Apple will throw forensics cops off the iPhone Lightning port every hour

Cops unlikely to be the only grumblers

Apple isn't backing down from a move to lock down the iPhone’s data port to increase security for users, even though it means thwarting some of the password-cracking tools used by forensics experts.

In the latest beta versions of iOS, Apple includes a feature called USB Restricted Mode, which disables the data connection of the iPhone’s Lightning port after a given time, while allowing it to continue to charge the device. Further data access would require the user's passcode.

Initially, Restricted Mode required a passcode after one week. But Apple confirmed yesterday that a plugged-in iPhone will require a passcode every hour for the data transfers to continue.

That’s bad news for unlocking tools used to crack open iPhones such as Cellebrite and Grayshift’s Graykey, the latter a newcomer that has attracted some attention this year.

Graykey is a small (4"x4"x2") box sold to law enforcement forensics teams which breaks an iPhone's passcode. The company charges $15,000 for 300 uses or $30,000 for unlimited use. An analysis was undertaken by Malwarebytes in March that suggested it took advantage of undisclosed flaws in iOS.

Since cracking the six-digit passcode may take up to 22 hours (or longer for a passphrase), then brute-force methods used by the cracking tools are likely to cease to work.

A legal standoff followed the 2015 San Bernardino shooting, sparking a debate about whether Apple should install backdoors for forensics teams to access data on iPhone quickly –in this case, specifically on the iPhone of the shooter, who killed 14 people in the attack. A judge decreed it should, but Apple CEO Tim Cook refused, with the firm saying the nation's "founders would be appalled". The FBI eventually paid hackers for information (or services) to successfully crack the shooter's iPhone.

The "USB restricted mode" appeared in the iOS 11.4.1 and iOS 12 betas in which it is turned on by default – but it can be manually turned off in settings.

Law enforcement and security teams are unlikely to be the only people affected. iPhone peripherals have industrial and medical uses - and DJs had better not wander too far from the decks. ®




Biting the hand that feeds IT © 1998–2018