ios 11.4.1 usb restricted mode loopholes

Monday’s release of the iOS 11.4.1 software update included the typical bug fixes but also the introduction of USB restricted Mode — Apple’s newest anti-hacking feature. This precaution was designed to keep a USB connection from downloading data through the Lightning port to crack the iPhone or iPad’s passcode, to the cheering of privacy activists.

That said, a team of security researchers at the Russian firm ElcomSoft, claim to have discovered a way of keeping USB Restricted Mode from kicking in altogether.

According to the digital forensics expert Oleg Afonin, this will only sidestep the measure if it hasn’t been engaged. To that end, the firm has found “no obvious way” to break USB Restricted Mode when it is already active.

iOS 11.4.1 Update: What Does USB Restricted Mode Do?

Tools like GrayKey, made it possible for law enforcement and malicious actors to unlock iPhones by siphoning data from the device’s Lightning port.

apple lightning port

Before USB Restricted Mode, iPhones and iPads would disable access to data via the Lightning port after seven days of the phone or tablet being inactive to limit the time someone could use crackers like GrayKey. This newly introduced security measure cut that time down to one hour.

With USB Restricted Mode switched on, devices that haven’t been unlocked for 60 minutes will only be able to charge using the Lightning Port. Trying to sync a playlist from a laptop or do anything else requiring access to data will result in a prompt for the passcode.

iOS 11.4.1 Update: What’s The Workaround?

Afonin claims to have discovered that this one-hour timer can be reset by simply plugging the iPhone or iPad into any Lightning to USB adapter. Apparently, even Apple’s $39 Lightning to USB 3 Camera Adapter can be used to pull this off. Afonin claims to be in the middle of testing a medley of other adapters to see if they are capable of the same thing.

apple usb lightning camera adapter
The Lightning to USB 3 Camera Adapter that Afonin claims keeps USB Restricted Mode from activating.

“What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory, one that has never been paired to the iPhone before,” he states in a blog post. “In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour.”

Of course, this loophole still requires a hacker or law enforcement official to have physical access to a device within an hour of it being unlocked. This makes it undoubtedly more secure than Apple’s former seven-day lockout, though not exactly foolproof, either.

While Apple did not immediately respond to a request for comment, it’s more than likely that this security flaw will be patched in software updates to come.