iOS 11.4 Disables Lightning Connector After 7 Days, Limiting Law Enforcement Access

iphonexlockedThe iOS 11.4 update, currently being beta tested, includes a USB Restricted Mode that introduces a week-long expiration date on access to the Lightning port on your iOS devices if your phone hasn't been unlocked, which has implications for law enforcement tools like the GrayKey box.

USB Restricted Mode was outlined this morning by Elcomsoft after testing confirmed that the feature has indeed been enabled. In Elcomsoft's experience, after an iPhone or iPad has been updated to iOS 11.4, if it hasn't been unlocked or connected to a paired computer in the last 7 days using a passcode, the Lightning port is useless for data access and limited to charging.

At this point, it is still unclear whether the USB port is blocked if the device has not been unlocked with a passcode for 7 consecutive days; if the device has not been unlocked at all (password or biometrics); or if the device has not been unlocked or connected to a trusted USB device or computer.

In our test, we were able to confirm the USB lock after the device has been left idle for 7 days. During this period, we have not tried to unlock the device with Touch ID or connect it to a paired USB device. What we do know, however, is that after the 7 days the Lightning port is only good for charging.

With a time limit on the Lightning port, it seems law enforcement officials and bad actors who have physical access to a device will have one week from the time that it was last unlocked to attempt to access it through unlocking tools like the GrayKey, which uses the Lightning port to install software to crack the passcode of an iOS device.

USB Restricted Mode won't prevent tools like the GrayKey box from being used on an iPhone, but it does suggest that the passcode needs to be discovered within a matter of days, severely limiting the amount of time that law enforcement officials have to get into a device.

In developer documentation, Apple says the new mode is meant to bolster security on the iPhone and iPad: "To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via Lightning connector to the device while unlocked - or enter your device passcode while connected - at least once a week."

Apple is pairing the new USB Restricted Mode with several other security features that have been introduced through iOS 11 updates. Early iOS 11 updates introduced expiration dates for local backup techniques used to access iOS devices, while iOS 11.3 introduced further limits, cutting down access to just one week.

graykey1

GrayKey iPhone unlocking box, via MalwareBytes

Companies like GrayShift that provide iPhone unlocking tools to law enforcement agencies keep their methods highly secretive to prevent Apple from discovering and patching the exploits being used for access, but USB Restricted Mode and restricted access to local backups introduce clever mitigations that allow Apple to limit these tools even if the specific vulnerabilities haven't yet been addressed.

USB Restricted Mode was actually first introduced in the iOS 11.3 beta, but it didn't make it into the iOS 11.3 release, so its presence in the iOS 11.4 beta does not guarantee that it will be included when iOS 11.4 launches to the public.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

MLVC Avatar
39 months ago
Nice! Now would be even nicer if it was shorter then 7 days. 1 day is fine with me. A couple of hours would be fine with me too.
Score: 116 Votes (Like | Disagree)
thisisnotmyname Avatar
39 months ago
why wait a week? Why not daily?
Score: 38 Votes (Like | Disagree)
IGI2 Avatar
39 months ago
Nice! Now would be even nicer if it was shorter then 7 days. 1 day is fine with me. A couple of hours would be fine with me too.
An opt-in option to enter the passcode (Face ID or Touch ID) every time you connect the iPhone to Mac or PC would be nice as well.
Score: 36 Votes (Like | Disagree)
wolfshades Avatar
39 months ago
Now THAT is a genius solution, especially as it cuts off those who diligently attempt to update/create more bypasses at the advent of each new OS iteration. Well done, Apple!
Score: 35 Votes (Like | Disagree)
Nozuka Avatar
39 months ago
Why are they waiting 7 days?
Score: 31 Votes (Like | Disagree)
StevieD100 Avatar
39 months ago
Please Apple, impliment this but make the delay user configurable with a max and a default of say 7 days.
I'd set mine to 2 hours...
And no, I don't have anything to hide apart from my life.
Then go one step further and allow the device to initiate a security erase in the background if attempts are made to unlock it via USB.
Yes, shades of mission impossible but TBH, I want snooping on my phone to be a 'mission impossible'.
Score: 31 Votes (Like | Disagree)

Top Stories

apple watch ecg

Apple Watch Likely to Gain Blood Pressure, Blood Glucose, and Blood Alcohol Monitoring

Monday May 3, 2021 4:03 am PDT by
The Apple Watch may gain the ability to measure blood pressure, blood glucose, and blood alcohol levels, according to newly-revealed information about one of Apple's chosen business partners. Apple has been revealed to be the largest customer of the British electronics start-up Rockley Photonics, The Telegraph reports. Rockley Photonics has developed non-invasive optical sensors for...
tile sticker e1570533758981

Tile CEO: 'We Welcome Competition From Apple, But We Think It Needs to Be Fair'

Tuesday May 4, 2021 9:51 am PDT by
Just after Apple announced its AirTags, Tile CEO CJ Prober relayed his concerns about competing with Apple in the tracking space, and said that Tile would ask Congress to investigate Apple's business practices specific to Find My and item trackers. Prober this week did an interview with Bloomberg, where he further expanded on Tile's complaints about Apple and why he feels that Tile is...
facebook instargram updated att prompt 1

Facebook and Instagram Ask Users to Enable App Tracking in Order to Keep Services 'Free of Charge'

Sunday May 2, 2021 1:22 pm PDT by
As a way to convince users to enable tracking across other apps and websites, Facebook is deploying the tactic of telling users that they must enable tracking as part of the App Tracking Transparency framework in iOS 14.5 if they want to help keep Facebook and Instagram "free of charge." App Tracking Transparency or ATT is the newest privacy feature to come to iPhone and iPad devices as part ...
fortnite apple logo 2

Epic CEO Tim Sweeney Admits App Store's 30% Cut Is Similar to Consoles, Would Have Accepted Special Deal With Apple

Tuesday May 4, 2021 1:54 pm PDT by
Apple's legal battle with Epic Games is continuing on, and during the second day of the trial, Epic Games' CEO Tim Sweeney continued his testimony against Apple. Sweeney was grilled by Apple's lawyers, and made several points seemingly favorable to Apple. In addition to mentioning how he prefers Apple's iPhone and values Apple's privacy policies that he's aiming to dismantle, Sweeney...
Flat 2021 MacBook Pro Mockup Feature 1

Mini-LED Display Production Improving for Redesigned MacBook Pro Models Later This Year

Monday May 3, 2021 8:33 am PDT by
Apple supplier TSMT, a key vendor involved in the production of mini-LED displays in the newly announced 12.9-inch iPad Pro, has been able to address technical challenges for the production of mini-LED displays to be used in the upcoming 14 and 16-inch redesigned MacBook Pro models. As reported by DigiTimes, TSMT had initially been facing production constraints with the circuit board and...
signal instagram ads3

Signal Shares the Instagram Ads Facebook Doesn't Want You to See

Wednesday May 5, 2021 1:29 am PDT by
Encrypted messaging app Signal has had a series of Instagram ads blocked from the social media platform, after it attempted to show users how much data the Facebook-owned company collects about them and how it's used to push targeted ads. In a blog post, Signal described how it generated the ads to show users why they were seeing them, simply by declaring upfront the information that the...
Foldable iPhone 2023 Feature Yellow

Kuo: Apple to Launch 8-Inch Foldable iPhone in 2023

Sunday May 2, 2021 8:43 pm PDT by
Apple is working to launch a foldable iPhone with an 8-inch QHD+ flexible OLED display in 2023, Apple analyst Ming-Chi Kuo said today in a note to investors that was seen by MacRumors. Based on our latest industry survey, we forecast that Apple will likely launch a foldable iPhone with an 8-inch QHD+ flexible OLED display in 2023, with SDC as the exclusive display supplier and Samsung Foundry...
iOS 14 on iPhone feature emergency

Apple Releases iOS and iPadOS 14.5.1 With Fixes for App Tracking Transparency Bug, WebKit Security Issues

Monday May 3, 2021 10:04 am PDT by
Apple today released iOS and iPadOS 14.5.1, minor security updates that come just a week after the release of the iOS 14.5 update. There is also a companion watchOS 7.4.1 update for Apple Watch and an iOS 12.5.3 update for older iPhone and iPad devices that don't support Apple's latest operating system versions. According to Apple's release notes, the update fixes a bug with App Tracking...
airtags teardown tile mat galaxy smarttag

iFixit Shares AirTag Teardown Revealing 'Impressively Compact' Design Compared to Tile Mate and Galaxy SmartTag

Sunday May 2, 2021 4:54 am PDT by
iFixit has shared the first of its two-part series in tearing down Apple's AirTag item tracker, revealing that Apple had to make impressive design decisions to achieve its small design, including rethinking the speaker layout. For comparison, iFixit compared Apple's AirTag to the Tile Mate and the Samsung Galaxy SmartTag. Compared to the competition, AirTag is the smallest in size, with the...
maxresdefault

Hands-On With Brydge's 12.9-Inch iPad Pro Keyboard With Trackpad

Tuesday May 4, 2021 11:48 am PDT by
Brydge has been making keyboards for Apple's iPads for years now, and the newest model, the Brydge 12.9 MAX+, is compatible with the third, fourth, and fifth-generation iPad Pro models, so it works even with the new mini-LED iPad Pro. Subscribe to the MacRumors YouTube channel for more videos. In our latest YouTube video, we checked out the new Brydge 12.9 MAX+ to see if it's a viable...