A new version of iOS will block a controversial loophole that law enforcement agencies have leveraged in order to
crack into locked iPhones.
Apple will include a feature known as USB Restricted Mode, which limits access to a locked iPhone through its USB port.
The feature previously appeared in the iOS 11.3 beta, making its way into the iOS 12 beta; now the company has confirmed the security patch will make it into a final iOS release. With USB Restricted Mode, an iPhone’s Lightning port will lock one hour after the phone is locked. In that mode, which will be the default, only charging will be possible through the port after the initial one hour period has expired.
“We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data,”
Law enforcement agencies across the country, perhaps unsurprisingly, are not welcoming this development.
“If we go back to the situation where we again don’t have access, now we know directly all the evidence we’ve lost and all the kids we can’t put into a position of safety,” the Indiana State Police's Chuck Cohen told the Times. Cohen leads the task force on internet crimes against children.
“We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs.”
That solution should thwart iPhone-cracking devices like those made by GrayShift and Cellebrite. Such devices, particularly GrayShift’s GrayKey, which promises to unlock even new iPhone models, use the USB port to access a locked iPhone in order to crack its password using more attempts than would normally be allowed. That process can take anywhere from two hours to more than three days, depending on the length of the iPhone’s password.
Federal agencies — including the FBI, DEA, State Department, Secret Service and at least five states — already have the GrayKey device or are in the process of obtaining it.
The FBI’s third-party solution to iPhone cracking became a lightning rod in the clash between the agency and Apple in the aftermath of 2016’s San Bernardino mass shooting, with Apple pressing the FBI for details on the security vulnerability and the FBI playing its tools close to its chest.
As Apple moves to neutralize GrayKey and similar devices, anyone looking to crack into the company’s famously secure iPhone is going to need to try a new tack.
Comments
Post a Comment