Wednesday, 26 September 2018
Latest news
Main » Cheap device could stall Apple's new USB port lock

Cheap device could stall Apple's new USB port lock

10 July 2018
Cheap device could stall Apple's new USB port lock

The feature, dubbed USB Restricted Mode, is created to prevent third parties from gaining access to your device by using lightning-connected gadgets to crack your passcode and bypass Apple's safety mechanisms. However, it turns out that there was an oversight in security, meaning that USB Restricted Mode can be bypassed by a simple accessory that Apple sells itself.

"We performed several tests, and can now confirm that USB Restricted Mode is maintained through reboots, and persists software restores via Recovery mode", ElcomSoft's Oleg Afonin writes.

Greyshift claimed it had already worked around that restriction but it might not have to, at least not for a while.

The toggle is off by default, which means that once your iOS device has been locked for more than an hour, the operating system will no longer allow USB access to connect to the device.

Afonin's method works by extending the one-hour countdown of Apple's USB Restricted Mode. Those tools end up in lawmakers' hands but, potentially, criminals as well.

iOS 11.4.1 is mostly bug fixes, reports 9to5Mac, but it does make the Find My AirPods feature more reliable. Prior to iOS 11.4.1, isolating the iPhone inside a Faraday bag and connecting it to a battery pack would be enough to safely transport it to the lab.

Apple hasn't confirmed the once-every-ten-minute limits, but if true, that's a really big problem for companies like Grayshift ... and a really good thing for customers who just want their devices to be as secure as possible.

Apple hasn't commented yet, but we can assume that a patch will be landing soon.

However, if a cop gets to seize a locked iPhone until the next iOS update that brings fix to this flaw, they can potentially get around the USB Restricted Mode through a USB accessory.

iPhone and iPad owners, this one is for you! As ElcomSoft writes, there are quite high chances of a device being seized within an hour since its last unlock.