iPhone hackers have already defeated Apple’s USB Restricted Mode

iPhone X Blue

Apple upset a lot of police officers and hackers recently when it announced a new USB Restricted Mode, coming to all iPhones in iOS 12. The tool shuts down the Lightning port if the handset hasn’t been unlocked in an hour.

This is a big problem for law enforcement agencies since many of them rely on machines like GrayKey to hack into iPhones. The device is basically a box with Lightning cables which connect to an iPhone via its USB port. They can still try accessing data, but they’ll have to rush and hope the extraction gets done in less than an hour.

iOS 12 USB Restricted Mode
iOS 12’s USB Restricted Mode

The situation sounds dire, but it seems Grayshift, the firm behind GrayKey, has found a workaround already. A forensic expert told Motherboard that the company has future-proofed its technology. It’s apparently defeated USB Restricted Mode in the iOS 11.4.1 beta build.

The GrayKey itself supposedly has built-in future capabilities which will get leveraged as time goes on. The source believes that Grayshift is very confident in its staying power for the future. However, these claims can’t be taken at face value since it’s possible that the brand has gone into damage control mode and is just spouting marketing bluff.

Also See: iOS 12 will let you report spam texts and calls

Here to fight this doubt is a second source who states that Grayshift had addressed USB Restricted Mode in a webinar a couple of weeks ago. This is certainly feasible as the feature got leaked out in May 2018. The company might have been able to work on a solution in the month since.

How GrayKey Hacks iPhones

Grayshift currently utilizes 2 ways to hack into an iPhone. The first is called Before First Unlock (BFU). It gives access to limited data because the smartphone was off when seized. Once it gets switched on, most of the data is encrypted and the GrayKey takes about 10 minutes per try to figure out what the password is.

The second is called After First Unlock (AFU). It’s much faster since the iPhone is locked but on. The handset allows up to 300000 tries in this scenario and lets the GrayKey extract 95% of the data. Apple has now thrown a wrench into this loophole, but it looks like companies like Grayshift are fighting back.