iOS 12 Features Restricted USB Mode To Kill Brute Force Police Unlocking Tools
Have you ever seen a pair of deer that are locked in horns with one another from butting heads in battle? That pretty much depicts Apple and the Federal Bureau of Investigation in the ongoing fight over encryption, and whether the FBI should be granted backdoor access into devices. Apple has persistently contended such a thing would be a security risk, and in a move that will up the ante in the dispute, it's baking a mechanism into iOS 12 that will make it more difficult for the FBI and police agencies to crack confiscated iPhone devices.
The feature is called USB Restricted Mode. What it does is force the use of a passcode whenever an iPhone running iOS 12 is connected to a USB accessory and has not been unlocked for an hour or more. The reason this might increase tensions with law enforcement agencies is because they use USB-based unlocking devices made by companies such as Cellebrite and GrayShift to hack into iPhone devices.
"That pretty much kills [GrayShift’s product] GrayKey and Cellebrite," Ryan Duff, a security researcher and director of Cyber Solutions at Point3 Security, told Motherboard. "If it actually does what it says and doesn't let ANY type of data connection happen until it's unlocked, then yes. You can’t exploit the device if you can't communicate with it."
It's basically the latest move in a cat-and-mouse game between companies like Apple that are interested in user privacy at all costs, and various law enforcement agencies that are willing to risk user privacy for the sake of locking away bad guys/gals and investigating crimes. There's really very little middle ground to be had, unfortunately, as even building a backdoor specifically for the FBI and police departments compromises the overall security of iOS products.
What's also interesting to note is the tight time limit of just one hour. Earlier tests had the time limit at one week, which would give law enforcement agencies ample time to hack into a seized iPhone before the USB locking mechanism would engage. But at just one hour, police would pretty much have to connect a confiscated iPhone to an unlocking device almost immediately, and hope that the owner/user had unlocked it recently.
"It's a pretty radical security change and I'm sure they want to make sure it's the right move to make before pushing it. They definitely don't want the scandal of removing a security feature because of something they didn't anticipate," Duff said in regards to the new mechanism.
Whether the feature actually gets implemented in iOS 12 remains to be seen. Assuming the FBI is privy to Apple's testing, it is undoubtedly encouraging the company to rethink the idea, or at the very least to widen the window well beyond one hour.