The feature, which was present in the beta, seemingly did not make its way into the final 11.3 release. But the news highlights how companies like Grayshift or established mobile forensics firm Cellebrite are constantly playing a cat-and-mouse game with Apple. Each operating system update potentially complicates how cops break into phones.
Got a tip? You can contact Lorenzo Franceschi-Bicchierai securely on Signal on +1 917 257 1382 and Joseph Cox on Signal on +44 20 8133 5190. Details on our SecureDrop, a system to anonymously submit documents or information, can be found here.
In other words, with USB Restricted Mode enabled, if you’re a law enforcement agent and you get a locked phone from a suspect, you might have a week at most to plug it into an unlocking device, and you have to hope the phone had been plugged in and unlocked within a week of it being seized. Apple declined to comment on the record for this article.The change would not have stopped GrayKey or other iPhone unlocking tools from working altogether, but it would have provided another obstacle law enforcement officials need to consider when trying to unlock up-to-date iPhones. A source in the forensics industry, who is not a Grayshift employee, told Motherboard that the iPhone unlocking device does indeed work. Motherboard granted the source anonymity to discuss industry developments.
To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via lightning connector to the device while unlocked – or enter your device passcode while connected – at least once a week.
Thomas, the ex-Apple engineer who now works at Grayshift, wrote a follow-up blog post saying his initial analysis of what USB Restricted Mode is and its potential implications was correct, but as it turned out, he wrote, the feature was “disabled” in iOS 11.3.Grayshift has been demoing its product to police forces, according to emails obtained by Motherboard. Other internal agency documents, online records, and conversations with law enforcement officials show that regional police, such as Maryland and Indiana State Police, have procured the technology; local forces may have purchased it; federal agencies such as the State Department have cashed in; and the FBI, DEA, and Secret Service are all looking to buy a number of GrayKey units themselves too.Motherboard’s documentary series “Dear Future” was nominated for a Webby. We’d love your vote, and it only takes a minute.
Read more: Stop Using 6-Digit iPhone Passcodes