Wednesday, 14 November 2018
Latest news
Main » IOS 11.4.1's New Passcode Cracking Prevention Feature Can Be Bypassed: ElcomSoft

IOS 11.4.1's New Passcode Cracking Prevention Feature Can Be Bypassed: ElcomSoft

11 July 2018

Less than a day after Apple officially added an iPhone and iPad hack-preventing USB Restricted Mode to iOS, security researchers at ElcomSoft have detailed a simple workaround that can be used by law enforcement personnel to mitigate the feature. That's what Oleg Afonin, a researcher at cybersecurity firm ElcomSoft, looked to take advantage of.

We performed several tests, and can now confirm that USB Restricted Mode is maintained through reboots, and persists software restores via Recovery mode. However, the company found a flaw in Apple's new implementation of the USB Restricted Mode.

USB Restricted Mode can be found in Settings Face ID (or Touch ID) & Passcode USB Accessories.

Ky. Judge Not On Top 3 List For Supreme Court Position
Kavanaugh and Kethledge are both former clerks for Kennedy, while Coney Barret is a University of Notre Dame Law School professor. The source told Reuters that Amy Coney Barrett of IN , a Trump-appointed judge on the Chicago-based 7th U.S.

"Once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour", he said.

For more information on the USB Restricted Mode and how to toggle it on or off, Apple has a guide here.

However, if you aren't actually happy with the release, and you want to go back to an earlier version of iOS, then be aware that Apple is now only signing iOS 11.4, which means that you will only be able to downgrade to iOS 11.4. "Prior to iOS 11.4.1, isolating the iPhone inside a Faraday bag and connecting it to a battery pack would be enough to safely transport it to the lab", Afonin concludes.

Pompeo lauds progress in DPRK visit, but Pyongyang says talks regrettable
According to the Pentagon, North Korean officials have indicated in the past that they have the remains of as many as 200 US troops.

Apple's bug fix updates for iOS, macOS, watchOS, and tvOS have been in beta since the last minor updates were released in May. These bypass the usual restrictions on entering passcodes by attacking through the Lightning port. However, this doesn't mean that the USB connectivity with an Apple device is entirely safe. As a result, the Lightning port can be kept accessible for an hour past the point of initial seizure by plugging in a Lightning accessory. The issue occurs regardless of if users have recently replaced their device's battery - some iPhone owners were told that they should get their battery replaced even after recently getting a replacement. Users can also manually enable USB Restricted Mode by triggering the SOS mode-holding an iPhone's sleep/wake button and either volume button.

Afonin notes that the apparent loophole is "probably nothing more than an oversight", but it's a pretty important oversight given the amount of noise Apple was making about the new security feature in the first place. We'll just have to wait and see.

China will counterattack United States tariffs
The two countries are now holding about $15 billion to $16 billion in goods in reserve for a second round of tariffs. Trump this month said he doubted he could achieve a deal he likes until after the US midterm elections in November.

IOS 11.4.1's New Passcode Cracking Prevention Feature Can Be Bypassed: ElcomSoft