NEWS
The Anti-hacking Security Apple Built into iOS 11.4.1 Can Be ‘Cracked’
4010
2018-07-12
Posted by 3uTools

iOS 12 may be the hottest iPhone operating system you can run right now, but that's still in beta. If you want finalized software, iOS 11.4.1 is the one you need, which Apple made available earlier this week.


In addition to the expected fixes and improvements, iOS 11.4.1 brings over a feature that's called USB Restricted Mode, whose purpose is to prevent those iPhone hacking machines that law enforcement is using to bypass the screen lock from hacking iOS devices. It turns out Apple’s hack fix was already cracked.


The Anti-hacking Security Apple Built into iOS 11.4.1 Can Be ‘Cracked’


"Cracked” is perhaps a too generous term as Elcomsoft, the company who made the discovery, didn't attempt any actual hacks. Instead, it just discovered a workaround that would make it easier to police to hack an iPhone seized during an investigation well after the first hour.


What USB Restricted Mode does is to block data communications over the Lightning port an hour after the iPhone or iPad was last unlocked. Apple’s trick should prevent gadgets like Grayshift from brute-forcing the screen lock — guessing the right combination by trying every possible PIN:


We performed several tests, and can now confirm that USB Restricted Mode is maintained through reboots, and persists software restores via Recovery mode. In other words, we have found no obvious way to break USB Restricted Mode once it is already engaged.


But the same Elcomsoft says the workaround it discovered back in May still works on iOS 11.4.1. All police need to do to prevent USB Restricted Mode is to have a Lightning accessory at hand:


What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory, one that has never been paired to the iPhone before (well, in fact the accessories do not require pairing at all). In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour. Importantly, this only helps if the iPhone has still not entered USB Restricted Mode.


Of course, this only works if the device hadn't entered in USB Restricted Mode by the time the police obtained it.


Source: bgr

Related Articles
macOS High Sierra 10.13.2 Beta 4 Now Available Alibaba Pandora Lab Jailbreaks iOS 11.2 Successfully Apple Releases macOS Catalina With Find My, Screen Time, and No More iTunes Rumor: Apple Blocks Activation on iOS 9.0-9.3.5 Firmware Apple Still Signing iOS 11.3 Beta 5/6, Downgrade to It to Jailbreak Your iPhone iCloud Bypass Bug Discovered in iOS 11 How to Download Apple’s Official iOS IPSW with One Simple Step? iOS 10.3 Jailbreak / iOS 10.3.1 Jailbreak