Coming from a district court, I think this ruling could be appealed, but it’s welcome news nevertheless.

  • bdonvr@thelemmy.club
    link
    fedilink
    arrow-up
    11
    ·
    edit-2
    4 months ago

    Lockdown mode is NOT the same. This disables biometrics, notifications, etc. But what FULLY rebooting does is protect against more sophisticated attacks like those of Cellebrite which is a company that sells devices to law enforcement that break into phones. I know border crossings often have access to a device of this type.

    Your device is encrypted pretty strongly, and before you put in your password for the first time after boot your data is essentially useless. But after that first time your device keeps the decryption key in memory so that it can be useful even while locked, serving you app notifications and processing in the background. This leaves your device open to many more exploits that could get around your lockscreen and into your unencrypted data. Leaked documents show that Cellebrite can very often get into devices after first unlock, but in the “before first unlock” state they can often only use brute force which you can protect against by having a cryptographically secure password.

    Looking at lockdown mode it’s pretty clear that it isn’t resetting to the more secure “before first unlock” state because it unlocks instantly with your password whereas after first boot there’s a small pause.