USB Restricted mode rejects USB connections through the Lightning port if the iPhone has not been unlocked in the last hour. At its core, this means hackers, data thieves, authorities cannot unlock a device by connecting it to a PC. While debuted as a key feature on iOS 12, the feature is also available on iOS 11.4.1. The main ability of Restricted mode to protect people from law enforcement and thieves. Apple insists it is not trying to work against law enforcement. Although, it seems a flaw in USB Restricted Mode means the feature may not work at all. ElcomSoft details a workaround that allows anyone to access the device. All that is needed is any accessory that connects to the Lightning connector. The researchers tested with an official Apple USB 3 Camera Adapter that costs $39. “What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory, one that has never been paired to the iPhone before (well, in fact the accessories do not require pairing at all). In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour.”
Possible Solution
There are some exceptions in terms of accessories that trigger the exploit. ElcomSoft offers the Apple Lightning 3.5mm adapter as one accessory that does not work. As I mentioned in the previous report, this is a slightly embarrassing situation for Apple. However, ElcomSoft points out the situation can be recovered as Apple can update iOS to “remember which devices were connected to the iPhone, and only allow those accessories to establish connectivity without requiring an unlock.”