By Dan Moren
July 10, 2018 7:19 AM PT
iOS 11.4.1 blocks USB password hacks…mostly
Yesterday’s release of iOS 11.4.1 contained a much remarked upon security feature dubbed “USB Restricted Mode.” To wit: iOS will now disable the data-transfer abilities of the Lightning port if the device’s passcode has not been entered for an hour, or an hour after it’s disconnected from a trusted USB device. Entering your passcode reenables the feature. (Charging is unaffected.)
That’s squarely aimed at tools like GrayKey, which law enforcement have used to exploit a loophole allowing them to unlock devices.
However, USB Restricted Mode is not—as currently implemented—fool proof. Security researchers at ElcomSoft point out that connecting a USB accessory inside the 1-hour window restarts the clock. That includes something like Apple’s own Lightning to USB 3 Camera Adapter.
That said, this isn’t a huge vulnerability—ElcomSoft even theorizes that it’s just an oversight. Not only does it require law enforcement to act quickly and to have the requisite hardware on hand, but it only works within the window: once USB Restricted Mode has kicked in, you can’t undo it without the passcode. Users can also manually enable USB Restricted Mode by triggering the SOS mode—holding an iPhone’s sleep/wake button and either volume button. That forces the phone to require a passcode.
It seems likely that Apple will fix this loophole in a future update, and I doubt that law enforcement agencies will act fast enough to capitalize on it in the meantime.
[If you appreciate articles like this one, help us continue doing Six Colors (and get some fun benefits) by becoming a Six Colors subscriber.]