Security Researchers Find Way to Prevent USB Restricted Mode From Activating on iOS Devices

by

Security researchers claim to have discovered a loophole that prevents an iPhone or iPad from activating USB Restricted Mode, Apple's latest anti-hacking feature in iOS 12 beta and iOS 11.4.1, which was released on Monday.

USB Restricted Mode is designed to make iPhones and iPads immune to certain hacking techniques that use a USB connection to download data through the Lightning connector to crack the passcode.

Lightning iPhone 7
iOS 11.4.1 and iOS 12 prevent this by default by disabling data access to the Lightning port if it's been more than an hour since the iOS device was last unlocked. Users can also quickly disable the USB connection manually by engaging Emergency SOS mode.

However, researchers at cybersecurity firm ElcomSoft claim to have discovered a loophole that resets the one-hour counter. The bypass technique involves connecting a USB accessory into the Lightning port of the iOS device, which prevents USB Restricted Mode from locking after one hour.

ElcomSoft's Oleg Afonin explained the technique in a blog post:

What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory, one that has never been paired to the iPhone before (well, in fact the accessories do not require pairing at all). In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour. Importantly, this only helps if the iPhone has still not entered USB Restricted Mode.

According to Afonin, Apple's own $39 Lightning to USB 3 Camera Adapter can be used to reset the counter. Researchers are currently testing a mix of official and third-party adapters to see what else works with the bypass technique.

apple lightning usb camera adapter
Afonin notes that ElcomSoft found no obvious way to break USB Restricted Mode once it has been engaged, suggesting the vulnerability is, in his words, "probably nothing more than an oversight" on Apple's part. Still, at present its existence provides a potential avenue for law enforcement or other potentially malicious actors to prevent USB Restricted Mode from activating shortly after seizure.

Both iOS 11.4.1 and iOS 12 beta 2 are said to exhibit the same behavior when exploiting the loophole. However, expect this to change in subsequent versions of iOS – Apple continually works on strengthening security protections and addressing iPhone vulnerabilities as quickly as possible to defend against hackers.

Apple reportedly introduced USB restrictions to disable commercial passcode cracking tools like GrayKey. Afonin cites rumors that the newer GrayShift tool is able to defeat the protection provided by USB Restricted Mode, but the research community has yet to see firm evidence confirming this.

Tag: Apple Security
Related Forums: iOS 11, iOS 12

Popular Stories

iPhone 17 Pro Render Front Page Tech

iPhone 17 Pro Launching Later This Year With These 10 New Features

Sunday March 23, 2025 10:00 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. iPhone 17 Pro's alleged design via Front Page Tech Below, we recap key changes rumored for the iPhone 17 Pro models as of March 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone...
Read Full Article230 comments
iCloud General Feature Redux

iPhone Users Who Pay for iCloud Storage Receive a New Perk

Thursday March 20, 2025 12:01 am PDT by
If you pay for iCloud storage on your iPhone, Apple has a new perk for you, at no additional cost. The new perk is the ability to create invitations in the Apple Invites app for the iPhone, which launched in the App Store last month. In the Apple Invites app, iCloud+ subscribers can create invitations for any occasion, such as birthday parties, graduations, baby showers, and more. Anyone ...
Read Full Article30 comments
iOS 18

Top 5 New Features Coming in iOS 18.4

Friday March 21, 2025 3:26 pm PDT by
We're not getting new Siri Apple Intelligence features in iOS 18.4 as expected, but the upcoming update does have quite a few new additions that will be worth upgrading for. We've rounded up the five best features to look forward to, and if you're not running the beta, you can expect to get access to these in early April. Priority Notifications If you have an iPhone or iPad that supports...
Read Full Article90 comments
Generic iOS 19 Feature Mock

iOS 19 Coming in June With These New Features

Thursday March 20, 2025 2:04 pm PDT by
While the first iOS 19 beta is still more than two months away, there are already plenty of rumors about the upcoming software update. Below, we recap the key iOS 19 rumors so far. visionOS-Like Design In January, the YouTube channel Front Page Tech revealed a redesigned Camera app that is allegedly planned for iOS 19. According to Front Page Tech host Jon Prosser, the Camera app...
Read Full Article45 comments
Generic iOS 18

Apple Seeds iOS 18.4 and iPadOS 18.4 Release Candidate With Priority Notifications, Ambient Music and More

Monday March 24, 2025 10:07 am PDT by
Apple today seeded the release candidate versions of upcoming iOS 18.4 and iPadOS 18.4 updates to developers for testing purposes, with the software coming a week after Apple released the fourth betas. iOS 18.4 and iPadOS 18.4 can be downloaded from the Settings app on a compatible device by going to General > Software Update. With iOS 18.4, Apple is adding the Priority Notifications...
Read Full Article49 comments
airpods max 2024 colors

Don't Buy Into Apple's Hype About AirPods Max Gaining Lossless Audio

Monday March 24, 2025 4:24 pm PDT by
Apple today announced that AirPods Max with a USB-C port will be gaining support for lossless audio and ultra-low latency audio with a firmware update next month, alongside the release of iOS 18.4, iPadOS 18.4, and macOS 15.4. For context, audio files are typically compressed to keep file sizes smaller. There are lossy compression standards like MP3, and Apple's own Advanced Audio Codec...
Read Full Article248 comments
Foldable iPhone 2023 Feature Iridescent Search

Foldable iPhone Expected to Launch Next Year, Costing Around $2,000

Monday March 24, 2025 3:43 am PDT by
Apple will launch its long-rumored foldable iPhone next year with a ~$2,000 premium price tag attached, expects well-connected Bloomberg reporter Mark Gurman. Gurman's comments on Apple's launch plans for its first foldable device appeared in the Q&A section of his latest Power On newsletter. Earlier this month, the reporter said Apple's foldable iPhone could be arriving "as early as 2026,"...
Read Full Article155 comments
iOS 19 Rounded UI Elements Light

iOS 19: What to Expect From Apple's Dramatic Design Overhaul?

Monday March 24, 2025 9:47 am PDT by
Earlier this month, Bloomberg reported that Apple is planning "one of the most dramatic software overhauls in the company's history" – an update that aims to bring iOS, iPadOS, and macOS into closer visual alignment. The redesign is said to be "loosely based" on visionOS, the software behind Apple's Vision Pro headset, and will reportedly update the look of icons, menus, apps, windows, and...
Read Full Article110 comments

Top Rated Comments

christarp Avatar
christarp
88 months ago
Interesting, so the cops would need to confiscate the alleged evidence and transport it back to wherever they take it and then keep it plugged into the device. might be tough to do within an hour, but I'm sure they'll find a way. And I'm also sure Apple will find a way to close this loophole. Cat and mouse continues.
Score: 10 Votes (Like | Disagree)
Turnpike Avatar
Turnpike
88 months ago
There is always going to be a ping-pong, back-and-forth effect to this kind of thing with problems and solutions; but having an Apple device and having Apple on your side working to protect it is, while not perfect, the closest thing to it you will find with any company. Nobody else really cares about protecting your data quite like Apple does.
Score: 8 Votes (Like | Disagree)
Scooz Avatar
Scooz
88 months ago
Apple seemingly doing anything to sell their overpriced adapters...
Score: 7 Votes (Like | Disagree)
MacRS4 Avatar
MacRS4
88 months ago
Have I misunderstood this? What they're saying is that <1 hour and you plug in a USB, it resets the count-down timer for the USB lockout.

So imagine you unlock/lock your phone, and plug it in to your computer shortly afterward. You wouldn't want the USB lock to engage would you? Say for example if you were copying 100GB of movies to it.

Or is the lack of 'trusted' devices enabling the reset of the counter? I.e. A mistake on the expected behaviour.

PS. I've not had nearly enough coffee yet.
Score: 7 Votes (Like | Disagree)
alphaod Avatar
alphaod
88 months ago
Makes sense seeing some accessories like the HDMI adapter do not require authorization in the first place.

I wouldn't see this as an oversight. Can't have a perfect solution.
Score: 6 Votes (Like | Disagree)
robertcoogan Avatar
robertcoogan
88 months ago
One could also change the 6-digit PIN to a password (mix of characters) and defeat any graybox regardless.
Score: 6 Votes (Like | Disagree)
Read All Comments