Apple is implementing a new feature dubbed USB Restricted Mode to improve the security of its device, it is going to lock down the iPhone’s data port to avoid unauthorized access, but experts observed that in this way password-cracking tools used by forensics experts will be no more effective.
The USB Restricted Mode was implemented in the latest beta versions of the iOS operating system, it disables the data connection of the iPhone’s Lightning port after a specific interval of time but it doesn’t interrupt the charging process.
Any other data transfer would require the user providing the passcode.
Initially, the USB Restricted Mode required a passcode after 7 days.
“The USB Restricted Mode was implemented in the latest beta versions of the iOS operating system, it disables the data connection of the iPhone’s Lightning port after a specific interval of time but it doesn’t interrupt the charging process.” reads a blog post published by ElcomSoft.
Last week Apple provided an update on the new feature confirming that it will require a passcode every hour for the data transfers to continue.
“Apple said it was planning an iPhone software update that would effectively disable the phone’s charging and data port — the opening where users plug in headphones, power cables and adapters — an hour after the phone is locked.” reported the New York Times.
“While a phone can still be charged, a person would first need to enter the phone’s password to transfer data to or from the device using the port.”
Bruteforcing attacks against the six-digit passcode that protect Apple devices may be a time-consuming operation, it can take up to 22 hours to crack the device.
The USB restricted mode that is enabled by default in the iOS 11.4.1 and iOS 12 betas will interfere with forensics tools.
Anyway, the new feature can be manually disabled.
Experts highlighted that the new feature will also impact the vendors of iPhone peripherals.
(Security Affairs – Apple, USB restricted mode)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.