Do you remember the GrayKey? It's this mysterious standalone gadget that can crack iPhone and iPad passcodes in mere minutes.
It is also specifically marketed to law enforcement agencies and private investigation companies who are looking for a viable way to decrypt an iPhone.
But as we reported last month, Apple has a new iOS feature in the works that will render iPhone cracking gadgets like the GrayKey worthless.
And that feature is out now with the latest iOS update! But is this feature as good as it's cracked up to be?
Read on and find out about this new mode’s glaring loophole and why it can still put you at risk.
Police are angry they're being locked out of iPhones by this new move. Listen to what Kim says about this law enforcement situation in this Consumer Tech Update podcast.
USB Restricted Mode
Apple just released iOS 11.4.1 and it now comes with USB Restricted Mode, an option that was developed to stop cracking tools like the GrayKey.
Basically, this mode will deactivate all the data functions of an iPhone or iPad's Lightning port if the device has not been unlocked in the past hour.
This means that after an hour from its last unlock, the Lightning port will be limited to charging functions only.
However, researchers from computer security company ElcomSoft may have found a loophole that can still put you at risk.
USB Restricted Mode workaround
According to ElcomSoft, there's a loophole in USB Restricted Mode that can circumvent the timer. Based on their tests, this one-hour counter will reset if someone plugs in a USB accessory within that timeframe, and it doesn’t matter if your iPhone has connected to that accessory in the past.
ElcomSoft’s tests even showed that the loophole works with Apple’s very own Lightning to USB 3 Camera adapter. (It doesn’t work with Apple’s Lightning to 3.5mm headphone jack adapter though.)
This means if someone with a cracking device, say the police, gets hold of an iPhone, they need to immediately connect it to a compatible USB accessory and postpone the lock for another hour.
ElcomSoft’s Oleg Afonin explains in the company’s official blog:
“What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory, one that has never been paired to the iPhone before (well, in fact the accessories do not require pairing at all)."
In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour. "Importantly, this only helps if the iPhone has still not entered USB Restricted Mode," Afonin continued.
What are the chances?
How likely can an iPhone be confiscated by the police within an hour after its last unlock?
Afonin stated it’s quite high. "We were not able to find any recent stats, but even two years ago an average user unlocked their iPhone at least 80 times a day," he revealed.
ElcomSoft’s researchers are now in the process of testing other third-party adapters and accessories and they are "almost sure that they will work as well."
While they can't say for sure, ElcomSoft suggests that the loophole exists because a majority of Lightning accessories are not designed to exchange cryptographic keys.
Afonin thinks that it’s just an oversight on Apple’s part that slipped through beta testing and it’s not a major vulnerability. Apple could still fix and change the behavior in a future update.
"The ability to postpone USB Restricted Mode by connecting the iPhone to an untrusted USB accessory is probably nothing more than an oversight. We don’t know if this behavior is here to stay, or if Apple will change it in the near future. According to our tests, both iOS 11.4.1 and iOS 12 beta 2 exhibit similar behavior; however, this can change in subsequent versions of iOS," Afonin concludes.
Note: Before you update your iPhone, make sure you have a good backup plan in place. We recommend our sponsor, IDrive, for fast and reliable cloud backups.