Apple’s iOS 11.4 update may protect devices from phone cracking firms

Apple is currently testing iOS 11.4 beta update for iPhone and iPad devices. Apparently, the update aims at increasing the security of these devices and protecting them from physical threats. This means that it might become difficult or nearly impossible for the law enforcement agencies and third-party iPhone cracking firms like GrayShift and Cellebrite to crack iPhones and iPads as they claim.

According to Elcomsoft, the iOS 11.4 update is equipped with a new USB Restricted Mode which works in such a way that it in case your phone is locked it will enable a one-week long expiration date upon accessing the Lightning port on your device.

As per the Apple documentation seen by Elcomsoft, “To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via a lightning connector to the device while unlocked – or enter your device passcode while connected – at least once a week.”

Since firms like GrayShift use the Lightning port of a targeted Apple device, with this update the task will not be a piece of cake as before. Remember, recently, the US Department of State’s Bureau of Diplomatic Security ordered a GrayShift product which is believed to be GrayKey that costs $15,000 a piece.

Apple's iOS 11.4 update may protect devices from phone cracking firms
GrayShift’s GrayKey (left) and Cellebrite (right)

“At this point, it is still unclear whether the USB port is blocked if the device has not been unlocked with a passcode for 7 consecutive days; if the device has not been unlocked at all (password or biometrics); or if the device has not been unlocked or connected to a trusted USB device or computer,” said Oleg Afonin of Elcomsoft.

“In our test, we were able to confirm the USB lock after the device has been left idle for 7 days. During this period, we have not tried to unlock the device with Touch ID or connect it to a paired USB device. What we do know, however, is that after the 7 days the Lightning port is only good for charging.”

More details on iOS 11.4 update are yet to come while full details regarding GrayShift and Cellebrite’s smartphone cracking capabilities are also unknown. What is known is that according to Reuters, the  San Bernardino suspected shooter’s iPhone was unlocked by Cellebrite.

Once the iOS 11.4 update is issued, one can expect extreme measures from both forms and law enforcement agencies who already oppose Apple’s encryption module.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.