Since filming in San Bernardino in 2014, Apple has been involved in law enforcement in a cat-and-mouse game. Authorities want access to evidence on iPhones of criminals, but Apple wants to protect all personal information of its customers alike. The latest installment in this saga has completely disabled Apple's Lightning port
Cellebrite & GrayKey
In February 2018, the Israeli company Cellebrite told its customers that it had a tool to unlock an existing iPhone. According to CNN, Cellebrite is the "FBI phone hacker", so this new tool had serious implications ̵
A few months later, Grayshift, a company run by long-time US intelligence contractors, has begun promoting a new tool called GrayKey that unlocks any iPhone. Law enforcement agencies could crack a GrayKey for the relatively low price of $ 15,000.
Bypassing the iOS Lockout System
Both tools take advantage of an unknown weakness of the iPhone's lock screen. Usually, when someone enters the wrong PIN or password on an iPhone, a counter is started. After six failed attempts, the phone prevents you from trying to enter a one-minute passcode. Seven failed attempts lock you in for five minutes, eight lock you out for another 15, and nine lock you out for an hour. After the tenth failed attempt, your phone will be completely deleted to protect your data.
This locking system protects your phone from brute force hacking attacks. For example, if you use a four-digit PIN, there are only 9,999 different possible combinations. If someone started with 0000 and walked all the way to 9999, they would eventually find their PIN and unlock your phone. But iOS's lockout system ensures that they only get 10 attempts – usually.
Somehow Cellebrite and GrayKey can bypass this locking system. These devices connect to the iPhone's Lightning port and execute brute force code cracking algorithms without starting the counter. This gives law enforcement as many options as they need to unlock an iPhone, and Apple has not been able to identify the loophole they use to bypass the counter.
Since Apple does not know exactly how these devices get past screen lock, they can not patch their software to prevent them from unlocking an iPhone – at least in the traditional sense. Starting with iOS 11.3, Apple will disable the Lightning port in certain situations to completely lock devices like GrayKey and Cellebrite. But this has some implications when it comes to charging your iPhone or using it with a computer.
With iOS 11.3, your iPhone will completely disable its own Lightning port The phone has not been unlocked in the past seven days. This means that if they sit in a proof room while the police are arranging a summons, they can not connect Cellebrite or GrayKey with it.
Starting with iOS 12, which will be released to the public this fall, Apple's USB Restricted Mode takes one step further. Now your iPhone will disable the Lightning port one hour after the last unlock. So, if your phone is sitting on your desk for 60 minutes, you can not connect anything until you open it again with your password, Touch ID, or Face ID.
Well, if law enforcement wants to break into iPhone with Cellebrite or GrayKey, they have to act fast. Even so, due to the nature of brute force hacking, it is highly unlikely that any of these tools will surpass the iOS 12 lock screen. Passwords would take days or weeks to hack with one of these devices, but now the window is only one hour. However, this does change some things with the way your iPhone will work in the future.
How This Affects You
Although it makes your iPhone more secure, the new USB Restricted Mode feature has some disadvantages. Once the feature is enabled, the iPhone's Lightning port ignores all data connections and only accepts power. But this only applies if the cable you are using is connected to a power source such as a charger so it will be difficult if your phone is connected to your computer.
After 60 minutes of unlocking, you will receive a "USB Accessory" notification when you connect your phone to a computer or other device that uses a USB data connection. Any activity attempted over USB is ignored – even if you've trusted the computer your phone is connected to. iTunes does not work, so you can not view or play music from your computer, and most importantly, you can not charge your iPhone with your computer.
To restore this function, you need to unlock your phone with Face ID, Touch ID or your password. If you keep your phone connected while you unlock it, the timer will not be restarted so it stays connected for an hour without unlocking the phone. Once you have disconnected, the timer will start again. So, if you try to reconnect the device an hour later, you'll need to unlock your iPhone again.
To be clear, headphones and accessories only work with power The USB-limited mode is activated. Although this all sounds complicated, you only need to unlock your iPhone if you find that it does not work with your computer. Note, however, that you can disable the feature as needed. 19659022] Do not Miss: The 4 Best Phones for Privacy & Security