Grab those updates: iOS 11.4.1 is out – and the USB is closed for business
Apple has released the latest version of its mobile operating system complete with its Fed-blocking option.
The iOS 11.4.1 upgrade is small by Apple standards – coming in at around 200MB – but it represents a big headache for the FBI and other organizations that want to gain access to someone else’s phone because it kills off the most common route to bypassing the device’s security.
The update includes a new feature called « USB Restricted Mode » that will disable a data connection from the iPhone’s charging/data port at the bottom of the device after one hour of being locked by default. Originally, Apple planned to have the restricted mode kick in after a week but last month changed its mind to reduce the time limit to an hour.
The accompanying explanation gives no indication of its real purpose: « Unlock iPhone to allow USB accessories to connect when it has been more than hour since your iPhone was locked, » it says underneath a sliding bar.
The new feature will not prevent the phone from being charged but if you want to transfer any data to or from the device, you will need to enter the phone’s passcode.
That data port is the main way that companies break into phones right now, with companies like Cellebrite and Grayshift selling boxes that will bypass the phone’s security and provide access to its innards.
The FBI famously paid Cellebrite over a million dollars to break a legal impasse between itself and Apple over the phone of San Bernardino shooter (it found nothing of value on the phone).
But it was Grayshift’s decision to mass produce a small box called Graykey and stick it on the market for $15,000 that forced Apple to shut down the entry point.
The restricted mode was put into a beta version of the latest update and has made it through to the final release, making it virtually impossible for law enforcement (or others) to gain access to someone’s phone before the USB port is shut down.
If however someone does get to a phone within that hour period, they can shove in a USB accessory and prevent it from going into restricted mode until they have a chance to attach a cracking box later on. It may be that cops are issued with cheap accessories to make this possible.
No doubt it’s only a matter of time before security companies either find a way to reactivate the port or devise a different system to access an iPhone – it is, after all, still software. But for now at least, iPhones are locked down.
Of course, this being Apple, there is no mention of the new feature in its release notes. And very little information about how it works. Instead, all you get to know about the new software on your phone is that it:
Apple also today released security updates for…
These fixes address various bugs, some of which can be exploited by webpages to execute malicious code on vulnerable devices. Get patching, Cupertino fans, by checking for software updates and installing them. ®
Sponsored: Minds Mastering Machines – Call for papers now open