Apple emits iPhone cop-block update – plus iOS, macOS, Safari patches

Grab those updates, including iOS 11.4.1 which may close off USB to prying Feds

Apple has released the latest version of its mobile operating system complete with its Fed-blocking option.

The iOS 11.4.1 upgrade is small by Apple standards – coming in at around 200MB – but it represents a big headache for the FBI and other organizations that want to gain access to someone else's phone because it kills off the most common route to bypassing the device's security.

The update includes a new feature called "USB Restricted Mode" that will disable a data connection from the iPhone's charging/data port at the bottom of the device after one hour of being locked by default. Originally, Apple planned to have the restricted mode kick in after a week but last month changed its mind to reduce the time limit to an hour.

The accompanying explanation gives no indication of its real purpose: "Unlock iPhone to allow USB accessories to connect when it has been more than hour since your iPhone was locked," it says underneath a sliding bar.

The new feature will not prevent the phone from being charged, but if you want to unlock or transfer any data to or from the device, you will need to enter the phone's passcode on the touchscreen.

Essentially, after one hour of non-use, an iOS 11.4.1 handheld will not talk to any device plugged into its charging port – other than to receive power to charge its battery – until a valid passcode is entered via the screen.

Access denied

That data port is the main way the Feds and cops break into locked phones right now, with companies like Cellebrite and Grayshift selling boxes that will bypass the phone's security and provide access to its innards. With the data port shut off after an hour, connected boxes to force unlock the phone will not work – at least in theory.

The FBI apparently paid someone over a million dollars to break a legal impasse between itself and Apple over the phone of San Bernardino shooter (it found nothing of value on the phone). It's speculated Cellebrite was involved somehow.

Apple's Lightening cable

Apple will throw forensics cops off the iPhone Lightning port every hour


However, it was Grayshift's decision to mass produce a small box called Graykey and stick it on the market for $15,000 that forced Apple to shut down the entry point.

The restricted mode was put into a beta version of the latest update and has made it through to the final release, making it virtually impossible for law enforcement (or others) to gain access to someone's phone before the USB port is shut down.

If however someone does get to a phone within that hour period, they can shove in a USB accessory and prevent the smartphone from going into restricted mode until they have a chance to attach a cracking box later on. It may be that cops are issued with cheap accessories to make this possible.

No doubt it's only a matter of time before security companies either find a way to reactivate the port or devise a different system to access an iPhone – it is, after all, still software. But for now at least, iPhones, with this update, are locked down.

Of course, this being Apple, there is no mention of the new feature in its release notes. And very little information about how it works. Instead, all you get to know about the new software on your phone is that it:

  • Fixes an issue that prevented some users from viewing the last known location of their AirPods in Find My iPhone
  • Improves reliability of syncing mail, contacts and notes with Exchange accounts

Apple also today released security updates for...

These fixes address various bugs, some of which can be exploited by webpages to execute malicious code on vulnerable devices. Get patching, Cupertino fans, by checking for software updates and installing them. ®

Similar topics

Other stories you might like

  • UK Home Secretary delays Autonomy founder extradition decision to mid-December

    Could be a Christmas surprise in store from Priti Patel

    Autonomy Trial Autonomy founder Mike Lynch's pending extradition to the US has been kicked into the long grass again by the UK Home Office.

    Lynch is wanted in the US to stand trial on 17 charges of fraud and false accounting. He is alleged to have defrauded Hewlett Packard investors over the sale of British software firm Autonomy in 2011.

    Continue reading
  • Want to buy your own piece of the Pi? No 'urgency' says Upton of the listing rumours

    A British success story... what happens next?

    Industry talk is continuing to circulate regarding a possible public listing of the UK makers of the diminutive Raspberry Pi computer.

    Over the weekend, The Telegraph reported that a spring listing could be in the offing, with a valuation of more than £370m.

    Pi boss, Eben Upton, described the newspaper's article as "interesting" in an email to The Register today, before repeating that "we're always looking at ways to fund the future growth of the business, but the $45m we raised in September has taken some of the urgency out of that."

    Continue reading
  • All change at JetBrains: Remote development now, new IDE previewed

    Security, collaboration, flexible working: Fleet does it all apparently

    JetBrains has introduced remote development for its range of IDEs as well as previewing a new IDE called Fleet, which will form the basis for fresh tools covering all major programming languages.

    JetBrains has a core IDE used for the IntelliJ IDEA Java tool as well other IDEs such as Android Studio, the official programming environment for Google Android, PyCharm for Python, Rider for C#, and so on. The IDEs run on the Java virtual machine (JVM) and are coded using Java and Kotlin, the latter being primarily a JVM language but with options for compiling to JavaScript or native code.

    Fleet is "both an IDE and a lightweight code editor," said the company in its product announcement, suggesting perhaps that it is feeling some pressure from the success of Microsoft's Visual Studio Code, which is an extensible code editor. Initial language support is for Java, Kotlin, Go, Python, Rust, and JavaScript, though other languages such as C# will follow. Again like VS Code, Fleet can run on a local machine or on a remote server. The new IDE uses technology developed for IntelliJ such as its code-processing engine for features such as code completion and refactoring.

    Continue reading

Biting the hand that feeds IT © 1998–2021