
Here is a stackexchange thread about AFU/DFU/CP if you didn’t know.
I think the main important thing is to ensure USB accessories are disabled and also to allow for automation actions that don’t require user confirmation like shutdown and reboot that can be triggered by actions like connecting a charging cord
Yeah, unfortunately iPhones don’t have a option to ask each time a USB cable is plugged in (has to unlock first), which is a feature I love in macOS. You can turn on a feature disabling USB Data after an hour of not unlocking on iOS though, which I do.
I just wanna recognize your comment. I can’t quite parse it yet but I will