Apple’s Latest iPhone Security Feature Already Defeated

Well, that didn’t take long.

It was only yesterday I was reading about the release of iOS 11.4.1 and wondering if it would resolve the battery drain issue of iOS 11.4. In case you were wondering, I have not found an answer to that as of yet. Instead, everyone was speaking about Apple’s new iPhone security feature.

Apple seems to have a different opinion about device security than what has always been the norm. Historically, companies have focused on protecting users from illegal hacking. For instance, most companies would see someone rooting the device, or stealing passwords to break into a users cloud drive to steal and publish intimate photos would be their priority. That’s not the case for Apple. Instead, they seem to be focused on locking out authorities from legal warranted searches. I know folks, I don’t understand it either. But Apple users sure seem to think this is somehow righteous. Well, I would assume they would believe that until they became the victim of a crime in which the criminals iPhone was responsible for them not being prosecuted, but time will tell on that assumption.

Apple’s latest iOS feature was yet another invention by Apple not to stop criminal hacking, but to prevent lawful access. Specifically, it was created to foil units like those produced by Grayshift which authorities have been using to crack locked iPhones in criminal investigations. This new feature is called USB Restricted Mode which will engage in one hour after a phone has been unlocked, or one hour after the device has been disconnected from a USB device. The one hour ensures that proper authorities will not have enough time to collect a device, obtain a warrant, and plug it into a Graybox to legally collect their evidence. Fortunately for police, and unfortunately for Apple, there is already a workaround. And it is really simple.

The workaround is so simple, I’m amazed that Apple did not discover it, or if they knew about it, that they would still choose to market USB Restricted Mode. In order for police to get around USB Restricted Mode, they simply need to plug a USB accessory into an unlocked iPhone’s Lightning Port. That is all. Doing so will reset the timer, and allow the authorities time to gain a warrant, unplug the accessory, start the timer back up, and plug in a Graybox.

Of course, if the device is already locked at the time of collection, this method will not work, but I imagine we will start to see police adding iPhone USB accessories to their everyday carry kits. It could save the police a lot of time and trouble, and taxpayers a lot of money, in many investigations. Also, if this big of an opening made it to a public release in which this was the marketed feature, I imagine it won’t be long before a bypass is discovered for an already locked phone.

 

Source: Elcomsoft

Brad

Founder & Owner of UTB Blogs. Former BlackBerry Elite. When I'm not talking or writing about BlackBerry, you'll find me using my BlackBerry.

Top