By Dan Moren
July 10, 2018 7:19 AM PT
iOS 11.4.1 blocks USB password hacks…mostly
Yesterday’s release of iOS 11.4.1 contained a much remarked upon security feature dubbed “USB Restricted Mode.” To wit: iOS will now disable the data-transfer abilities of the Lightning port if the device’s passcode has not been entered for an hour, or an hour after it’s disconnected from a trusted USB device. Entering your passcode reenables the feature. (Charging is unaffected.)
That’s squarely aimed at tools like GrayKey, which law enforcement have used to exploit a loophole allowing them to unlock devices.
However, USB Restricted Mode is not–as currently implemented–fool proof. Security researchers at ElcomSoft point out that connecting a USB accessory inside the 1-hour window restarts the clock. That includes something like Apple’s own Lightning to USB 3 Camera Adapter.
That said, this isn’t a huge vulnerability–ElcomSoft even theorizes that it’s just an oversight. Not only does it require law enforcement to act quickly and to have the requisite hardware on hand, but it only works within the window: once USB Restricted Mode has kicked in, you can’t undo it without the passcode. Users can also manually enable USB Restricted Mode by triggering the SOS mode–holding an iPhone’s sleep/wake button and either volume button. That forces the phone to require a passcode.
It seems likely that Apple will fix this loophole in a future update, and I doubt that law enforcement agencies will act fast enough to capitalize on it in the meantime.
[Dan Moren is the official Dan of Six Colors. You can find him on Twitter at @dmoren or reach him by email at firstname.lastname@example.org. His latest novel, The Aleph Extraction, is out now and available in fine book stores everywhere, so be sure to pick up a copy.]
If you appreciate articles like this one, support us by becoming a Six Colors subscriber. Subscribers get access to an exclusive podcast, members-only stories, and a special community.