Apple's USB Restricted Mode can be fooled, security researchers say | Apps & Software
Security researchers say they’ve found a way to get around an antihacking feature in Apple’s iOS 12 beta and in the newly released iOS 11.4.1, which came out Monday.
USB Restricted Mode is designed to shut off access to data on an iPhone or iPad when new USB accessories are plugged into the Lightning port, as long as it’s been more than an hour since you last unlocked your iPhone. The feature prevents people from using gadgets such as the GrayKey tool from accessing the phone’s information.
That time allowance may be convenient, but the flip side is someone might be able to access data on the iPhone within the hour. That’s what Oleg Afonin, a researcher at cybersecurity firm ElcomSoft, looked to take advantage of. In a blog post he said a $39 device can “fool USB Restricted Mode.”
Afonin said he and his colleagues found that though Restricted Mode itself can’t be defeated directly, the timer can be disabled to prevent the device from going into the mode in the first place. That’s because the hour countdown begins again if an unrecognized USB device is plugged in during the original window of time.
So if someone who wanted access to the data on your phone, be they law enforcement officers or hackers, obtained your device within the hour, they could keep access open by continuously plugging in an accessory and resetting the clock.
Apple created the hour-long window as a compromise between security and convenience, since it didn’t want users to have to enter a passcode every time they plugged into a charging cable or whatever, according to a person familiar with the company’s thinking. Apple doesn’t see it as a flaw.
Security: Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.
Apple: See what’s up with the tech giant as it readies new iPhones and more.