IPhone USB Restricted Mode Is Pretty Easy to Beat

Joshua Bennett
July 11, 2018

The new USB Restricted Mode in iOS 11.4.1 simply prevents any USB accessories from connecting if the phone has not been unlocked in the last hour.

But nearly immediately after this feature made it out to the public, a cybersecurity firm found a loophole (ElcomSoft via The Verge) that resets the counter that determines whether it's been an hour since you've locked the phone.

The feature, introduced in iOS 11.4.1 and iOS 12 beta 2, is supposed to make the data on your iPhone safe even if someone can physically access it.

Elcomsoft's initial tests showed that once the USB Restricted Mode is enabled, there's no way to disable it with forensics tools. After looking at the problem, Apple opted for what seemed like a foolproof solution: USB Restricted Mode.

What USB Restricted Mode does is to block data communications over the Lightning port an hour after the iPhone or iPad was last unlocked. This appears to be an oversight on Apple's part, which would allow authorities to gain access to iPhones by resetting USB Restricted Mode.

The bug is alleged to reset the one-hour counter available within the latest iOS update as long as a USB accessory is connected to the iOS device before the toggle triggers the lock.

It has been seen that the lock doesn't get affected with Apple Lightning to 3.5mm jack adapter, though the one-hour countdown was reset through the official Lightning to USB 3 Camera Adapter. The researcher also underlined that with the release of iOS 11.4.1, the procedure of "properly seizing and transporting" an iPhone could include a compatible Lightning accessory.

It prevents specialist unlocking hardware made by the likes of Cellebrite and Grayshift from entering multiple passcode guesses via the phone's data port.

But the same Elcomsoft says the workaround it discovered back in May still works on iOS 11.4.1.

Another user pointed out that the iPhone's Settings apps shows that the Personal Hotspot is using up nearly 50 percent of the device's battery life even when the user has never activated it. The only way for Apple to now fix this flaw would be to require authentication of all iPhone accessories, but this likely won't happen anytime soon.

Other reports by

Discuss This Article