Apple’s iOS 11.4 update with ‘USB Restricted Mode’ may defeat GrayKey, Cellebrite forensic tools

“The iOS 11.4 beta contains a new feature called USB Restricted Mode, designed to defeat physical data access by third parties — possibly with forensic firms like Grayshift and Cellebrite in mind,” Roger Fingas reports for AppleInsider.

“‘To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via Lightning connector to the device while unlocked — or enter your device passcode while connected — at least once a week,’ reads Apple documentation highlighted by security firm ElcomSoft,” Fingas reports. “The feature actually made an appearance in iOS 11.3 betas, but like AirPlay 2 was removed from the finished code.”

Fingas reports, “The exact details of the hacking techniques used by Cellebrite and Grayshift’s GrayKey have been kept secret, so it’s possible they may still work after iOS 11.4 is released.”

Read more in the full article here.

MacDailyNews Take: Regardless, those concerned with security and privacy should use an alphanumeric passcode that’s seven characters – even longer is better – and mixes numbers, letters, and symbols.

To change your password in iOS:
Settings > Face ID & Passcodes > Change Passcode > Passcode Options: Custom Alphanumeric Code

Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling):

4 digits: ~13min worst (~6.5avg)
6 digits: ~22.2hrs worst (~11.1avg)
8 digits: ~92.5days worst (~46avg)
10 digits: ~9259days worst (~4629avg)

— Matthew Green (@matthew_d_green) April 16, 2018

SEE ALSO:
GrayKey box can guess a six-digit iPhone password in 11 hours on average – April 16, 2018
Police around the U.S. can now unlock iPhones – April 12, 2018
Law enforcement uses ‘GrayKey’ box to unlock iPhones – March 16, 2018
The man who wrote those password rules has a new tip: N3v$r M1^d! – August 8, 2017