Apple released iOS 11.4.1, tvOS 11.4.1, and watchOS 4.3.2 today with minor bug fixes for its iPhones, iPads, HomePods, Apple TVs, and Apple Watches, but there was one surprise in the software: USB Restricted Mode, a feature designed to block iPhone-cracking USB devices used by law enforcement agencies, has finally arrived.
USB Restricted Mode was first noticed by security researchers ElcomSoft back in May during the beta of iOS 11.4, when it was discovered to automatically password-lock an iPhone’s or iPad’s Lightning port after seven days of inactivity. With the lock in place, data cannot be transferred to or from the Lightning port; it can only be used for device charging. As currently implemented, the feature is even more restrictive: When turned on, it will “prevent USB accessories from connecting when your [iPhone/iPad] has been locked for more than an hour.”
iOS 11.4.1 users have the ability to flip the feature on or off under the Touch ID & Passcode or Face ID & Passcode settings menu, under USB Accessories. In addition to appearing in the finished version of iOS 11.4.1, it’s also available in the current beta versions of iOS 12.
Apple’s inclusion of the feature is somewhat controversial, as it patches a security hole in iOS that enabled police and other law enforcement agencies to access the contents of suspected criminals’ devices. While Apple has treated its devices as locked boxes that guarantee its customers’ privacy, investigators and rivals have challenged the company’s understanding of privacy rights, particularly as they pertain to criminal suspects.
Third-party security companies including Grayshift and Cellebrite have developed tools specifically to let police hack suspects’ devices, selling access at relatively steep prices. It’s unclear whether their tools will be updated to circumvent the USB Restricted Mode, or whether other vulnerabilities in iOS will continue to enable device hacking.
Apple has said that it’s “constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves, and intrusions into their personal data.” Though the Restricted Mode has been framed as targeted at stopping police access to devices, Apple says that it has “the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs.”