There Is A Way To Get Around iOS 11.4.1 USB Restricted Mode
Now that Apple has iOS 11.4.1 out, it also has one of its most recent security updates out there. After having been tested via some previous beta releases, iOS 11.4.1’s new security feature makes its Lightning port incapable of transmitting or receiving data if the device has not been unlocked within the last hour.
This is aimed at thwarting law enforcement and bad actors who are using devices made by Grayshift, a company that provides boxes that brute force iOS passcodes.
Previously, such devices were able to connect to an iPhone or iPad’s Lightning port and simply brute force a passcode until access was gained. However, with iOS 11.4.1 installed, those devices would simply not be able to connect to an iPhone or an iPad unless it had been unlocked within the last hour. This adds a layer of protection, and one that law enforcement is not happy about. However, it seems that it may not have to stay miffed for too long because the new feature, known as USB Restricted Mode, may not be all it’s cracked up to be.
According to ElcomSoft, a simple USB accessory can be used to bypass this security measure. If a dongle, such as Apple’s Lightning to USB 3.0 Camera Adapter, is plugged into a device that has been unlocked within the last 60 minutes, the device’s Lightning port will continue to function even when that time limit has elapsed. It’s a potential oversight that could give law enforcement, and indeed anyone, a way into devices despite the work that Apple is clearly trying to do.
As the aforementioned adapter also has power passthrough, it’s feasible that people could simply plug it in, power a device at the same time and then transport it to a facility with the required Grayshift hardware in place.
Apple may take further steps to close this loophole; we will just have to wait and see whether an enhanced USB Restricted Mode pops up in a future beta release of iOS.