Have your phone seized by police, provide the PIN code so you avoid legal trouble and then have it reconnect to the network so it can receive a remote wipe command.
There is nothing funnier than seeing a cop enable airplane mode after providing them the PIN code and then getting the phone back in a factory wiped state, in an evidence bag with the PIN code printed on it.
All that can be done in the period of time before the police get to analyzing it (because most PD’s are too busy…)
The objective here is security.
Yes. If you’re rich, just buy multiple phones. That’s what I said. Depending on your threat model, you have to decide if meeting cops on the road or they coming to your house is of great concern. Also, Signal alone is not immune from digital forensics. OS security is always important.
As of iOS 26, this shortcut doesnt show the silder shutdown option anymore, it leads you to Settings > General and you need to scroll all the way down
Now, we will not need that shortcut anymore due to iOS 26 having the shutdown slider button in control centre itself, although a bit inconvenient than having a working home screen shortcut, it works 
Just in case I’m misunderstanding - What are you referring to? The power button in the dropdown menu precedes iOS26.
Oh I wasn’t aware that it existed before iOS 26 too, thanks for pointing that out
If you have a non-zero chance that someone could literally just flip a digital switch and be inside your phone…that is not secure.
Long time no see guys. I lost access to my old account. If @jonah or someone could help me that’d be awesome.
Anyways, I have recently had the opportunity to review a legal case involving multiple federal agencies trying to unlock a iPhone 14 Pro Max.
New things I’ve learned without saying too much:
- BFU iPhone (13+) using a iOS Beta = Fort Knox (yes, even a 6 digit pin although I don’t recommend). This doesn’t mean they can’t attempt to find your password another way
(data breaches, ATM Pin, eavesdropping, another less secure device, loved one knowing the password, birthday guess, CCTV, etc.)
But they are less likely to attempt anything unless their forensic suite actually supports it.
- Old iPhone graykey matrix is 100% accurate. Consent = not even a BFU extraction possible.
- If graykey can’t break into a iPhone, 9/10 Cellebrite can’t either.
Recommended approaches as of today:
- Install iOS Developer betas as soon as they’re available
- Use this new discrete BFU shortcut (no buttons required, looks like normal tapping and swiping)
- Alphanumeric password, use Face ID in public to avoid eavesdropping.
- iCloud+ , ADP , and 3 max password attempts before instant wipe (Find My Bypass) is inconvenient but still a solid choice if you don’t trust the future of iPhone security. I mentioned it here.
- Keep in mind Graykey Preserve is a new device that halts the inactivity timer introduced in iOS 18, preserves cached location data, BIOME and KnowledgeC records, and recently deleted messages or photos. These would usually be purged after 7-30 days automatically by iOS. This only applies to AFU and is useless if phone is already BFU.
If you don’t feel like reading all that. Keep your iPhone near you as much as possible! Turn your iPhone off before seizure! Don’t hold onto the same iPhone for 6 years! Use iCloud ADP!
Please message @moderators and we’ll try to assist you.
@ihateKYC Please scroll down to the very bottom for the latest news and tips.
Thanks for the tip in how threads work /s
Thank you for the update and all the rest of the info you shared here!
Can you elaborate on this suggestion?
I see you mentioned this was for iPhone 14 Pro Max. Could the new USB protections introduced in iPhone 15 or later mitigate this?
Source about USB protection?
Here you go
How long is that true for? My understanding is that normally Apple doesn’t make a lot of large changes after the first beta. Wouldn’t support be added pretty quickly?
Bypassing USB Restricted Mode has been a thing for a very long time as far as I’m aware. When I extracted chats from that DFIR discord awhile back I hardly ever saw any LE/Vendors complain about USB restricted mode on iOS.
I’m unsure if they are still able to do it after CVE-2025-24200 BUT as of 6 months ago, on reddit, a police officer stated that USB restriction mode isn’t a problem on graykey and BFU is the only issue they struggle with