Apple’s USB Restricted Mode vs law enforcement

The new rumors are spreading around that after skipping the iOS 11.3 and 11.4 releases Apple is actually going to include the USB Restriction Mode feature into the final iOS 12 version in September. The company has tried this anti-data-theft mode in iOS 11.3 Beta version, but it never ended up as a default thing in the following final versions.  This time it seems that Apple shows much effort to make this truly happen and protect the users with even more secure version.

Apple's new updates in security

Back in the early May 2018, The reported that Apple secretly implemented their USB Restricted mode that they have been talking about for quite a while, to protect iPhone users from tools like GrayKey and Cellebrite, which are used mostly by law enforcement to collect the phone’s encrypted data.

Soon the new security measure became a true headache for law enforcement departments that purchased GrayKey unlocking tool to collect the evidence. The iPhone’s system would start counting time from the last passcode or biometrics entered on the phone, and if it hasn’t been entered for 7 days (168 hours) then the phone would block the Lightning USB port completely until the owner would enter the correct passcode or fingerprint.

This iOS 11.3 beta release caused a lot of negative talks amongst the police investigators who with the help of above-mentioned unlocking software would use the gathered iPhone data in courts and etc. Basically with iOS 11.3 agents would have only 7 days at the best to get into the phone to find what they need or else they would have to ask the owner for a passcode which can’t be the easiest thing to do, especially if it’s a criminal’s device.

Luckily for them, the past recent final iPhone versions didn’t have this USB Restricted Mode, but that might end very soon with the iOS 12 because Apple was noticed testing even more advanced locker that would need the sign in every HOUR. This makes impossible for the police to access the iPhones without the permission. 

Ryan Duff, a Director of Cyber Solutions at Point3 Security, said:

That pretty much kills [GrayShift’s product] GrayKey and Cellebrite. I think it’s clear they want to include it but are just trying to figure out what the implications of it will be and are obviously taking their time to get it right. It’s a pretty radical security change and I’m sure they want to make sure it’s the right move to make before pushing it. They definitely don’t want the scandal of removing a security feature because of something they didn’t anticipate.

It’s obvious that Apple cares about their user’s privacy and security, but in this case, the new update is pretty ambiguous. On the other hand, this wouldn’t be the first Apple’s opposing views with the law enforcement, eg. San Bernardino case or E-book price fixing case.

This is how the settings will look in the new Apple’s iOS 12 release:

Apple's settings security

However, this feature shouldn’t disrupt the charging and other connections with the trusted devices like computers or tablets which will only ask for a code once, but not every hour. Apple is planning to make USB Restricted Mode not optional but default.


Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Security Guides

Recent Comments