ElcomSoft blog

«…Everything you wanted to know about password recovery, data decryption,
mobile & cloud forensics…»

Posts Tagged ‘iOS 12’

iOS 12 Beta 5: One Step Forward, Two Steps Back

Tuesday, July 31st, 2018

The release of iOS 11.4.1 marked the introduction of USB restricted mode, a then-new protection scheme disabling USB data pins after one hour. The USB restricted mode was not invincible; in fact, one could circumvent protection by connecting the device to a $39 accessory. While a great improvement on itself, the new mode did not provide sufficient protection. We wished Apple maintained a list of “trusted” or previously connected accessories on the device, allowing only such devices to reset the timer. In this new iOS 12 beta, Apple makes attempts to further “improve” USB restricted mode, yet the quotes about “improving” the system are there on purpose.

We recently covered the whole story starting from iOS 11.3 and up to the then-current iOS 12 beta, but it looks the story is far from the end. I think Apple monitors media coverage including our blog, and takes a note on some of the readers’ comments in an attempt to find the right balance between security and convenience. We even suggested how they could possibly improve the new mode’s implementation, and… iOS 12 Beta 5 (just released) brings another surprise.

(more…)

USB Restricted Mode Inside Out

Thursday, July 12th, 2018

It’s been a lot of hype around the new Apple security measure (USB restricted mode) introduced in iOS 11.4.1. Today we’ll talk about how we tested the new mode, what are the implications, and what we like and dislike about it. If you are new to the topic, consider reading our blog articles first (in chronological order):

To make a long story short: apparently, Apple was unable to identify and patch vulnerabilities allowing to break passcodes. Instead, they got this idea to block USB data connection after a period of time, so no data transfer can even occur after a certain “inactivity” period (keep reading about the definition of “inactivity”). It is somehow similar to how Touch ID/Face ID expire from time to time, so you can only use the passcode if you did not unlock the device for a period of time. Same for USB now.

(more…)