Apple on Wednesday confirmed that iOS 12’s “USB Restricted Mode” is designed to prevent both law enforcement and the bad guys from accessing data on a locked iOS device.
Apple tells Reuters the move is designed to protect iPhone owners in countries where law enforcement can seize devices at will.
The company told Reuters it was aiming to protect all customers, especially in countries where phones are readily obtained by police or by criminals with extensive resources, and to head off further spread of the attack technique.
The privacy standard-bearer of the tech industry said it will change default settings in the iPhone operating system to cut off communication through the USB port when the phone has not been unlocked in the past hour.
That port is how machines made by forensic companies GrayShift, Cellebrite and others connect and get around the security provisions that limit how many password guesses can be made before the device freezes them out or erases data. Now they will be unable to run code on the devices after the hour is up.
Apple made the move after learning of cracking techniques being employed by both the cops and criminals. The company decided that taking the USB stack out of the equation would make such efforts fruitless.
The new “feature” will take the wind out of the sails of hacking techniques of digital forensics firms such as Cellebrite and GrayShift. Cellebrite is believed to be the firm that helped the FBI unlock the iPhone 5C used by San Bernardino terrorist Syed Rizwan Farook.
U.S. law enforcement officials have loudly complained about Apple and other firms’ “end-to-end encryption” making it difficult to glean data from criminal and terrorist-owned smartphones and other connected devices.
Apple and other encryption advocates have long held that privacy is a right, and any “backdoor” that could be used by law enforcement to access data on devices could also be used by criminals and other bad actors to access the data stored on a device.
