Apple Releases tvOS 11.4.1 for Apple TV [Download]

Tuesday, 10 Jul, 2018

Elcomsoft is a company that makes forensic tools for governments and law enforcement, so it is in the company's interest to break this new lock.

Using USB accessories to defeat the data port lock also works in Apple's iOS 12 beta, Afonin said. The researchers have spotted that it can be compromised using Apple's native Lightning to USB 3 Camera adapter that is available at $39 (roughly Rs. 2,700). The dongle allows for pass-through power, which will stop the iOS device from running out of charge in transport. "In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour", Afonin writes in a blog post while explaining the loophole. Law enforcement could also tactically observe a suspect, waiting for them to unlock their phone at least once, before apprehending them.

But the same Elcomsoft says the workaround it discovered back in May still works on iOS 11.4.1.

However, if a cop gets to seize a locked iPhone until the next iOS update that brings fix to this flaw, they can potentially get around the USB Restricted Mode through a USB accessory. In order to let the accessory connect, you have to unlock the iPhone with a passcode, Touch ID, or Face ID. These bypass the usual restrictions on entering passcodes by attacking through the Lightning port.

A really interesting tidbit from the ElcomSoft report is that since iOS 11.4, Grayshift's boxes are already weakened significantly. Another user having similar issues claims that the iPhone was updated to iOS 11.4, charged to 100%, rebooted and left in standby for four hours. Normally, an iPhone will wipe the data it is carrying after ten incorrect attempts to guess the passcode. It could take up to 19 years. "The ability to postpone USB Restricted Mode by connecting the iPhone to an untrusted USB accessory is probably nothing more than an oversight", Afonin admits. The user maintains the only change to his device was the update to iOS 11.4.