Apple released New iOS Security Feature earlier this week. The feature, called “USB Restricted Mode,” disables data transfer through the Lightning Port after an hour of inactivity.
This security is designed to protect against unwanted intrusions through the iPhone’s Lightning Port. One possible use for USB Restricted Mode could be to foil passcode-cracking solutions made by companies like Cellebrite and Grayshift, which reportedly have been used by law enforcement authorities to crack iPhones. However, the protection may be weak at best.
Users can turn off the USB Restricted Mode capability if they want.
A password-protected iPhone that has not been unlocked and connected to a USB accessory within the past hour will not communicate with an accessory or computer, and in some cases might not charge, according to Apple. Users might see a message directing them to unlock the device to use accessories.
Openion of Will Strafach, CEO (Sudo Security Group)
The code GrayKey uses to break the passcode on an iPhone is a closely held secret, but it appears to load through the Lightning Port.
“So Apple’s idea is to make a user enter a passcode after an hour. Otherwise the Lightning Port can only be used for power,” said Strafach.
“Without a data connection, there’s no way to communicate with the data services running on the phone, so there’s no way to access any vulnerabilities on the phone,” he explained.
“Instead of trying to address individual vulnerabilities, Apple is addressing a whole class of vulnerabilities that need the data link to be exploited,” Strafach pointed out.
“That’s smart,” he said. “It’s taking a long-term outlook on vulnerabilities. Rather than squashing vulnerabilities as they come up, they’re taking a proactive approach and mitigating the method by which these vulnerabilities are exploited.”