Back when Apple first revealed that it would be implementing USB Restricted Mode in iOS, the company caught some backlash from US authorities. Apple was accused of aiding criminals, but the company stood firm. However, it turns out that there was an oversight in security, meaning that USB Restricted Mode can be bypassed by a simple accessory that Apple sells itself.
Security researchers at ElcomSoft discovered the security hole, which can be found in iOS 11.4.1. Once an iPhone has been locked, a countdown begins before USB Restricted Mode activates. This countdown can be reset by simply plugging in Apple’s Lightning to USB 3.0 adaptor. The device can then be accessed once again through USB.
The research team isn’t sure if third-party adaptors have a similar effect, but this same method can’t be achieved with Apple’s Lightning to 3.5mm adaptor. This appears to be an oversight on Apple’s part, which would allow authorities to gain access to iPhones by resetting USB Restricted Mode.
Apple hasn’t commented yet, but we can assume that a patch will be landing soon.
KitGuru Says: At least now Apple know about this issue and can issue a quick patch. Do you still think that USB Restricted Mode is a good idea?