Today, Apple released iOS 11.4.1 for iPhones and iPads-a small update that fixes a couple bugs and introduces a new security feature. Unfortunately, a security firm has already found a loophole to get around the feature.
According to a new report from The Verge, USB Restricted Mode, a new iOS feature that protects unauthorized access of the data on your iOS device, has a glaring omission that would make it quite easy for someone to beat in many scenarios. On the other hand, the researchers note that Grayshift is said to already be able to defeat USB Restricted Mode through other means, though that's unconfirmed at this point. Even when one plugs in a new USB accessory that has never been paired with the iPhone, the timer of the USB Restricted Mode will reset itself.
USB Restricted Mode is created to shut off access to data on an iPhone or iPad when new USB accessories are plugged into the Lightning port, as long as it's been more than an hour since you last unlocked your iPhone. Apple has added protections against the USB devices being used by law enforcement and private companies that connect over Lightning to crack an iPhone's passcode and evade Apple's usual encryption safeguards. "Prior to iOS 11.4.1, isolating the iPhone inside a Faraday bag and connecting it to a battery pack would be enough to safely transport it to the lab", he concludes. There are people who'd prefer unlocking their phones every time someone connects an accessory to the Lightning port instead of being subjected to the flawed restrictions. "Your accessory then remains connected, even if your device is subsequently locked". You might also see an alert asking you to unlock your device to use accessories.
We've contacted Apple for comment and will update this post when we hear from them.
At first we thought we would have to wait until iOS 12 this fall to see this feature, but here it is.
This seems like an oversight on Apple's part, and it's possible the company will fix this in a future update.