According to a recent report, Apple has added a new feature in iOS 11.4 beta that will disable data transfer over USB if the phone is not unlocked for a period of seven days. The feature is called USB Restricted Mode, and it works by disabling the lightning port after the seven-day period, though the device can still be charged. The USB data transfer mode would be re-enabled if the phone is unlocked with your fingerprint, Face ID or passcode.
That will likely anger law enforcement agencies who have reportedly been able to unlock iPhones in criminal investigations with ease, using gadgets like the GrayKey. According to Malwarebytes, the $15,000 device can unlock iPhones as recent as the iPhone X running iOS 11.3 and is capable of cracking six-digit passcodes in roughly three days.
Security research firm Elcomsoft has posted its observations tracking one feature in the developer betas of iOS 11.3 and now 11.4 that has yet to go public: USB Restricted Mode. Elcomsoft’ Oleg Afonin noted that law enforcement will now only have seven days to attempt to access any iPhones running 11.3 or later before it locks itself against any “known forensic techniques.”
Apple’s implementation would be as thus:
To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via lightning connector to the device while unlocked – or enter your device passcode while connected – at least once a week.
Prior to this new addition, anyone could create a new local backup of an iPhone or iPad using the lockdown record extracted from the computer associated with that iOS device, though those records did expire after a certain amount of time, according to Afonin. Now, law enforcement will have an expedited window to unlock the device, as the lockdown records also expire after a period of time.
Apple has been fighting law enforcement over the latter’s many requests and lawsuits to have Apple unlock iPhones implicated in various crimes. The issue of access to data from devices in evidence lockers has been a hot topic since 2016 when the US Federal Bureau of Investigation tried to coerce Apple into unlocking the iPhone recovered from the San Bernardino shooter. The agency later managed to break in without Apple’s help.
There have since been other attempts to compromise iOS devices to aid in bringing criminals to justice – as well as a debate over whether individuals and hardware makers can be forced to grant access to such data.
