With iOS 11.4.1, Apple introduced a feature that some people may not like.
We're talking about USB Restricted Mode, which is designed to make the work of tools like GrayKey or similar tools for unlocking iPhones much more difficult. These devices enable a brute force attack on the iPhone and can crack the code within a short time if it only consists of four to six characters. Apple officially confirmed the new protection some time ago. The company not only wants to protect its customers, but also prevent the spread of further such forms of attack.
Enable USB Restricted Mode
Once a device has been updated to iOS 11.4.1, this mode is automatically enabled. It can be found in Settings under "Touch ID & Passcode" (iPhone X "Face ID & Passcode"). The switch is disabled by default, so the iPhone must first be unlocked before USB accessories can connect if the iPhone has been locked for more than an hour. Charging the battery is always possible.
The protection was cracked
According to security researchers at Elcomsoft There is a cost-effective way to circumvent this protection. The 60-minute countdown, which is supposed to ensure that the USB port is automatically deactivated for external devices after one hour, can be reset. This is how it works: If the attacker gets hold of an iPhone, he can directly connect an Apple Lightning to USB 3 camera adapter. Authentication is not necessary. Simply plugging one in is enough and the countdown is immediately interrupted. For this to work, however, the iPhone must of course not have been locked for more than an hour. There is currently no other way of circumventing this.
Manually trigger Restricted Mode
The USB Restricted Mode can also be activated manually – all you have to do is emergency SOS function on the iPhone. This will also temporarily block Touch ID or Face ID.
