Apple's Security Fix Already Bypassed

Apple's Security Fix Already Bypassed
Forensic experts believe that police will still be able to extract data from locked iPhones after the next iOS update.

(CCM) — Security researchers have already found a way to get around Apple's new USB Restricted Mode, which is designed to prevent anyone from extracting data from a locked iPhone, according to a Vice report.

Law enforcement officers use forensic devices, such as Grayshift's GrayKey, which connect to an iPhone's data and charging port to access data on the device. But USB Restricted Mode, which will be included in iOS 12, is meant to prevent these forensic devices from working by turning off the data capabilities of the port one hour after the phone is unlocked.

It appears that the fix will not be enough to prevent police from accessing a phone's contents, however. "Grayshift has gone to great lengths to future proof their technology and stated that they have already defeated this security feature in the beta build, a forensic expert said in the report. "Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on. They seem very confident in their staying power for the future right now," the expert added.

Grayshift's customers include federal, state, and local law enforcement agencies, including the FBI, DEA, and the Secret Service, the Vice report says.

Details about how the Graykey works and how it is able to get around Apple's USB Restricted Mode are unclear, but the company claims that if an iPhone is seized while switched on and if it has been unlocked at least once by its owner, then it is able to unlock the device relatively quickly, with 95% of the owner's data available instantly.

If the iPhone is switched off when it is seized then unlocking takes much longer, but a Graykey is able to provide access to "limited data" relatively quickly.

Image: © 360b -