Apple users might have a sigh of relief when it comes to data privacy and protection concerns, as it will be removing USB access features to iPhones. This effectively blocks hackers from accessing iPhones of other users, which in turn prevents breaches of data privacy. However, this also means members of law enforcement will be effectively locked out of the system as well.
The decision for Apple to have iPhones remove the USB access feature may be its best defense yet against hackers, but it also blocked law enforcement agencies from ever accessing the devices. This effectively escalated the already-existing tensions between the technology giant and law enforcement in terms of upholding security when it comes to mobile devices.
The new debacle started after Apple made an announcement that an upcoming iOS software update will finally be removing the USB access feature of iPhones. This effectively blocks anyone from accessing the data of phones through its device ports. Security and privacy-wise, this is helpful for people concerned that other malignant entities will want to access data, especially if their phones have been stolen.
According to Apple, this will be made possible by making a new set of default settings for their iPhones. When an iPhone has been locked for more than an hour, its Lightning port will be disabled – effectively making it unable for anyone but the user to charge and input data to the iPhone unless it’s unlocked.
According to an Apple spokesperson, this will help cement Apple’s push towards making sure the customer is at the center of everything in terms of their design. As such, security protections will continue to be strengthened in Apple products to make sure customers are defended and protected against personal data intrusions, identity thieves, and hackers.
Those concerned will be glad to know that users will still be able to charge their phones, but they won’t be able to continue transferring data to and away from their devices unless they unlock the iPhone with their passcodes.
Of course, this also effectively blocks a lot of devices – including those used by law enforcement agencies – that are designed to breach and hack into the signature Apple mobile devices through the Lightning port.
One known device capable of doing this is called a GrayKey Box, which is known to be able to access iPhones using its Lightning port. This installs “cracking” software inside the device, which can effectively rig the passcode of the iPhone into letting an unauthorized users inside the device. It’s been reported that law enforcement agencies like the FBI have used the device, which is manufactured by Grayshift, in order to unlock iPhones that are up-to-date. The new iOS update may effectively put a stop to this intrusion.
This update may also help protect users against the UFED devices of Cellebrite, which have also been used to unlock iOS devices, even though it should only be limited as a forensic tool for iPads and iPhones.
Some say this move by Apple is its effort of acknowledging the existence of a vulnerability in its devices – but instead of allowing it to be abused, Apple has put a stop to it altogether, despite the parties it may upset.
Interestingly, a basic version of the concept has already been introduced in iOS 11.4, called the USB Restricted Mode. This disables the Lightning Connector USB access after the phone has been locked for seven (7) days. However, this USB Restricted Mode still has its own set of vulnerabilities when it comes to how the iOS handles USB devices, and as such Apple has made another thorough check of the code with this rudimentary version of the USB restriction.
The Apple spokesperson also mentioned that additional mitigation was placed which would remove and disable the USB as an “attack surface” especially when users don’t necessarily need it. The spokesperson added this will also not have a negative influence on user experience.
Apple And The FBI
unfortunately, not all is well and good in terms of law enforcement, however. The conflict between the two parties appear to have escalated in 2016, when Apple didn’t want to unlock the iPhone of the gunman in San Bernardino who killed 14 people back in 2015.
In an open letter, Tim Cook, Apple CEO, said that a backdoor will be created if they build an iOS version that can bypass security. And he added that while the government may be using this for “benign” means, there’s no way to guarantee that such a controlled usage is possible.
Apple did assure news media that the move to add a new security measure to USB is a move against hackers, and not exactly an attack to law enforcement. Unfortunately, the move may still inevitably sour the relationship between law enforcement and the tech giant. Some say this is a sign that Apple is putting customer privacy first, and while it’s better for organizations and individuals, this may not be something governments and law enforcement will be too in favor of.
You May Also Like: