Apple confirms iOS 12's 'USB Restricted Mode' will thwart police, criminal access [u]

Posted:
in iOS edited June 14
Apple in a statement to AppleInsider on Wednesday said iOS 12's incarnation of "USB Restricted Mode" will thwart criminals, and enhance user's privacy.

iOS 12 FaceTime on iPhone X


In regards to law enforcement, the feature was created to protect iPhone owners in countries where the police seize phones at will. The move is aimed at regions with fewer legal protections than the U.S.

"At Apple, we put the customer at the center of everything we design. We're constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data," Apple said. "We have the greatest respect for law enforcement, and we don't design our security improvements to frustrate their efforts to do their jobs."

Apple decided to make improvements to iOS security after learning of iPhone cracking techniques being used by both criminals and law enforcement agencies. In particular, the company opted to take the USB stack out of the equation, a move that provides enhanced protection without serious detriments to the user experience.

With USB Restricted Mode, those attempting to gain unwarranted access to an iPhone will have an hour or less to reach a cracking device before being locked out.

Under the iOS 12 beta, data access through a Lightning port is cut off if a device hasn't been unlocked in the last hour. That's even tougher than Apple's initial beta versions of USB Restricted Mode, which simply required accessories to be connected to an unlocked device -- or a device to be unlocked with an accessory attached -- at least once per week.

The new policy seems bent on disrupting the hacking techniques of digital forensics firms like Cellebrite and GrayShift. Cellebrite in particular is believed to the firm the FBI used to crack the iPhone 5c of San Bernardino shooter Syed Rizwan Farook, allowing both Apple and the U.S. Department of Justice to avoid a protracted battle over whether the former could be forced to code a backdoor into iOS.

A number of officials in U.S. spy and law enforcement agencies have complained that internet communications are "going dark," thanks to the growing use of end-to-end encryption, which prevents even the companies implementing it from intercepting data. Some politicians have aligned behind mandating backdoors, though nothing has come of those efforts.

Apple and other encryption supporters have countered, saying privacy is a right and that any backdoor is bound to be discovered by malicious criminals and governments. Some critics may include the U.S. in the latter category, given mass surveillance efforts by the FBI and NSA.

Updated with comments from Apple
«13

Comments

  • Reply 1 of 53
    bloggerblogbloggerblog Posts: 1,747member
    We’ll never know the truth about backdoors because they usually come with gag orders.
    williamlondoncornchiptallest skiljbdragonSendMcjak
  • Reply 2 of 53
    If i was and i am not i would not ever use a phone to communicate with my customers! 
    williamlondoncornchip
  • Reply 3 of 53
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    williamlondon
  • Reply 4 of 53
    boltsfan17boltsfan17 Posts: 1,899member
    This will be annoying if CarPlay stops while you are driving. Hopefully there is a setting to disable it while using CarPlay. 
  • Reply 5 of 53
    StrangeDaysStrangeDays Posts: 4,785member
    We’ll never know the truth about backdoors because they usually come with gag orders.
    Nah that’s just conspiracy theory. Apple has said clearly that they don’t have any govt backdoors and won’t put any in. John Gruber has talked to team leads who told him they’d quit first. Word would get out and Apple would be crucified. They won’t do it. 

    williamlondonmacxpressmwhitejbdragonwatto_cobrajony0
  • Reply 6 of 53
    StrangeDaysStrangeDays Posts: 4,785member

    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. 
    Believe it or not Apple has been solving usability challenges for decades and knows what it’s doing. I doubt very much that your scenario is reality. 
    williamlondonelijahgradarthekatjbdragonadm1Linz HendersonSendMcjakchabigmike1lkrupp
  • Reply 7 of 53
    Other sites have reported that it is optional and while you are connected to a trusted device it will not cut off access.
    jbdragonLinz Hendersonboltsfan17watto_cobrajony0
  • Reply 8 of 53
    nunzynunzy Posts: 330member
    Apple seems to be serious about security. This is a very good thing.
    williamlondondws-2viclauyycracerhomie3jbdragonSendMcjaktoysandmewatto_cobrajony0
  • Reply 9 of 53
    sflocalsflocal Posts: 4,097member
    Meanwhile, discussions about security in the world of Android is about as loud as screaming in space.
    macseekerStrangeDaysradarthekatbonobobcornchipracerhomie3jbdragonSendMcjakmike1watto_cobra
  • Reply 10 of 53
    MplsPMplsP Posts: 459member
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    This will be annoying if CarPlay stops while you are driving. Hopefully there is a setting to disable it while using CarPlay. 
    Maybe this is a dumb question, but are headphones necessarily considered 'USB?' They obviously use the lightning connector, but does the physical connection essentially branch into USB and non-USB functionality, or is it all considered USB? Regardless, it should be theoretically possible to program iOS such that it will maintain an existing connection such as CarPlay or headphones but not allow any new connections and/or terminate the permission as soon as the device is disconnected.

    I wish there was a way to allow legitimate law enforcement access while at the same time maintaining security. The San Bernardino shooting is a prime example - the police had a clear, legitimate and legal need to access the contents of the phone. Unfortunately, back doors and other techniques have virtually universally been hacked and abused, as others have pointed out. Even GrayShift made no attempt to ensure that their device would be limited to legitimate uses. 
    dws-2watto_cobra
  • Reply 11 of 53
    command_fcommand_f Posts: 247member
    I prefer to think of this as keeping out the bad guys. In my book, in the UK, that doesn't include the security agencies. YMMV.

    However, it's a Good Thing that Apple is doing this, the agencies should have (be given) different and better methods. Interestingly, the ex-head of GCHQ (UK's equivalent of NSA) is on record as opposing backdoors: he says they're technically difficult and and open to abuse (https://www.theregister.co.uk/2017/07/10/former_gchq_wades_into_encryption_debate/). About what has been said here in the past.

    BTW The original story is here (but it may not be accessible outside the UK):https//www.bbc.co.uk/news/av/technology-40554686/end-to-end-encryption-back-door-a-bad-idea
    muthuk_vanalingamwatto_cobra
  • Reply 12 of 53
    mattinozmattinoz Posts: 847member
    MplsP said:
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    This will be annoying if CarPlay stops while you are driving. Hopefully there is a setting to disable it while using CarPlay. 
    Maybe this is a dumb question, but are headphones necessarily considered 'USB?' They obviously use the lightning connector, but does the physical connection essentially branch into USB and non-USB functionality, or is it all considered USB? Regardless, it should be theoretically possible to program iOS such that it will maintain an existing connection such as CarPlay or headphones but not allow any new connections and/or terminate the permission as soon as the device is disconnected.

    I wish there was a way to allow legitimate law enforcement access while at the same time maintaining security. The San Bernardino shooting is a prime example - the police had a clear, legitimate and legal need to access the contents of the phone. Unfortunately, back doors and other techniques have virtually universally been hacked and abused, as others have pointed out. Even GrayShift made no attempt to ensure that their device would be limited to legitimate uses. 
    As I understand it the Lockout is only for a device plugged in after the hour has elapsed. So headphone should keep working after an hour  or many hours more but if you pulled them out, say by accident, you'll probably need to unlock phone to get them to work again.
    icoco3elijahgrandominternetpersonwatto_cobra
  • Reply 13 of 53
    icoco3icoco3 Posts: 1,428member
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    All they have to do is allow that device even after an hour as it was plugged in BEFORE the phone locked.  Anything new plugged in subsequently to the phone locking would be blocked until the phone is unlocked.
    viclauyycrandominternetperson
  • Reply 14 of 53
    icoco3icoco3 Posts: 1,428member
    sflocal said:
    Meanwhile, discussions about security in the world of Android is about as loud as screaming in space.
    Security?
    watto_cobra
  • Reply 15 of 53
    rob53rob53 Posts: 1,867member
    command_f said:
    I prefer to think of this as keeping out the bad guys. In my book, in the UK, that doesn't include the security agencies. YMMV.

    However, it's a Good Thing that Apple is doing this, the agencies should have (be given) different and better methods. Interestingly, the ex-head of GCHQ (UK's equivalent of NSA) is on record as opposing backdoors: he says they're technically difficult and and open to abuse (https://www.theregister.co.uk/2017/07/10/former_gchq_wades_into_encryption_debate/). About what has been said here in the past.

    BTW The original story is here (but it may not be accessible outside the UK):https//www.bbc.co.uk/news/av/technology-40554686/end-to-end-encryption-back-door-a-bad-idea
    I'm glad you can trust your government to do what's best for law abiding citizens but this hasn't been the case in the US for a long time, if ever. This country was born on lack of trust of governments (remember 1776 and England?) and with the formation of the FBI with J Edgar Hoover at the helm, it got worse. Our own government spying on it's citizens who many times weren't doing anything wrong. Add the McCarthy witch hunts in the 50's and we were no better than the Nazis at putting people in jail for their thoughts, and this is supposed to be a democracy. 

    Just because the ex-head of your GCHQ says backdoors are bad doesn't necessarily mean they haven't tried forcing them in, just like our NSA might be doing. Everyone watches too much TV but you have to wonder how many of the spying movies actually are based on some fact. We'll never know because I'm sure some are run without too much oversight. How much of the Bourne Identity is based on current "lawful" spying? I'd rather Apple continue to try their hardest to protect my data from criminals, advertisers, and governments who don't need to see my legal data.

    Just saw this: "Microsoft has issued a Windows 10 security update to prevent hackers from breaking into PCs using Cortana." Was this an honest bug or someone forcing in a backdoor?
    edited June 13 elijahgjbdragongutengelcommand_fwatto_cobra
  • Reply 16 of 53
    macseekermacseeker Posts: 361member
    I'm thinking the audio pins of the lightning connector will still work but the data pins will be disabled.
    radarthekat
  • Reply 17 of 53
    mac_dogmac_dog Posts: 537member
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    I am definitely not in your category and I have nothing to hide. It is the principal of the thing. It is mindsets like yours that help to create and manufacture fear in a society that has nothing—should have nothing—to fear from the “authorities”. It’s the same mentality that allowed the birth of naziism. 
    elijahgbonobobmwhiteicoco3gutengel
  • Reply 18 of 53
    Does anyone understand why the 1-hour grace period is beneficial? I very rarely connect my phone to anything other than a charger or headphones, so it doesn’t seem very onerous to require the phone to be unlocked if you want to establish a USB data connection with another device. You have to be physically present to connect the cable anyway, so your face and/or a finger are never going to be too far away. 
    radarthekaticoco3watto_cobra
  • Reply 19 of 53
    macseeker said:
    I'm thinking the audio pins of the lightning connector will still work but the data pins will be disabled.
    No, Lightning doesn’t have any audio pins. 2 power contacts, 2 control lines (data) and 2 pairs of differential high-speed data. (Interestingly, the Lightning to 3.5mm audio jack adapter actually has a DAC/amp in it.)
    StrangeDaysMplsPwatto_cobra
  • Reply 20 of 53
    mattinozmattinoz Posts: 847member
    Does anyone understand why the 1-hour grace period is beneficial? I very rarely connect my phone to anything other than a charger or headphones, so it doesn’t seem very onerous to require the phone to be unlocked if you want to establish a USB data connection with another device. You have to be physically present to connect the cable anyway, so your face and/or a finger are never going to be too far away. 
    I assume so Carplay works without the need to unlock. On the assumption you've checked phone for some other reason between last thing you were doing and getting in the car.
    watto_cobra
Sign In or Register to comment.