14 DAY TRIAL // Apple rolled out a new iOS software update to finally introduce USB Restricted Mode and block iPhone hacking tools that can brute-force devices and bypass the locking system.
This new feature essentially works by limiting the functionality of the Lightning port if the device hasn’t been unlocked for more than an hour, thus making it impossible to connect USB devices that would be used for launching brute-force attacks. The port would only be used for charging, and users would then be prompted to enter the passcode to be able to unlock the device.
But according to Oleg Afonin of ElcomSoft, defeating this system is pretty simple because of a loophole in how it was implemented.
Connecting a USB accessory to the iPhone within the said hour resets the timer and basically gives a potential attacker the chance to gain more time to break the device.
Cheap way to reset the timer
While this is possible with a cheap accessory like Apple’s own Lightning to USB 3 Camera Adapter, there’s a chance that even untrusted USB accessories can be used to reset the timer.
“What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory, one that has never been paired to the iPhone before (well, in fact the accessories do not require pairing at all),” the researcher notes.
“In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour. Importantly, this only helps if the iPhone has still not entered USB Restricted Mode.”
Resetting the timer is no longer possible if USB Restricted Mode has already set a lock on the device, so the researcher notes that the loophole only exists within the first hour after the last unlock.
Most likely, this is a bug on Apple’s side, Afonin explains, and the company could fix it in a future update should it want to. In the meantime, users can address the loophole by simply disabling this feature on their iPhones.