iOS 11.4 to Disable USB Port After 7 Days, Lightning Becomes Charge-only
iOS 11.4 should be released within the next several weeks. With that, Apple could be implementing further security protocols on iOS that prevent devices to be used with a Mac or PC after 7 days of not unlocking the device.
According to security blog Elcomsoft, the latest iOS 11.4 beta includes a new USB Restricted Mode. It notes that this feature was originally introduced in early iOS 11.3 betas, but was later removed in the final release.
"To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via lightning connector to the device while unlocked – or enter your device passcode while connected – at least once a week"
Essentially, what is happening is that if an iOS device does not have a successful unlock within a week, whether via biometrics or passcode, the Lightning port on the device will be restricted to a charging only mode.
This may be in response to companies such as GrayKey essentially cloning iOS device partitions, backing it up, and then restoring it at a later date after the iPhone has exceeded its passcode attempts. This basically locks the device in a way that it cannot be restored or updated via iTunes after the threshold period is met.
The feature will also not honor iTunes pairing records, meaning if you had a computer that was previously trusted with the device, it won’t matter until the owner unlocks the device with the passcode. The report does mention that it is unsure if methods such as GrayKey still work with iOS 11.4.
"Otherwise, the Lightning port will lock down to charge only mode. The iPhone or iPad will still charge, but it will no longer attempt to establish a data connection. Even the “Trust this computer?” prompt will not be displayed once the device is connected to the computer, and any existing lockdown records (iTunes pairing records) will not be honoured until the user unlocks the device with a passcode."
Prior to iOS 11, an iPhone or iPad that was once trusted via iTunes on a computer was still able to create a new local backup. That way, someone could easily do a DFU restore on the device and have essentially unlimited passcode attempts at the device once restored.
However, Apple took this one step further in iOS 11 with expiring lockdown records, meaning after a lockdown record expired, it could no longer communicate with the iOS device in question, requiring a new pairing prompt.
In iOS 11.3, iTunes pairing records expired after 7 days, and now it looks like Apple is wanting to further lockdown its devices in iOS 11.4 by preventing devices to communicate to iTunes at all without the passcode.
- Apple Still Signing iOS 11.3 Beta 5/6, Downgrade to It to Jailbreak Your iPhone How to Jailbreak iOS 11– iOS 11.4.1 Using Electra Jailbreak on iPhone or iPad iOS 11.4 Beta 3 and Below are Compatible with Electra Jailbreak Houdini ‘Semi-Jailbreak’ Tool Demoed on iOS 11.4 Beta Unc0ver Jailbreak for iOS 11 – iOS 11.3.1 (iOS 11.4 beta 3) Released 'GrayKey' iPhone Unlocking Box Used by Law Enforcement Shown Off in Photos iOS 11.4 Gets Jailbroken with Working Cydia Apple is Still Signing iOS 11.4.1 OTA Update Randomly