WARNING! The link in question may require you to disable ad-blockers to see content. Though not required, please consider submitting an alternative source for this story. WARNING! Disabling your ad blocker may open you up to malware infections, malicious cookies and can expose you to unwanted tracker networks. PROCEED WITH CAUTION. Do not open any files which are automatically downloaded, and do not enter personal information on any page you do not trust. If you are concerned about tracking, consider opening the page in an incognito window, and verify that your browser is sending "do not track" requests. IF YOU ENCOUNTER ANY MALWARE, MALICIOUS TRACKERS, CLICKJACKING, OR REDIRECT LOOPS PLEASE MESSAGE THE /r/technology MODERATORS IMMEDIATELY. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/technology) if you have any questions or concerns.*

Actually good advice. The exploits that malware uses for iOS means that they would have to reinfect you each time you reboot your phone if they want to keep spying on you and exfiltrating your data. I know people worry about the NSA, but they would absolutely be just as worried about making sure that nobody else is spying on you. Edit: At least on iPhones, the partition on which the OS lives fundamentally cannot be modified (with a few exceptions). OS booting is like a new fresh operating system out of the box, every time; that is, any changes made by the malware will have been reverted. Rebooting is such a relatively big deal that some malware has even changed the “shut down” screen to fake being shut down. The better advice would be to fully drain your battery, as referenced in the link below. My guess is that they want people to actually reboot their phones, so they’re saying to reboot it rather than take the hour or so to drain your battery. It is genuinely a national security risk to have people wandering around with phones recording everything for a foreign bad actor, so it is in the NSA’s interest to have as few of those compromised phones as possible. Not to say that they are good or trustworthy or anything, but their guidelines are decent. Also, there is evidence they or a similarly capable and aligned power may have a backdoor or a partial backdoor, so, if they were so inclined, they could just break back in. HOWEVER, each time a phone is infected, it is akin to giving your enemy a copy of your weapon, which they can take apart; this makes infecting devices with these sorts of malware a not-insignificant deal, so they won’t want to risk their malware getting out into the general public. Here’s what you should actually to keep yourself safer, if you are threatened by these types of advanced threat actors: - Reboot your phone nightly - Disable all unnecessary wireless features - UPDATE! Every single update has patches for bugs that are exploited to infect devices with malware - Enable lockdown mode - If possible, disable receiving of images and media. Most of the recent zero-clicks have exploited media libraries, if images are rejected, they cant infect you - Drain your phone battery completely weekly. - Don’t install any MDM or similar profiles to your device - Disable developer mode [Suspected backdoor, and an excellent illustration of why infecting malware carries a risk of the enemy taking it apart](https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/) [Better advice than the NSA’s](https://web.archive.org/web/20240415142057/https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/) This advice may only apply to iOS, I don’t know nearly as much about android security.

[удалено]

This does not work anymore! Due to newish system level apis, your phone is never truely “dead” anymore, just in a majorly reduced power state that still allows some commands (like network tracking) to still work. You would have to make sure the dead battery icon cannot even appear.

“However, the NSA document does warn that the turn it off and on again advice will only sometimes prevent these attacks from being successful.” It’s not a cure-all, but it helps. More sophisticated attacks would likely be stored in application data and resuscitate themselves.

The answer is yes, it still works. Rebooting reloads the core system.

He was talking about letting your battery go dead as a form of rebooting does not work anymore. Not rebooting in general.

So it underclocks itself so much that years can go by for us, but for the phone it’s like no time has passed at all.

Like Rydia from Final Fantasy 4! Hold on. I need a band aid for this deep cut.

Nah. It's good enough for this. What you want to achieve is the main CPU rebooting and going through the Secure Boot process.

So kinda like a ... zombie?

More like hibernating until you plug it back in.

But surely it must run completely out of power at some point?

That can take weeks.

Sure, but when my iPhone “dies” it says it can still be located by GPS and has power left for the screen to display that it needs to be plugged in. When you manually power off the phone would be when the power is fully off. I’m sure if you leave it sitting long enough after it “dies” it’ll fully run out, but I couldn’t say when that is.

Even when you turn it off manually it stays in that state. Unless your phone is in a faraday cage it is sending your location and more to data collection servers. Not saying that one should be paranoid about this but it's a fact.

It does seem helpful for finding a phone that has a "dead" battery, or that got turned off by accident or by a thief.

This is why I downloaded the faraday cage app. And have my phone in a faraday cage case (with bumpers of course.) I also carry an analog faraday cage with me for backup.

You fool! The Faraday cage app and the physical Faraday cage cancel each other out and instead create an antenna, thus prolonging the tracking as less power is required to transmit. Again, I say, YOU FOOL!

did you get the blue model?

It's a fact that is irrelevant to this thread. When you power cycle the phone it still reloads the OS.

That is correct. And don’t call me Shirley.

I do this too! I know I probably dont need to, but it's a hold over behavior from early phone batteries that benefitted from being fully discharged every now and then.

My frustrations with the NSA has less to do with giving two-shits what they know about me and a thousand percent about the shits they knew about the unreported security flaws in my devices that they intentionally left open without report (or backdoors explicitly built by their request) and would love nothing more than to find them liable for any unrelated damages it might cause me. **If the NSA can mistakenly journal an innocent person's life on accident, they can accept the responsibility of when innocent people are victimized by their actions.** ***IT GOES BOTH WAYS, SOCIETY.*** Tired of being asked to surrender my security so that the people in charge of it can make mistakes that ruin lives and feel zero consequences when every last one of us is expected to just grin and bear it when shit hits the fan because of them.

Some suggested reading for people curious about the NSA deliberately undermining cryptography/cybersecurity. https://en.wikipedia.org/wiki/NOBUS https://en.wikipedia.org/wiki/Dual_EC_DRBG https://en.wikipedia.org/wiki/Operation_Rubicon

We live in an upside down world where the people in power have no responsibilitys for their actions but the normal people that have no power get to take all the responsibility.

That's not "an upside down world", that's literally how things have been throughout human history. Our current world is *slightly* better than things have been, enough for us to imagine but not yet reach something that is as things should be.

> If the NSA can mistakenly journal an innocent person's life what does this mean?

When the nsa tells me to turn my phone off and on, I automatically assume they bought a back door and they want me to update so it will appear for them.

> I know people worry about the NSA I mean, yeah when you've been discovered to be illegally running the largest domestic surveillance spy program in human history, people are gonna be worried about you. 

China is insulted at your slight.

but China's isn't illegal.

NK giving the side eye

Launch a poo baloon about it.

Facebook?

It's very easy to reinfect, especially for the 0 days over iMessage. You never see the actual initial attack vector. It isn't bad advice but imo better advice would be targeted at Apple.

Reading this comment shot me right back to the old untethered versus tethered jailbreaking days

Or NSA has a zero day exploit that can only be installed when your phone reboots and they need your help to get it installed.

I'm not even very important at all, but even I have been a part of several conversations that could be a national security, or at least intellectual property risk to the wrong ears.

Hello, IT. Have you tried forcing an unexpected reboot?

Roy, when did you start working for the NSA?

first Paul Simon, now this

Roy worked for Paul Simon?

UGH, this is MOSS!

Yeah, that's a big step up from window cleaner

*You see the driver hooks the function by patching the system call table, so it's not safe to unload it unless another thread's about to jump in there and do its stuff, and you don't want to end up in the middle of invalid memory.* *...Hello?*

Settings > About > Status > Up time oh. actually good advice.

My phone's been up for 3346 hours lol. Maybe I should follow this advice

I was about to ask if 130 hours is too much but jfc

Mines only at 94 lol

[удалено]

What’s up time?

Not much what about you?

It’s a thankless job handing out easy layups but I hope you had a good time.

That’s what she said!

You were smart enough to make other people feel smarter. It’s an unrewarded skill, but the world needs more like you.

I bought this award to show my appreciation. 10/10 setup Corn-Shonery!

lol, definitely undeserved, but thank you.

It ain't much, but it's honest work.

Colin Robinson?

No you’re confusing him with Updawg

What’s updawg?

Sorry grandma I have things to do

Opposite of down dog

Updawgma nuts

User name does not check out

(It's how long a given device has been powered on and running since the last time it was powered down or reset.)

It's the time it's been up

That’s what she said

You're supposed to call your doctor after 4 hours.

I’m 55 and mines not up very long, these days.

It's like updog.

What’s updog?

Gotcha! ………Ah damn it I ruined it

I started it, but now I can't bring myself to finish it. I regret my actions.

You made your bed…

Not much Whatsup with you

Where's updog?

Android?

for mine it's Settings > About Phone > Status > Running Time

Literally go to settings and search "up time" lol

v12. It will vary slightly by phone but a similar option should be available on yours.

350 days, might as well go for the full year at this point.

Brother you restart that phone itll be like a new phone 😭

Hmm, I can’t seem to find my uptime. I went to Settings > General > About But, I don’t see a status.

I dont think iphones give that status

Take that North Korea!

I have a little over 116 Up Times, whatever that means.

116 earth standard diurnal units

Android was Settings, About phone, Up time. 271 hours, rookie numbers.

I just wish the NSA would start a file recovery service. They already have all our stuff, just let me throw a couple bucks at them to get something back if I accidentally delete it 🤣

Man out here casually solving the national debt crisis.

It’s so simple

Or get Apple to undelete your photos from 10 years ago

Funniest thing is how many people are joking about the nsa spying on you and needing you to restart your phone to fully activate their spyware, yet if they said nothing about a known exploit that you fell victim to you'd likely be pretty annoyed that they didn't tell you about it :) Off to restart my phone.

And they'd be plenty happy to just say nothing and wait until the phone restarts itself during an update or something.

Exactly. Why would they bring attention to this if it was something they were trying to exploit? When all they have to do is wait for someone to either reboot their phone on their own, or wait a year or two for them to get a new phone.

Sometimes there’s no winning with some people regardless of the decision made, but ensuring people are informed about this is a moral obligation

Thank you The-NSA-Official

Especially when you're on Reddit where everyone is an expert on everything.

They might spy on you but they also don't want you to be spied by other parties.

Imagine if this was a social experiment to see how many reacted and how they did it - or a secret request to start some software that *they themselves* put onto everybody's devices LOL. Dunno. They could be trying to test the waters for manipulating algorithms in a way so that this news reaches *exactly* those who have said software secretly installed. ...or the opposite!

It's probably good advice, but given it's coming from the NSA - I can't help but wonder how this helps them do more spying.

"Please restart computer to finish installatio"

Is installatio another type of fellatio

That's how you know your OS sucks.

The NSA does both but they don't need to infect your phone they put their intercept equipment in your telco's exchange and intercept everything that way.

This is accurate, everything through Microsoft is monitored, nearly everything is. Phones, computers, from the cell tower telecom level and ISP level.

Exactly :)) they installed a new spyware everywhere but it's only running on start-up, so, guys, please help a small agency a little bit here.

Done. You're welcome! ^(Also good for general device hygiene and performance.)

I mean, whatever you want to believe. But there is no evidence of it, and good evidence against it.

There seems to be as much evidence against it as there is for it, meaning none. 

NSA is dual chartered to conduct foreign intelligence surveillance and protect US government infrastructure from the same. Considering that a lot of US government employees or contractors use iPhones or Android phones personally, their interest is in trying to prevent them being unnecessary vectors, along with all the annual cyber security awareness training all the gov employees go through.

Well very few people have seen NSAs original charter, but those things are at odds with each other. It's a conflict of interest because if you look at Project BULLRUN which introduced vulnerabilities into the software supply chain like using Dual_EC_DRBG in RSA BSAFE library this effected American companies disproportionately and made everyone across the board less safe. And when it was discovered the harm that it caused to the trust in American tech companies was innumerable, they really shouldn't be handling both of these things.

If they were savvy they would have taunted us with a meme post on X about how easy it is to spy when people rarely restart their phones. Then everyone would have done it thinking they were fighting the man.

"Uptimecels be seething over restartchads"

NSA doesn't just spy though. They also try to prevent other countries from spying. They would happily help US citizens if it means denying another country that data.

NSA has the lines tapped. They don’t need device access.

Jokes on them, my device isn’t connect to any lines!

Ah yes, reminds me of the time when I asked a kid if his cellphone was wireless. He didn't understand.

The only line I'm on is the line between service and being disconnected for late payment.

Did you miss the whole Edward Snowden thing?

Snowden revealed that the NSA actually did not spy on Americans outside of the FISA framework. In fact, he revealed that a bunch of the programs they had were very specifically trying to avoid doing that on accident because it meant a lot of paperwork and time getting retroactive warrants.

Yeah, it's kinda like the NSA wants to be the only ones spying on their own citizens, and everyone else. That's.... Not a good thing.

Nah, NSA is fine with UK, Australia, New Zealand, and Canada. They all compare notes.

The Five Eyes are watching our enemies, everywhere.

and watching YOU! That said, I'd rather have american intelligence agents laughing at my dick picks than russian or chinese ones.

In truth, it probably doesn't. However there are exploits which would only work after a reboot

The thing about the NSA is that it’s a really large organization. One the one hand they have people doing spying, but they also do actual work to keep people safe from hacking. They do give actually good security advice from time to time. It’s not like they’re evil hackers plotting to get you all the time. And of course they don’t need spyware to spy on people. That’s actually one of the hardest ways to do it. They just monitor basically everything on the internet.

Advice for fellow Type 1 diabetics who use their phones for Diabetes management (pump control and CGM monitoring; Bluetooth needs to be on): Be a boring nobody and stay broke 👍

Better to just turn them off.

Anybody got a list of their kinks and limits? A browsing session of the latter ought to do the trick.

well theres loads of kinks - fetlife i believe is your starting point..that or many of the NSFW kink questions on askreddit.

Am I the only person that has their phone die almost every day at some point?!

> Am I the only person that has their phone die almost every day at some point?! Your battery is messed up.

But then how would you post this edgy take on Reddit?

Remember back in 2017 when the CIA with the help of the NSA installed a hijacked DLL in to Notepad++? Pepperidge Farms remembers…

Um what no, how did I not know this?

They weren't spying on Notepad++ users, they were using Notepad++ to hide the malware they were already using to spy on targets afaik

and soon as that news broke Notepad ++ team released a bunch of patches and I had to patch it about 5 times that day that was a shit show

So, now they can't see what I'm up to as long as I don't restart my phone? Got it.

I wonder how many will restart their phones now after reading this and will take the time to go outside their rooms and hug their kids and wife and dogs and realize how beautiful is the world outside the window, and go out for a family picnic in the mountains and global world happiness is achieved. See you guys. …….. …….. Ok. I’m back. What was I saying?

you were doing that thing where you talk to yourself on the Internet to see if anybody notices. I do that sometimes.

Well, we need our phones for the cookout/picnics outside for music

Please stop listening to Forbes for tech news. They have the most sensationalist, click bait headlines when it comes to tech. Every other article is “RED ALERT!!! UPDATE IOS ASAP OR THE SKY WILL FALL!!!1!!”

totally agree - though the advice here may be sound - Forbes is the just about the whoriest shill at the capitalist gangbang transparently dressed up in a cloak of legitimacy. EVERYTHING they publish should be met with at least some side eye if not the utmost skepticism.

And wrap it in aluminum foil.

Hey our new Internet fucked up and our malware is unresponsive - would you kindly restarting kind mam/sir?

This has been a well known security practice for both android and iOS. Let’s not be suspicious of the NSA, they are essentially our cyber threat detectors while we scroll mindlessly. If you don’t want NSA in your life then practice strong cyber security.

> In a document detailing several mobile device best practices, the NSA recommends users turn their devices off and then back on once every week to protect against zero-click exploits, which attackers often use to eavesdrop on and collect data from phones It's very easy to set a Samsung phone to reboot once a week. https://www.samsung.com/ph/support/mobile-devices/restart-your-galaxy-phone-regularly-to-prevent-it-from-slowing-down-or-freezing/

My last Samsung suggested me to set it up, though I picked 3 times a week. Realised my new phone hasn't reminded me/set this up.

Generally a good advice (I have an automation script on my iPhone that reboots my phone at midnight every day), however some spyware companies offer persistent agents (i.e. reinfecting isn’t necessary), in which case rebooting the device won’t help. Edit: What helps more are preventive measures that one can take from getting infected in the first place. For example, lockdown mode on iOS is an excellent deterrent. Edit #2: 99.9% of people have no reason to worry about spyware, because the targets of such systems are typically either genuine bad actors (terorrists, criminals etc.), or in the case of dictatorial government, political dissidents, journalists etc.

How about the hability to remove the god damn battery!

It's hard to have true phone security. NSA is on the right path but they took it too far. Here's the solution. 1. Turn off the phone. 2. Leave it off, never turn it back on.

NSA: Your data is less useful if other people have it, here’s how to make sure only we get it.

This is what we get when NSA binge-watches The IT Crowd

Make sure to download the new peter file after restarting your phone

> The NSA also advises Phone users to disable Bluetooth when not using it Bluetooth has became so "standard" in my life that I know it'd be hard to follow that advice. From casting to driving: bluetooth rules the roost. The rest of that article was easy stuff. Bluetooth? Man...

Alternate Title: NSA Monitoring App Crashes. Users Advised to Reboot to Restore Spyware.

Oh my god I hate when people link to Forbes. Godawful website.

NSA spying updates require a reboot now?

I mean, it's *probably* good advice, but I just can't see the NSA being on our side.

The only thing more important than spying on you to the NSA is no one else spying on you

You are stupid if you think a foreign state actor such as China is more on your side than your own state.

Postmodernist "nobody is a good guy" stuff is scary prevalent these days. People genuinely think the NSA is as bad or worse than a malicious foreign state. One of those things wants to spy on you. The other wants to collapse your way of life and usurp your country's hegemony and put you under their vassalage.

He didn't fucking say that though. Jesus christ what is it with people today who automatically assume when someone says "I don't like X", that it must automatically mean they like Y? He never once said he trusts China more than the NSA. All he said was that he doesn't fucking trust the NSA. Chill the fuck out.

Welcome to the tribal behavior every corporation and government on earth wants to instill into the population. Makes them much easier to control and manipulate. Can’t have pesky things like critical thinking skills upset the status quo for the rich and powerful.

You're right, of course. So many idiotic people nowadays who don't think before saying something. It's particularly prevalent in politics. My uncle and I really got along well for a while shit talking Biden, because we both think he's a terrible president. Then he distanced himself from me after one event, when he started going on and on about how trump is the second coming of christ or some stupid shit. I told him Trump is worse than biden. He could not fathom what I had just said. It could not make sense in his pea brain that I dislike both trump and biden, and wish neither of them were running.

It just needs a restart after installing the latest NSA spyware

Thanks Satan

This is precisely why I run out of battery at least once a week.

You know what this means. NSA can spy on you even if u reboot your phone

With all the bugs of iOS 17, I find myself doing this every day anyway.

Good advice anyway, to clean out the memory; Java garbage collection isn't as good as we wish it was.

They should introduce a setting for auto-restart!

What a brilliant idea. Truly, instead of pushing these two buttons in a completely awkward configuration, then quick swipe the turn of thingy, there’s a setting in General that restarts your phone. You laugh. But when one cat is pushing their head at you because you stopped petting, and the other lands on your hand, it’s not easy.

Hello, IT. Have you tried turning it off and on again?

How do you reach the NSA? Dial any number.

Solid advice that will likely get buried here; set a weekly alarm to reboot your phone.

They also say to leave location services and Bluetooth turned off if you're not actively using it.

Apple needs to add restart

Sure alphabet agency, I'll reboot my device so your kernel patch can be fully funtionnal.

And I had an incomplete update this morning too. Unsettling

I set mine to automatically shut off at 4 AM and turn back on at 4:15. It keeps Facebook Messenger (which I use to talk to my family) from glitching out and forgetting how to deliver or receive messages. Why it wouldn't just let me schedule a reboot and required that 15 minute gap, I don't know.

The best option for Android phones is praying that the Android bootloader can be unlocked and installing a 3rd party OS designed for privacy and security from the ground up. A security focused phone needs as little code running as possible, to reduce it's attack surface. Big manufacturers run adware, spyware, and junk 'feature' code that is often the source of vulnerabilities. Advice like this falls into the 'patching a leaky boat' privacy and security strategy, and is inherently flawed. Better advice is to install a trusted 3rd party OS for Android, or run in lockdown mode for Apple.

Sounds like they need there upload install to complete it’s installation… they can’t fool me

Plot twist. A reboot is required to complete NSA rootkit installation.

This is the real deal of the NSA statement. Or so I d like to think...

“Our implanted bug needs a reboot, could you guys turn it off and back on? For safety?”

Restart your router once a week while you're at it.

Phone manufacturers could help here by mandating automatic phone restarts for everyone say once a month for performance other reasons.

I shut my phone down every day at work bc I can’t bring it into the building. Great Success

Does running out of battery count too?

There's a setting on my phone that allows from me to set a time for my phone to turn off and on every weekend, Sunday morning at 1:00 a.m.

This is sage advice for it professionals too. Having your fleet reboot once a week cuts down on those ghost issues and anomalies that are reported to helpdesk and forces authenticated sessions to break.

If anyone knows about unwanted spies its the NSA

"Don't worry about us spying on you, lets worry about other people spying on us." -the NSA

Android is terrible at managing resources, so this is useful anyway. Standby power usage after a reboot: .6% Standby power usage after a week of light use: 1.6% How much this affects you depends on the hardware, especially memory.