Click to Skip Ad
Closing in...

How iOS 12 could make iPhones way more difficult to hack

Published Jun 5th, 2018 2:54PM EDT
iPhone hacks 2018 iOS 12 USB restricted
Image: Malwarebytes

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Apple has been engaging in a highly public game of cat-and-mouse with law enforcement and hacking companies ever since it started encrypting iPhones by default. With no “back door” possible into encryption without making it worthless, hacking companies have been coming up with increasingly creative ways to access locked devices, techniques that cost tens of thousands of dollars but provide law enforcement with a capability that they claim is vital to public security.

With the release of the first beta of iOS 12, it seems that Apple is taking a big step forwards in killing the most fruitful avenue of attack for hacking companies. The most well-known iPhone cracking device on the market, called GrayKey, is a simple-to-use box that cops plug into a locked iPhone through the Lightning port and brute-force guesses the passcode without needing codes to be manually entered. But in the latest version of iOS 12, the Lightning port will become worthless after the iPhone has been locked for just one hour, which dramatically shortens the window of time that cops have to unlock devices.

The new feature is called USB Restricted Mode, and it’s an option that appears to be coming to iPhones with iOS 12, which will likely see widespread release this fall. USB Restricted Mode prevents all data communications between an iPhone and a newly connected “accessory” — which is how the GrayKey shows up — after the iPhone has been locked for at least one hour.

Earlier versions of the USB restrictions had a time limit of one week rather than one hour, according to Motherboard, and the new limit could make life significantly harder for police departments. If they want to unlock suspect devices, they’ll need to plug them into a GrayKey within an hour of seizing them, which could mean deploying the GrayKey devices far more proactively with first responders, rather than keeping them in a lab. Given that the devices cost between $15,000 and $30,000, that could work out much more costly for law enforcement.

Of course, this isn’t likely to be the end for iPhone hacking. Every time Apple has instituted new security procedures, new workarounds have been found almost as fast. But cutting off access to the iPhone’s one data port means that hackers are more likely to need complex and tricky procedures that involve opening up the phone and attaching directly to internal components, which is a far reach from the plug-and-play ease that GrayKey offered.

Chris Mills
Chris Mills News Editor

Chris Mills has been a news editor and writer for over 15 years, starting at Future Publishing, Gawker Media, and then BGR. He studied at McGill University in Quebec, Canada.