Clive Robinson • April 22, 2025 12:53 PM
@ ALL,
“Android phones will soon reboot themselves after sitting idle for three days.”
I guess “sitting idle” is a matter of view point…
The story begins much as it did for Apples iOS back in 2006 or earlier when Apple and Google decided to not just take over the “mobile phone” OS market, but as we now know turning users into product and a captive source of income via the “Walked Gardens” that were supposed to give users security.
We know that both Apple and Google failed of the security aspect as quite a few predicted.
The simple fact is the “network” side of a mobile phone is very definately not under a users control but the “Network Supplier via the SIM.
As time moved on other networking was added to mobile phones so now as a general minimum you also have 8n addition to the SIM Radio Interface,
1, WiFi
2, BlueTooth
3, USB
4, NFC
As a rule of thumb all of these are subservient to the SIM interface to the Network Service Provider.
For such a system to be “secure” requires the “Network Service Provider”(NSP) to “not exert authority”…
Put simply the NSP almost never relinquishes prime control.
Thus you have to consider what
“Sitting Idle”
Really means and I’ve yet to see notes to that effect.
So I would not say such a system is “guaranteed to work” especially with UK and Auz crypto legislation.
If you read the UK “Regulation of Investigatory Powers Act 2000″(RIPA-2000) and “snoopers charter” “Investigatory Powers Act 2016″(IPA-2016) update, you will not find any “valid defence” for an equipment provider or equipment user for such “resets” or as in the case of Signal and similar apps disappearing/self deleting files etc.
That is such things are “unlawfull” and can constitute “tampering with evidence”.
So I suspect it won’t ve long before the UK Home Office comes knocking at Googles door much as it did with Apple just a short time back.
But it has another aspect…
E2EE being “backdoored” is now becoming a “lost battle” and “See What You See”(SWYS) device “client side” “plaintext UI” scanning is being pushed as the new solution.
For SWYS to work then there has to be not just “activity” on the mobile device, it needs to “talk to the mothership”…
This would be very far from “Sitting Idle”…
So do not in any way consider this a “user safety feature” that will be either effective or be alowed to stay in place without a “Master Override”.
Law Enforcement have seen the power of such breaches of user security with the likes of EncroChat. Sufficient in the case of the UK for the NCA to perform “unlawful activities” and the woman who signed off on it to get a fairly high up “Honours Award” rather than dismissal and jail.