Uh Oh! Cops Might Be Ahead of Apple Over iPhone Security – Workaround “Possibly” Found to Bypass Upcoming USB Restricted Mode
Only yesterday Apple confirmed introducing a new USB Restricted Mode with an upcoming release of iOS to stop mainstreaming of iPhone unlocking devices sold by the likes of GrayShift and Cellebrite. While many hoped this will put an end to the game-changing GrayKey iPhone unlocking device that enables governments - and criminals - to get an iPhone unlocked for as little as $100, it appears that happiness was shortlived.
Apple said that the USB Restricted Mode will allow iOS users to limit access to a locked iPhone through its Lightning port. With USB Restricted Mode enabled, users can have their iPhone’s Lightning port locked one hour after they lock their phones. When enabled, this port can only be used for charging (or audio if it was already being used for that purpose) after that one hour period and nothing else.
While this was expected to end the mainstreaming of these cheap iPhone unlocking products, GrayShift appears to suggest that it won't affect the company - which could very well be a bluff.
GrayKey iPhone unlocking box appears to already have a "fix" for "USB Restricted Mode"
GrayKey is a small box with lighting cables to connect two iPhones at the same time. While it isn't exactly clear how it breaks into iPhones, the process appears to take little time and cost nearly nothing when compared to the FBI paying over a million of dollars for breaking into an old, comparatively unsecure iPhone. Apple's announced introduction of the USB Restricted Mode is expected to severely impact GrayKey.
However, its makers claim otherwise.
"Grayshift has gone to great lengths to future proof their technology and stated that they have already defeated this security feature in the beta build," the company claimed in an email exchange with a forensic expert seen by Motherboard.
"Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on."
With so much focus on the company, which is potentially getting new clients left and right, it wouldn't be surprising if this is nothing but a marketing strategy to calm down GrayShift's existing clients while continuing to get new ones.
The same report suggests that are some clients who are actually worried about this increasing media hype. “Some vendors are frustrated with GrayKey,” one researcher familiar with the forensics community told the publication. "They feel the media hype brought too much attention to the attack vector."
This is true because Apple probably wouldn't have thought about taking the drastic step of restricting the USB access if there wasn't so much discussion on the GrayKey box in the media, especially through Motherboard reports. While this hype is certainly translating in Apple looking into ways to stop its products from being unlocked for dirt cheap, it could also be getting GrayKey some new clients, not to forget an increased interest from the criminal community.