Apple’s new hack prevention feature has already been “hacked” and it didn’t take much effort
Apple released an update to protect your phone from cops, but didn’t really test it, it seems.
Back in June, we told you about a new security fix Apple was working on that would severely curtail one of the ways law enforcement agencies have been using to break into an iPhone without access to a passcode. Now comes word the fix has already been cracked, just a day after Apple introduced the feature on a new software update.
According to BGR, Elcomsoft discovered a workaround to Apple’s “fix” in the newly released iOS 11.4.1 update. The fix involves using the new USB Restricted Mode in iOS to block data communications over the Lightning port an hour after the iPhone or iPad was last unlocked. This would make companies that break into iPhones via brute force (throwing every PIN combo possible at it) impossible. It explains,
We performed several tests, and can now confirm that USB Restricted Mode is maintained through reboots, and persists software restores via Recovery mode. In other words, we have found no obvious way to break USB Restricted Mode once it is already engaged.
But, wait, there’s more. And it isn’t good.
What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory, one that has never been paired to the iPhone before (well, in fact the accessories do not require pairing at all). In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour.
Granted, if the phone has already entered USB Restrictive Mode, the feature will work as intended, but it is surprising that such a glaring loophole in the system wasn’t discovered prior to the release of iOS 11.4.1.
Obviously, for anyone who values privacy, this is bad news. Nonetheless, it doesn’t come as a surprise. Whether it’s a law enforcement agency or an entity far more sinister, hacking smartphones is a practice that isn’t going to end anytime soon. This latest news means Apple will have to find another way to lock iPhones. Soon after, hackers will find a way around the “fix,” and the process will begin again.
What say you? Leave your comments below.
For more tech and mobile news, see:
- Apple’s iOS 11.4 update is probably draining your battery excessively
- Can Microsoft’s new Surface Go launching next month be an iPad killer?
- The world’s largest mobile phone factory is set to open in India and Samsung is footing the bill