iOS 11.4 Disables Lightning Connector After 7 Days, Limiting Law Enforcement Access (macrumors.com)

← Back to Stories (view on slashdot.org)

iOS 11.4 Disables Lightning Connector After 7 Days, Limiting Law Enforcement Access (macrumors.com)

Posted by BeauHD on Tuesday May 8, 2018 @07:36AM from the lock-and-loaded dept.

hyperclocker shares a report from Mac Rumors: The iOS 11.4 update, currently being beta tested, includes a USB Restricted Mode that introduces a week-long expiration date on access to the Lightning port on your iOS devices if your phone hasn't been unlocked, which has implications for law enforcement tools like the GrayKey box. USB Restricted Mode was outlined this morning by Elcomsoft after testing confirmed that the feature has indeed been enabled. In Elcomsoft's experience, after an iPhone or iPad has been updated to iOS 11.4, if it hasn't been unlocked or connected to a paired computer in the last 7 days using a passcode, the Lightning port is useless for data access and limited to charging.

"At this point, it is still unclear whether the USB port is blocked if the device has not been unlocked with a passcode for 7 consecutive days; if the device has not been unlocked at all (password or biometrics); or if the device has not been unlocked or connected to a trusted USB device or computer," reports Elcomsoft. "In our test, we were able to confirm the USB lock after the device has been left idle for 7 days. During this period, we have not tried to unlock the device with Touch ID or connect it to a paired USB device. What we do know, however, is that after the 7 days the Lightning port is only good for charging."

31 of 268 comments (clear)

Min score:

Reason:

Sort:

As long as I can disable it... by jawtheshark · 2018-05-08 07:40 · Score: 5, Interesting

As long as I can disable it...
Just like I disabled TouchID and the passcode. I just want easy access.

--
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
1. Re: As long as I can disable it... by echnaton192 · 2018-05-08 07:59 · Score: 2
  
  Please hand over your nerd membership card. It has been invalidated by an nothing-to-hide post, Thanks.
2. Re:As long as I can disable it... by arth1 · 2018-05-08 08:20 · Score: 5, Insightful
  
  As long as I can disable it...
  Just like I disabled TouchID and the passcode. I just want easy access.
  I want the opposite - I want to be able to configure those 7 days down to six hours. Or however long I want.
  So yes, this should be a user decision, not a hardcoded value pulled out of some Apple guy's derriere.
3. Re: As long as I can disable it... by jawtheshark · 2018-05-08 08:23 · Score: 4, Insightful
  
  You misunderstand. It's not a "nothing to hide" argument. If you have stuff to hide, don't put it on your phone. I just really like convenience .
  
  --
  Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
4. Re:As long as I can disable it... by jawtheshark · 2018-05-08 08:24 · Score: 2
  
  I fully agree: let everyone set their level of paranoia. :-)
  
  --
  Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
5. Re:As long as I can disable it... by jwhyche · 2018-05-08 08:36 · Score: 5, Insightful
  
  There isn't all that much interesting stuff on my phone
  It isn't what you think that is interesting, it is what law enforcement might find interesting. Something that you find innocent can be twisted any kind of way by some creative DA.
  Then there is the issue of un-creative DA or cop that goes straight from fishing for evidence to just simply putting it on your phone. So, if you are arrested and it goes before a judge where the DA says they found naked preteen porn on your phone. Preteen porn that he put there, who is the judge going to believe?
  Think of the lock on your phone like the lock on your door. It won't keep the cops from coming in if they want too. But it will make them go through the proper channels to do so. Those channels are might be the only thing that saves you from becoming another victim of a bad system.
  Don't make their jobs easy for them. That makes them sloppy. Make them work for it.. Make them do their jobs.
  
  --
  I read at +2. If your post doesn't reach that level I will not see or respond to it.
6. Re:As long as I can disable it... by eth1 · 2018-05-08 11:52 · Score: 2
  
  As long as I can disable it...
  Just like I disabled TouchID and the passcode. I just want easy access.
  I want the opposite - I want to be able to configure those 7 days down to six hours. Or however long I want.
  So yes, this should be a user decision, not a hardcoded value pulled out of some Apple guy's derriere.
  How about zero seconds... If I plug my Android phone into my PC, it won't connect via USB if it's locked, only charge. Doesn't matter if I was on it and hit the lock button two seconds earlier.
Good job Apple! by Murdoch5 · 2018-05-08 07:41 · Score: 2, Insightful

The harder it is for law enforcement to access an electronic device, the better our privacy and personal security. Well it sucks for law enforcement to be restricted from accessing the phones of criminals, that's a sacrifice we MUST allow, for all of us to have basic privacy and security.
1. Re:Good job Apple! by Train0987 · 2018-05-08 07:46 · Score: 2
  
  If it were simple for law enforcement to access the phones of criminals then they wouldn't use them for criminal purposes and only the privacy of average citizens would be compromised.
2. Re:Good job Apple! by E-Rock · 2018-05-08 07:59 · Score: 4, Interesting
  
  Wrong. US Customs was/is asking to view and download data from travelers' devices.
  http://www.cbc.ca/news/technology/usa-border-phones-search-1.4494371
  Blanket sweep, no warrant, no stated purpose, no rules on what was done with your data.
3. Re:Good job Apple! by rogoshen1 · 2018-05-08 08:04 · Score: 5, Insightful
  
  if it were simple for law enforcement to access the phones of citizens (criminals and innocents alike), they wouldn't just use those capabilities for investigations into criminal matters. It would be a gigantic fishing expedition. Bear in mind the FBI is enthusiastically pushing for back-doors in encryption; it's such a blatant tell as to what their and other LEO groups end game would be. I'm being somewhat sarcastic with this but:
  *red and blue lights in your rearview mirror*
  *police office saunters over, and you roll your window down*
  The officer speaks: "license, registration, and cell phone please"
  Basically to LEO's everyone is a potential suspect. They view due process, privacy rights, the 5th amendment etc as obstacles to doing their job; catching bad guys. But these obstacles are there specifically to keep police honest.
  Sure, removing these obstacles might net a few more criminals locked up, crimes solved etc -- but it comes at the cost of increasingly aggressive police behavior, and erosion of civil liberties.
  Once government on any level gets power, it never, ever voluntarily relinquishes it.
4. Re:Good job Apple! by Registered+Coward+v2 · 2018-05-08 09:22 · Score: 2
  
  Basically to LEO's everyone is a potential suspect. They view due process, privacy rights, the 5th amendment etc as obstacles to doing their job; catching bad guys. But these obstacles are there specifically to keep police honest..
  I've worked with a number of LEOs, including senior people, and their view of due process, search limits, etc, were positive. They want to arrest bad guys but as one put it "those same protections protect me as a private citizen a well and I don't want them to be trampled in the search for a bad guy."
  
  --
  I'm a consultant - I convert gibberish into cash-flow.
Re: Too bad... by Anonymous Coward · 2018-05-08 07:45 · Score: 3, Interesting

Agreed. I only ever use the port for charging. Iâ(TM)d like it to be always locked.
Re:DO NOT WANT by ArchieBunker · 2018-05-08 07:46 · Score: 3, Informative

It only disables data on the lightning port. You are still free to unlock via the passcode or other means.

--
Only the State obtains its revenue by coercion. - Murray Rothbard
Re:DO NOT WANT by CanHasDIY · 2018-05-08 07:46 · Score: 4, Informative

"Older iOS devices" probably won't get this feature since many of them aren't compatible with iOS 11.4, and it sounds like the feature automatically turns off when you start using the device again.

I'd rather personally give my PIN to any law enforcement officer who cared to ask for it than have this feature implemented.
I think the issue is more in regards to when they don't ask.

--
An enigma, wrapped in a riddle, shrouded in bacon and cheese
Re:Too bad... by Joce640k · 2018-05-08 07:47 · Score: 3, Interesting

Yep, a week is much too long.
Why would you even need data access when it's locked anyway? How hard is it to unlock it when you need that?

--
No sig today...
Re:DO NOT WANT by Nkwe · 2018-05-08 07:47 · Score: 5, Interesting

I have older iOS devices that I sometimes go weeks at a time leaving them untouched on the shelf but I pick them up to play with once in a while. Heck, I go on vacations greater than week a couple of times a year and since I don't want to bother with roaming, I leave my primary phone at home. I certainly don't want my USB to permanently lock out the first time I don't touch my phone for a week. I'd rather personally give my PIN to any law enforcement officer who cared to ask for it than have this feature implemented.
Why does this feature bother you? It doesn't brick the phone, it just disables USB data until you unlock the phone, once unlocked everything is back to normal. My only issue with the feature is that the lockout should be more like 7 minutes instead of 7 days.
Re:DO NOT WANT by Dan+East · 2018-05-08 07:48 · Score: 2

I certainly don't want my USB to permanently lock out the first time I don't touch my phone for a week.
By "permanently" I assume you mean "until I unlock my phone", and not really "permanently".

--
Better known as 318230.
First words out by jwhyche · 2018-05-08 07:50 · Score: 5, Insightful

I'm just going to put this here because I know where this topics going go.
First words out of your mouth when talking to law enforcement are as follows, "I want my lawyer."
Then you shut the fuck up till he gets there.

--
I read at +2. If your post doesn't reach that level I will not see or respond to it.
1. Re:First words out by DarkOx · 2018-05-08 08:23 · Score: 3, Informative
  
  First words out of your mouth when talking to law enforcement are as follows, "I want my lawyer."
  Then you shut the fuck up till he gets there.
  There is ONE exception; if you have just killed someone than its "I was afraid for my life" which keep repeating as if you have no understanding of what is going for 20min or so than switch to "I want my lawyer" and promptly shut up.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
2. Re:First words out by jwhyche · 2018-05-08 09:58 · Score: 4, Informative
  
  Depends on how much your time is worth to you. Under my original post I pictured that you are already chained to a desk in a gray room waiting for a detective to grace you with his time. If that is the case it is safe to assume your ass is under arrest and anything else you have to do is going to be of less importance.
  Always assume that if you are talking to a detective that you are the subject of a criminal investigation. If you are confronted by ether a detective or clothed officer on the street wanting to ask you questions, state that you do not want to be involved. Then seek to remove yourself from the encounter. Do not ever lie to law enforcement or flee from a scene. Just state you do not wish to discuss things with out your lawyer. Then asked "Am I free to go?"
  If you are asked to come down to the station by law enforcement for some later "questions." State that you have nothing to say, and that you would rather not go. If you are compelled, ether involuntary or voluntary, consult a lawyer and have him with you during the questioning.
  If you find yourself in a interrogation room and not chained to a desk first thing to do is determine if you are being detained. Once the detective enters the room, first thing you ask is "Am I under arrest?" If you are not under arrest then you ask "Am I free to leave?"
  If they say you are under arrest or that you are not free to leave, then ask for your lawyer and shut the fuck up. If they say you are free to leave, get up and walk out. Do not shake hands, do not say good bye. Leave. Important take everything with you that you came in with and do not take anything offered. No food or water, nothing.
  Always keep asking "am I under arrest" and "am I free to go" till you get an answer.
  
  --
  I read at +2. If your post doesn't reach that level I will not see or respond to it.
3. Re:First words out by jwhyche · 2018-05-09 10:24 · Score: 2
  
  One small point: Above you wrote "clothed officer". I think you meant "uniformed officer" there
  hehe. Yeah that is what I meant. I caught that after I posted it. My first image was that of a naked meter maid wearing nothing but cop hat wrestling me to the ground.
  "Hello Penthouse. You are not going to believe this one....."
  
  --
  I read at +2. If your post doesn't reach that level I will not see or respond to it.
Re:Too bad... by ctilsie242 · 2018-05-08 07:52 · Score: 2

I use the port for charging only myself. It would be nice if iOS had a feature similar to Android that allows the device to choose what it presents itself as. For example, my current Android phone can present itself as an ADB device, MTP device, USB volume, or nothing at all, only allowing charging through the port.
I wouldn't mind a 1-2 hour timeout myself.
Re:Implications for ALL attackers by jellomizer · 2018-05-08 07:58 · Score: 5, Insightful

There isn't a key that only the Good guys can use, that the bad guys cannot obtain.
While I respect our law enforcement workers. And I understand their request for such a key. It is an issue that we cannot allow their job to be as easy as they want. Because I value my personal rights, and I don't want the bad guys being able to get in too.

--
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Comment removed by account_deleted · 2018-05-08 07:59 · Score: 4, Insightful

Comment removed based on user account deletion
You answered your question by raymorris · 2018-05-08 08:03 · Score: 2

> If a company was known for renting vehicles explicitly for getaway cars, they would be shut down.
You pretty much answered your own question there.
Renting out cars is fine. Tailoring a service as getaway cars, and advertising getaway cars for criminals, would be unlawful.
> Many companies (Napster, AudioGalaxy) were shut down for helping with IP infringement.
And in those cases evidence was introduced, such as internal emails, showing that company executives were actively trying to get more infringing content added, such as paying people to add infringing content.
Re:DO NOT WANT by CrimsonAvenger · 2018-05-08 08:21 · Score: 2

My only issue with the feature is that the lockout should be more like 7 minutes instead of 7 days.
No, it should be user-specified. There's not a terribly good reason why you shouldn't be able to set 7 minutes, he sets 7 days, and I set 7 hours....

--

"I do not agree with what you say, but I will defend to the death your right to say it"
Re:Implications for ALL attackers by jellomizer · 2018-05-08 08:22 · Score: 2

I don't like the guy either, but you will need to find way to put some peace back to your life. Being angry and vindictive about this guy isn't helping. In under 6 Months, go out and vote your consciousness. While you may not be able to vote him out of office, you can vote for people who will stop his agenda.

--
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Re:Implications for ALL attackers by ShanghaiBill · 2018-05-08 09:17 · Score: 3, Insightful

Simple rule of thumb: Conservatives generally support law enforcement at the local level, but are often opposed to federal law enforcement agencies, such as the ATF, SEC, FTC, EEOC, etc. For liberals, it is the other way around.
Exceptions to this rule: DEA, ICE.
Re:Implications for ALL attackers by bobbied · 2018-05-08 09:41 · Score: 2

Muller doesn't have a wide open scope to investigate anything he wants there are limits. He's got to stick to the admittedly vaguely defined set of things or he's outside his authority. Manafort's alleged crimes happened in 2005, well before any election efforts by Trump and Muller was pointed at the Trump campaign and transition to investigate any possible Russian involvement/coordination in the 2016 campaign. You've got to admit this is a stretch to go back to 2005, a full decade before the campaign and charge somebody for something that has nothing to do with the campaign or involves Russians....
But... You obviously are surprised here and haven't though this through. The judge may dismiss, but all Muller has to do is change venues by convening another Grand Jury in another jurisdiction and charge again... Assuming the statute of limitations hasn't run out. Of course Manafort will have the same argument, but Muller is free to venue shop and get this to trial if he wants.

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Re:Implications for ALL attackers by Prien715 · 2018-05-08 11:39 · Score: 3, Informative

What are you talking about?
Conservatives love law enforcement at every level. They make up the bulk of the FBI/CIA (neither has ever had a Democrat lead it),. Sure, there's libertarians who aren't a fan of law enforcement, but that's because they're liberal (it's right in the name) on issues of personal rights.
From blackmailing MLK to kill himself to overthrowing popularly elected (leftist) governments in other countries, liberals are generally not fans of law enforcement (or the military) at any level.

--
-- Political fascism requires a Fuhrer.