The Security Hole in Apple's New Security Feature
USB Restricted Mode could still let law enforcement into your phone.
Apple introduced USB restricted mode as part of its new iOS update, which it released Monday.
The feature is designed to stop law enforcement from cracking the passcode to your phone by using a USB device. It does this by disabling USB access after your phone has been locked for at least an hour.
Computer security research firm ElcomSoft discovered a loophole, however. It would allow someone to reset the one-hour timer by plugging in a USB device within that first window of time, Engadget reports.
It doesn't matter which device it is or whether the smartphone has encountered it before. ElcomSoft says it conducted its tests using a $39 camera adapter purchased from the Apple Store.
For this to work, a law enforcement official would have to seize your phone within an hour since you had last locked it, and that might not be likely in many law enforcement scenarios. For those concerned about privacy, however, a loophole is still a loophole.
"The ability to postpone USB Restricted Mode by connecting the iPhone to an untrusted USB accessory is probably nothing more than an oversight," wrote Oleg Afonin of ElcomSoft. "We don’t know if this behavior is here to stay, or if Apple will change it in near future."
Apple hasn't taken any steps to remedy the issue yet.