iLoungeiLounge
    Facebook Twitter Instagram YouTube LinkedIn RSS
    • About Us
    • Contact Us
    • Privacy Policy
    • Terms Of Use
    Facebook Twitter Instagram YouTube LinkedIn RSS
    iLoungeiLounge
    • News
      • Apple
        • AirPlay
        • iCloud
        • iTunes
        • HealthKit
        • HomeKit
        • HomePod
        • iOS 13
        • Apple Pay
        • Apple TV
        • Siri
      • AirPods Pro
      • Apps
        • Apple Music
      • Rumors
      • Humor
      • Technology
        • CES
      • Articles
      • Web Stories
    • iPhone
      • iPhone Accessories
    • iPad
    • iPod
      • iPod Accessories
    • Apple Watch
      • Apple Watch Accessories
    • Mac
      • MacBook Air
      • MacBook Pro
    • Reviews
      • App Reviews
    • How-to
      • Ask iLounge
    • Daily Deals
    iLoungeiLounge

    Lightning port security mode looks to return in iOS 11.4

    By Jesse HollingtonMay 16, 2021 11:25 am UTC

    Lightning port security mode looks to return in iOS 11.4

    When Apple rolled out the first iOS 11.3 betas earlier this year, one smaller feature mentioned in the release notes was a new security protocol that would lock down a user’s Lightning port if it hadn’t been used for anything other than charging for more than a week. Specifically, Apple noted that users would be required to re-enter their device passcode to authorize a Lighting-connected USB accessory if it has not been connected to the device for more than a week. Although much like AirPlay 2 and Messages in the Cloud, this feature never made it into the final iOS 11.3 release, Elcomsoft notes that it’s back in the iOS 11.4 betas, with a report on exactly how it works and some of the ramifications of the new feature for iOS forensics.
    The feature, now dubbed “USB Restricted Mode” is relatively straightforward, disabling the ability to transfer any data over the Lightning port one week after the device has last been unlocked, effectively turning the Lightning port into a charging-only interface. While it’s possible the feature isn’t quite finished yet — Apple’s release notes still suggest that the feature will only kick in if a USB accessory has not been connected to an unlocked device in the past seven days — Elcomsoft reports that this is how it currently seems to work, and raises questions about the difference between a passcode or Touch ID/Face ID unlock, and how trusted USB devices and computers factor in. Elcomsoft notes that in its own testing, they were able to confirm that the USB lockout occurred after a device was left completely idle for seven days, but have not yet conducted any further testing, likely due to the timeframes involved.

    The report does go on to add, however, that once this lockdown has occurred, it appears that all USB communication through the Lightning port ceases entirely; the iOS device can still be charged through the Lightning port, but it will not attempt to establish a data connection, even to previously trusted computers or other devices. This new protocol effectively throws a spanner into the works for law enforcement, which will now have only a maximum of seven days to use current forensic techniques to recover data from a seized iPhone, and could in fact have considerably less time available if the seven-day clock is actually based on the last time a USB device was connected — as Apple’s release notes imply — as opposed to simply the last time a user authenticated to the device.

    Apple has already been tightening security with each iOS 11 point release, and in fact in iOS 11.3 trusted computer pairing records now expire after only seven days, meaning that a user who hasn’t connected the iPhone to their computer for more than seven days will need to re-authenticate with their password to re-establish the trust relationship, removing one of the attack vectors used by forensics experts to gain access to otherwise-locked iPhones. However, the new USB Restricted Mode significantly increases the security, effectively disabling all data communications over the Lightning port once the seven-day window has expired. Elcomsoft maintains the new feature is “aimed squarely at law enforcement” and suggests a few mitigations that can be used, all of which necessitate gaining access to the device pretty much as soon as it is acquired by law enforcement officers. [via MacRumors]

     

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Jesse Hollington
    • Twitter

    Jesse Hollington was a Senior Editor at iLounge. He's written about Apple technology for nearly a decade and had been covering the industry since the early days of iLounge. In his role at iLounge, he provided daily news coverage, wrote and edited features and reviews, and was responsible for the overall quality of the site's content.

    Latest News
    The Apple Watch SE 2 Just Got Even More Affordable
    Apple updates App Store Review Guideline
    iOS 17 developer beta released early
    Apple adds a free tier for its developer program
    Get the Wrist-Friendly Logitech MX Vertical Ergonomic Mouse at $29 Off
    iPhone X and iPhone 8 won’t have iOS 17 support
    New 15-inch MacBook Air with M2 chip launches
    Apple reveals Apple Vision Pro headset

    iLounge logo

    iLounge is an independent resource for all things iPod, iPhone, iPad, and beyond. iPod, iPhone, iPad, iTunes, Apple TV, and the Apple logo are trademarks of Apple Inc.

    Contact Us: [email protected]

    Tel: +1302-208-9669

    iLounge, 2810 North Church Street, Wilmington, Delaware, 19802, United States.

    • Contact Us
    • Submit News
    • About Us
    • Forums
    • Privacy Policy
    • Terms Of Use
    This website is not affiliated with Apple Inc.
    iLounge © 2001 - 2023. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.