Did Apple make it easier for your iPhone to get hacked?


Apple’s attempt to prevent hackers (and law enforcement) from cracking your iPhone may have a glaring flaw. Security researchers at ElcomSoft claim to have found a loophole in the new USB Restricted Mode, which rolled out Monday as part of iOS 11.4.1.

USB Restricted Mode is designed to thwart iPhone-cracking tools that work by connecting to the device’s Lightning port. It operates like this: if an iPhone or iPad is not unlocked after one hour, data access through the Lightning port will shut down.

Unfortunately, USB Restricted Mode doesn’t appear to be perfect; a $39 USB adapter can easily defeat it, according to ElcomSoft researcher Oleg Afonin.

“What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory, one that has never been paired to the iPhone before,” Afonin wrote in a Monday blog post.

More From PCmag

Most USB accessories, such as Apple’s Lightning-to-USB 3 Camera Adapter, can disable the countdown timer, he claims. However, the loophole has a limitation; it only works on iPhones or iPads that have yet to cross the one-hour threshold.

Even so, the vulnerability could give enough leeway for a hacker or law enforcement to crack an iPhone. People are constantly using their mobile devices throughout the day, Afonin notes. So it wouldn’t be hard for police officers to seize an iPhone when it’s been recently unlocked, and connect it to a Lightning adapter, preventing the USB Restricted Mode from fully activating, he says.

So far, Apple hasn’t commented on the reported vulnerability. But Afonin notes that the Lightning port’s communication protocol was designed to be open, not to stifle access between USB accessories.

Whether Apple can quickly patch the problem remains unclear. But Afonin offered a potential solution. “Theoretically, iOS could remember which devices were connected to the iPhone, and only allow those accessories to establish connectivity without requiring an unlock,” he wrote in his blog post.

For more information on the USB Restricted Mode and how to toggle it on or off, Apple has a guide here.

This article originally appeared on PCMag.com.


Like it? Share with your friends!

850
22142 shares, 850 points

What's Your Reaction?

Fake Fake
0
Fake
Epic Epic
0
Epic
Dislike
0
Dislike
Like Like
0
Like

Comments 0

Your email address will not be published. Required fields are marked *

Did Apple make it easier for your iPhone to get hacked?

MainStreet Econ

Join the MSE Community

reset password

Back to
MainStreet Econ
Choose A Format
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Poll
Voting to make decisions or determine opinions
Story
Formatted Text with Embeds and Visuals
List
The Classic Internet Listicles
Open List
Open List
Ranked List
Ranked List
Video
Youtube, Vimeo or Vine Embeds
Image
Photo or GIF
Gif
GIF format

Send this to a friend