[ad_1]
Less than a day after Apple officially added a USB-restricted mode to iOS for iPhone and iPad, ElcomSoft security researchers have detailed a simple workaround that can be used by law enforcement personnel to mitigate the functionality. The workaround requires a Lightning connector accessory, such as Apple's 39 Lightning to USB 3 adapter, but should also work with many other Lightning accessories.
Restricted USB mode was added to iOS 11.4.1 and iOS 12 after beta testing under iOS 11.4. This feature is designed to lock the Lightning port of an iPhone or iPad after an hour of inactivity, which prevents the port from being used for other purposes than the basic recharge until you enter a new pbadword. Apple claims to have added the USB Restricted mode to iOS to increase device security against a known hacker, which has been used by law enforcement agencies to extract suspicious phone content without their permission
. Restricted USB mode generally works exactly as expected: Even if the device is rebooted or the software is restored, the lock persists. However, if the device is connected to a Lightning accessory – including a device that has never been connected before – the countdown of one hour to launch the restricted USB mode will be reset. As a result, the Lightning port can be kept accessible for one hour after the initial capture point by connecting a Lightning accessory.
The flaw apparently does not work with all Lightning accessories, especially with the $ 9 Lightning from Apple to 3.5. mm adapter, which is included with some iPhones. In addition, if the Lightning accessory does not include a power port, there is no way to keep the device powered during transport.
But with a power transfer accessory, the police or other hackers have fairly simple ways to access an iOS 11.4.1 device seized. They can connect the Lightning accessory, attach an external battery for power, place everything in a Faraday bag so that the phone can not be reached wirelessly, and then carry it to the location of 39, a Cellebrite or Grayshift hacking solution.
ElcomSoft that Apple could update a future version of iOS to "remember devices connected to the iPhone, and allow only these accessories to establish connectivity without requiring any unlocking ", but does not see any other practical ways to enhance the restricted USB mode, given the design of existing Lightning accessories. On the other hand, the researchers note that Grayshift is already able to outsmart the USB restricted mode by other means, although this is not confirmed at this stage. The story suggests that the back and forth between Apple and the hackers will continue until one of the two gives up – and given the stakes and the money on the hacking side, it is unlikely that this will be the case soon.
Source link
