Apple just announced the launch of iOS 11.4.1 this morning along with “USB Restricted Mode” that will make act as a defense mechanism against the USB port-based passcode cracking tools such as GrayKey that law enforcement agencies have been using since some time. This will prevent law enforcement officials and anyone else to get hands on the data stored on the iPhone of a user if they manage to seize the smartphone. As part of the software defense, the mode renders the iPhone accessible to any third-party software if the screen has not been locked in past one hour.
But it looks like there is a workaround this new security mechanism. According to a report by The Verge, researchers at ElcomSoft, a cybersecurity firm discovered that a loophole allows anyone to reset the one-hour counter if anyone who wants to try and unlock the passcode plugs a USB accessory in the lightning port of the iPhone. It does not matter if that accessory has ever been connected to the iPhone in the past. Researchers pointed out that the iPhone maintains the USB Restricted Mode “through reboots” and software restores done using the Recovery mode which means that there is no other way to break the defense.
Watch: Apple iOS 12 features
Though it seems that iOS will reset the countdown timer for USB Restrictive Mode if anyone connects “an untrusted USB accessory” to the iPhone. This means that law enforcement can use GrayKey tool to attempt to unlock the device if anyone immediately connects an iPhone compatible USB accessory in the port to stop the system from invoking the USB Restricted Mode lock.
This only works if the USB Restricted Mode has not been triggered. The interesting thing to note here is that law enforcement can use the Lightning to USB 3 Camera adapter that Apple sells on its website for $39. Researchers noted that the Lightning to 3.5mm adapter does not work. They are currently “in the process of testing other adapters” to see what all can be used to make use of this loophole.
However, the researchers noted that this is not a serious issue and it is “probably nothing more than an oversight.” This means that Apple may be able to tweak the behavior of the software defense in the future to fix this loophole.