Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Android has launched a new update that will force devices running its operating system to reboot automatically if they remain locked for three days.
In an update pushed last week, Android launched a new “Security & Privacy” feature that “enables a future optional security feature, which will automatically restart your device if locked for three consecutive days”.
When a phone is restarted, it is set to “Before First Unlock” state, during which time certain data is fully encrypted and will remain so until the device is unlocked with a password. If you’ve ever turned on your phone after it has died or turned off and been unable to unlock it with biometrics like a fingerprint scan or a face scan and needed to use your passcode, your device was in Before First Unlock mode.
Once a device is unlocked for the first time, it enters the “After First Unlock” state, which decrypts that certain data.
The concern is that when a device is in After First Unlock State, the now decrypted data can be accessed by threat actors through security flaws or by using a password through brute force. This is the same way law enforcement accesses the devices of suspects and criminals, using a forensic analysis device.
Apple launched the same feature last year, “inactivity reboot”, as part of iOS 18, which causes iPhones to restart after 72 hours or three days.
“Even if thieves leave your iPhone powered on for a long time, they won’t be able to unlock it with cheaper, outdated forensic tooling,” Hasso Plattner Institute researcher Jiska Classen said on X.
“While inactivity reboot makes it more challenging for law enforcement to get data from devices of criminals, this won’t lock them out completely. Three days is still plenty of time when coordinating steps with professional analysts.”
Be the first to hear the latest developments in the cyber industry.
