IOS 11.4.1 USB Restricted Mode Not As Secure As It Looks
“Ahhh!” you think to yourself. “Apple finally made it impossible for the police to see what’s on my confiscated iPhone.”
Not really.
Apple today ditched iOS 11.4.1, which you should definitely install with the big caveat that iOS 11.4, if you haven’t updated yet, could cause unexpected battery problems on your device. The big change in this relatively small update is the inclusion of Apple’s new USB Restricted mode, which supposedly makes it much more difficult for someone to jailbreak your device or use any other sneaky exploit deployed via an iPhone. or Lightning port on iPad to bypass your device password.
USB Restricted Mode is enabled by default after installing iOS 11.4.1, although Apple has complicated the wording a bit. If you open the Settings app, tap Touch ID or (Face ID) and passcode, authenticate, scroll down and find the USB Accessories option, it’s disabled. But this is what you want. This means that your iPhone or iPad will not allow USB devices to connect after your device has been locked for an hour.
Turn it on and you turn off USB Restricted Mode – any physically connected USB devices will be able to access your phone. So, when you are stopped and arrested, the police can hack into your device using their unusual tools . Or rather, as Apple claims, USB Restricted Mode gives you more protection from hackers and the like, because that was the reason the feature was created. Mm-hmm .
Apple’s support page notes that you may need to unlock your iPhone or iPad for the connected USB accessory to work. This includes the accessories that power your iPhone or iPad:
Starting with iOS 11.4.1, if you use USB accessories with your iPhone, iPad, or iPod touch, or if you connect your device to a Mac or PC, you may need to unlock your device for it to recognize and use the accessory. Your accessory will remain connected even if your device is subsequently locked.
Unless you first unlock your password-protected iOS device, or unlock it and plug it into a USB accessory within the last hour, your iOS device will not communicate with the accessory or computer, and in some cases, it may not charge. You may also see a warning asking you to unlock your device in order to use the accessories.
What Apple hasn’t mentioned – and we’re wondering if iOS 11.4.2 will be released soon to fix this – is that apparently it’s not that hard to bypass USB restriction mode in some cases. If it is enabled on the device and the hour has expired, a third party will not be able to connect some magic device and jailbreak your iPhone or iPad. However, if someone confiscates your device and plugs in suitable USB accessories, they can really prevent this hourly countdown.
As Oleg Afonin from Elcomsoft describes :
We found that iOS resets the USB Restrictive Mode countdown timer even if you connect your iPhone to an unreliable USB accessory that has never been paired with an iPhone before (well, in fact, accessories don’t need to be paired at all). In other words, once a police officer confiscates an iPhone, he or she will need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode from being blocked after one hour. It’s important to note that this only helps if the iPhone hasn’t entered USB Restricted Mode yet.
Our advice? If you are not up to anything good and are about to get caught, try thinking about amore creative approach to hiding the contents of your smartphone. Or better yet,don’t use your new iPhone X to run a crime syndicate.