iOS 11.4 Will Prevent Access Via Lightning Port After 7 Days Of Inactivity To Combat USB Cracking Devices
If you’re worried about someone gaining access to your iOS device, then you might be pleased to learn that as of iOS 11.4, there will be a new security feature that will restrict access to the device via a USB connection if your device has not been unlocked for seven days or more.
This appears to be a direct attempt by Apple to thwart law enforcement tools such as the GrayKey box.
The news comes after Elcomsoft confirmed that the USB Restricted Mode has indeed been enabled as of the latest iOS 11.4 betas, something that had been suggested for a little while now.
According to their findings, after an iPhone or iPad has been updated to iOS 11.4, it will essentially render its Lightning port useless if it has not been unlocked for a week or more via its passcode. While the Lightning port will charge the device, no data connection will be available.
At this point, it is still unclear whether the USB port is blocked if the device has not been unlocked with a passcode for 7 consecutive days; if the device has not been unlocked at all (password or biometrics); or if the device has not been unlocked or connected to a trusted USB device or computer.
In our test, we were able to confirm the USB lock after the device has been left idle for 7 days. During this period, we have not tried to unlock the device with Touch ID or connect it to a paired USB device. What we do know, however, is that after the 7 days the Lightning port is only good for charging.
With iOS 11.4 installed, law enforcement, or indeed anyone else with physical access to a device will have a week in order to try and brute force hack it. This will directly impact GrayKey, which uses the Lightning port to install software used for cracking an iPhone or iPad’s passcode. Apple says that the move is indeed one geared toward security.
To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via Lightning connector to the device while unlocked – or enter your device passcode while connected – at least once a week.
While that one-week window may be enough for some to still gain access to a device, it’s a much smaller window than what is essentially no window at all and that’s always an improvement in our book.