Researchers find loophole that extends USB Restricted Mode's hour-long timer

Tech News   |   07/10/2018 - 9:41am   |   by A.Rider   |   181
10. jul Researchers find loophole that extends USB Restricted Mode's hour-long timer

Just hours after Apple debuted USB Restricted Mode in its latest iOS 11.4.1 firmware, security researchers discovered an easy to implement workaround that prevents the feature from working as intended.

In testing for months, and released earlier today, USB Restricted Mode is Apple's answer to iPhone intrusion techniques that use third-party software to crack device passcodes. 

When enabled, the feature deactivates USB data processes, conducted through an iPhone's Lightning port, when the device remains locked for over an hour. After hitting the predetermined time limit, Lightning is only able to pass power through to iPhone for device charging.

The mechanism disrupts hacking techniques used by criminals, as well as tools like those marketed by digital forensics firm Grayshift, whose GrayKey iPhone unlocking box requires access to an operational USB port. 

According to security researchers at ElcomSoft, however, USB Restricted Mode's countdown timer resets when a Lightning accessory like Apple's Lightning to USB 3 Camera adapter is connected to a target iPhone, effectively defeating the security protocol. Even untrusted accessories, or those that have not previously interfaced with an iPhone, can be used to reset the counter. 

Read the full article at: AppleInsider

Related news:




Show discussion