Apple’s iOS 11.4.1 update released yesterday would make it harder for certain USB devices used to empty iPhones (such as the Graybox ) to work. It is included in the menu as limiting USB accessories and ensures that a pin code is requested immediately when an iOS device is connected to a computer.
Well that should not be a problem for the devices in question, because they ‘gamble’ the PIN by simply trying all combinations. Apple’s new update, however, sets a limit of one hour on the device’s approach via USB and then the (correct) PIN must be entered to be able to do something except charging. This means that if your phone has not been opened for an hour with Face ID, fingerprint or PIN, your phone will not be cracked.
Just connect another cable
Apple says that this update is not meant to thwart detection services, but that it is an extra protection for people living in countries where they are not so well protected. Unfortunately for those people it appears that there is a very simple detour to prevent the USB restricted mode from going ‘on’: connecting any other lightning USB cable. That ensures that the timer comes to a standstill. As a party wanting to crack an iPhone, you can just buy a Lightning to USB3 cable from Apple yourself, attach it to a power bank and then you can transport the iPhone to where you want to do the nefarious act.
Balen, because that can not have been the intention of Apple. It is a big hole in a further fine extra security, because the researchers who found the leak were not only that big hole very positive about the security of iOS devices. Once USB restricted mode has been entered you will no longer be able to access it. The researchers tried everything from rebooting devices to repairing software via recovery mode. However, nothing caused the iOS devices to respond to any communication via the physical connection. So if Apple manages to close that huge gaping hole at the front, it is a very good protection against unintentional access.