Despite Apple’s best efforts to keep iOS secure, security and research companies have consistently been able to come up with ways to work around many of the more advanced security measures Apple incorporates into iOS. Earlier this year, for example, a company called Cellebrite claimed to have a solution capable of unlocking any iPhone running any variant of iOS, including an iPhone X running iOS 11.
More recently, you might recall seeing word of a iPhone hacking machine dubbed GrayKey capable of accessing locked iPhones secured by a passcode. Hardly a surprise, the machine — which is said to sell for $15,000 — has proven to be quite popular with law enforcement agencies across the country.
In light of all that, the most recent beta of iOS 11.4 features a USB Restricted Mode which will seemingly make it it much more challenging for security companies to access and harvest data from locked iOS devices. According to a report from Elcomsoft, if a device running Apple’s latest iOS has gone more than 7 days without being unlocked, the Lightning port can only be used for charging, which is to say data transfer will not be possible.
In other words, law enforcement will have at most 7 days from the time the device was last unlocked to perform the extraction using any known forensic techniques, be it logical acquisition or passcode recovery via GreyKey or other services . Even the 7 days are not a given, since the exact date and time the device was last unlocked may not be known.
…
Apparently, iOS stores information about the date and time the device was last unlocked or had a data connection to a USB port. After the seven days elapse, the Lightning port will be disabled. Once this happens, you will no longer be able to pair the device to a computer or USB accessory, or use an existing lockdown record, without unlocking the device with a passcode. The only thing you’ll be able to do is charging.
While this development will likely hamper current unlocking methods, history has shown that the cat-and-mouse game between Apple and hackers over iOS security is never-ending.