Apple emits iPhone cop-block update – plus iOS, macOS, Safari patches
Grab those updates, including iOS 11.4.1 which may close off USB to prying Feds
Apple has released the latest version of its mobile operating system complete with its Fed-blocking option.
The iOS 11.4.1 upgrade is small by Apple standards – coming in at around 200MB – but it represents a big headache for the FBI and other organizations that want to gain access to someone else's phone because it kills off the most common route to bypassing the device's security.
The update includes a new feature called "USB Restricted Mode" that will disable a data connection from the iPhone's charging/data port at the bottom of the device after one hour of being locked by default. Originally, Apple planned to have the restricted mode kick in after a week but last month changed its mind to reduce the time limit to an hour.
The accompanying explanation gives no indication of its real purpose: "Unlock iPhone to allow USB accessories to connect when it has been more than hour since your iPhone was locked," it says underneath a sliding bar.
The new feature will not prevent the phone from being charged, but if you want to unlock or transfer any data to or from the device, you will need to enter the phone's passcode on the touchscreen.
Essentially, after one hour of non-use, an iOS 11.4.1 handheld will not talk to any device plugged into its charging port – other than to receive power to charge its battery – until a valid passcode is entered via the screen.
That data port is the main way the Feds and cops break into locked phones right now, with companies like Cellebrite and Grayshift selling boxes that will bypass the phone's security and provide access to its innards. With the data port shut off after an hour, connected boxes to force unlock the phone will not work – at least in theory.
The FBI apparently paid someone over a million dollars to break a legal impasse between itself and Apple over the phone of San Bernardino shooter (it found nothing of value on the phone). It's speculated Cellebrite was involved somehow.
Apple will throw forensics cops off the iPhone Lightning port every hourREAD MORE
However, it was Grayshift's decision to mass produce a small box called Graykey and stick it on the market for $15,000 that forced Apple to shut down the entry point.
The restricted mode was put into a beta version of the latest update and has made it through to the final release, making it virtually impossible for law enforcement (or others) to gain access to someone's phone before the USB port is shut down.
If however someone does get to a phone within that hour period, they can shove in a USB accessory and prevent the smartphone from going into restricted mode until they have a chance to attach a cracking box later on. It may be that cops are issued with cheap accessories to make this possible.
No doubt it's only a matter of time before security companies either find a way to reactivate the port or devise a different system to access an iPhone – it is, after all, still software. But for now at least, iPhones, with this update, are locked down.
Of course, this being Apple, there is no mention of the new feature in its release notes. And very little information about how it works. Instead, all you get to know about the new software on your phone is that it:
- Fixes an issue that prevented some users from viewing the last known location of their AirPods in Find My iPhone
- Improves reliability of syncing mail, contacts and notes with Exchange accounts
Apple also today released security updates for...
- iTunes for Windows
- iCloud for Windows
- macOS High Sierra, Sierra, and El Capitan
These fixes address various bugs, some of which can be exploited by webpages to execute malicious code on vulnerable devices. Get patching, Cupertino fans, by checking for software updates and installing them. ®
Sponsored: Becoming a Pragmatic Security Leader