Do you think its better to have an iPhone powered down or on?
I am wondering if it would be possible to leverage remote wipe features, but maybe the border agents power off the device or put it in a bag / container that blocks cellular signals.
Law enforcement has tools like Cellebrite and GrayKey that can unlock or extract data while the phone is powered on but locked.
Apple is making this a bit more difficult by disabling the port if the phone hasn't been unlocked for seven days or more, but if the device is powered on and law enforcement acts fast, it's vulnerable.
Remote wipe might not play very well. If it was detained in relation with a crime, they might go with 'attempting to destroy evidence'.
Look at it this way. Suppose the seizure of the phone was totally reasonable (because that is how they will think about it). Now, that suspected criminal who apparently had something to hide decided to remotely tamper with evidence after we lawfully detained it? That is subversion of justice!
The above is an argument I'd expect to hear from them.
Oh dear no. The U.S. protection against compelled self-incrimination is for testimony, not seizure of papers/effects. Spoliation of evidence is illegal, and in some cases if it's not a crime by itself, it can still even lead to doubt being resolved against you (in other words, if you destroy a key document in a legal proceedings, the court might make a legal judgment that assumes the document's contents were as bad as possible for your case, even if it actually wasn't).
Shouldn’t matter. The key thing is to have a strong password, and disable any biometric authentication beforehand. (You can do this by squeezing the side buttons for a few seconds until the “power off” screen appears. The phone will then require a password before reenabling biometric authentication.)
Good question, I forgot about that. I'd have to read through the security guide again. I wouldn't personally worry about that, as I think the system is sufficiently robust against external attacks, but obviously other people's priorities and levels of paranoia may differ.
Powering down if possible and then initiating a remote wipe for my supporting Apple devices (macbook, iphone) as soon as possible would be my very first move. It's possible they do have procedures in place to block connectivity to any wireless networks, but couldn't hurt to try.
I am wondering if it would be possible to leverage remote wipe features, but maybe the border agents power off the device or put it in a bag / container that blocks cellular signals.