Skip to main content

Apple releases iOS 11.4.1 and blocks passcode cracking tools used by police

Apple releases iOS 11.4.1 and blocks passcode cracking tools used by police

Share this story

Photo by James Bareham / The Verge

Apple today released iOS 11.4.1, and while most of us are already looking ahead to all the new stuff coming in iOS 12, this small update contains an important new security feature: USB Restricted Mode. Apple has added protections against the USB devices being used by law enforcement and private companies that connect over Lightning to crack an iPhone’s passcode and evade Apple’s usual encryption safeguards.

If you go to Settings and check under Face ID (or Touch ID) & Passcode, you’ll see a new toggle for USB Accessories. By default, the switch is off. This means that once your iPhone or iPad has been locked for over an hour straight, iOS will no longer allow USB accessories to connect to the device — shutting out cracking tools like GrayKey as a result. If you’ve got accessories that you want to continue working after your iPhone has been sitting locked for awhile, you can toggle the option on to remove the hour limit.

Apple’s wording is a bit confusing. You should leave the toggle disabled if you want your iPhone to be most secure.

Apple’s decision to implement USB Restricted Mode is a boost to user privacy, but might again put the company at odds with law enforcement and authorities who want to access information stored on recovered or confiscated iPhones. “We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves, and intrusions into their personal data,” Apple said in a statement on the feature. “We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs.”

The company famously faced off with the FBI in 2016 over an iPhone connected to the San Bernardino terrorist shootings. Apple refused to build custom software that would have allowed the agency to bypass security measures designed to protect the encrypted data on all iOS products, fearing that such a “backdoor” would quickly fall into malicious hands and make millions of consumers vulnerable. The FBI dropped its case against Apple in March 2017 after revealing that it had managed to access information on the phone through other means. If that exploit was over USB, Apple has now effectively shut down that avenue of breaking into an iPhone.

Aside from the introduction of USB Restricted Mode, iOS 11.4.1 is largely a release of bug fixes for the Find My AirPods feature and syncing with Exchange accounts.