USB Restricted Mode Can Block iOS Device Charging

posted in: September 2018 | 0
An iPhone plugged into a USB battery pack.Photo by Steve Johnson

22 comments

USB Restricted Mode Can Block iOS Device Charging

Since the release of iOS 11.4.1, some readers have complained that their iOS devices aren’t charging, or are charging only after being unlocked. There’s a simple explanation: the new USB Restricted Mode, a security feature introduced in iOS 11.4.1 (see “Apple Releases macOS 10.13.6, iOS 11.4.1, tvOS 11.4.1, and watchOS 4.3.2,” 9 July 2018).

If USB Restricted Mode is bothering you, you can disable it by turning on USB Accessories in Settings > Touch/Face ID & Passcode. Before you do that, let’s look at what USB Restricted Mode does and why Apple added it to iOS.

Apple and the FBI

Longtime TidBITS readers know that Apple and law enforcement agencies have long been at loggerheads. Usually, I’d link to one of our old articles here, but many are relevant, including:

As far as law enforcement is concerned, Apple’s iOS device encryption is too good because only authorized users can access data on a device that’s properly secured. So the FBI and other law enforcement agencies tried to compel Apple to install a backdoor that they insist would only be used by them and not by criminals. Apple refused, and because of that, some government figures even have accused Apple of aiding and abetting terrorists.

The problem is that if Apple were to put in a backdoor, foreign governments and savvy criminals would eventually find it. It’s the digital equivalent of hiding a house key under a rock in your walkway—it’s not in plain sight, but a dedicated criminal who knows the key has been hidden somewhere will eventually unearth it. Now imagine that same key could unlock every house in the country. That’s how big a problem creating a backdoor would be for Apple.

In fact, this scenario has already happened. The WannaCry ransomware that infected hundreds of thousands of computers was made possible by backdoors stolen from the National Security Agency, the very agency in charge of America’s electronic security—see “WannaCry Ransomware Vindicates Apple’s Battle with the FBI” (16 May 2017). To make matters worse, law enforcement has made it clear that it’s unable or uninterested in dealing with malware threats—see “The FBI Isn’t Much Help with Ransomware” (5 November 2015).

Apple’s lack of cooperation didn’t stop the FBI. What finally ended that standoff was the Israeli firm Cellebrite, which found a way to crack iPhone encryption at the cost of $5000 per device. In 2017, a new player entered the iPhone-cracking game, Atlanta-based Grayshift, which sells a product called the GrayKey to law enforcement. It’s a physical box that can extract information from a connected iPhone in a matter of hours or days. The box costs between $15,000 and $30,000, making it a pretty good deal compared to Cellebrite.

Consider what this means from Apple’s perspective: the invention of GrayKey meant that there was a big security hole in every iOS devices—an actual hole in this case— the Lighting port. Hence USB Restricted Mode.

What USB Restricted Mode Does

Put simply, USB Restricted Mode makes it so that a computer—or a GrayKey-like device—cannot access data from your iOS device unless you have unlocked it within the last 60 minutes. The timeout means that most of the time, you shouldn’t have to unlock your device explicitly before connecting it to your Mac or a USB accessory.

In theory, the way USB Restricted Mode locks down access shouldn’t prevent charging, but in reality, it can, particularly when used with third-party cables. Apple acknowledges this problem.

Will USB Restricted Mode Be Effective?

There’s another problem with USB Restricted Mode: attackers can easily circumvent it if they capture the device before the 60-minute timer has expired. Security firm ElcomSoft discovered that plugging Apple’s Lightning to USB 3 Camera Adapter into a device’s Lightning port disables the timer. Unfortunately, the nature of the Lighting port makes a software fix unlikely. ElcomSoft explains:

While we cannot know for sure, the issue appears to lie in Apple’s Lightning communication protocol. If the iPhone talks to a computer, the two devices must establish trust by exchanging unique cryptographic keys. This, however, does not apply to the majority of existing Lightning accessories. Existing accessories share public keys for trust; many of them are simply not designed to exchange cryptographic keys the way computers do. As a result, before USB Restricted Mode kicks in, an iPhone can check if the accessory is MFi certified–but that is pretty much it. It appears that there are no key pairs to be exchanged, and this is probably by design.

So, what should you do, now that USB Restricted Mode is a fact of life in iOS?

Disable USB Restricted Mode… Or Not

If USB Restricted Mode isn’t causing you any trouble, leave it on. Although it doesn’t offer complete protection against an alert attacker who can get access to your device quickly, it’s not worthless. Once your device has been locked for more than 60 minutes, nothing we know of can crack it.

If unlock alerts are nagging you, or if your device fails to charge because you didn’t unlock it, the easiest solution is to turn USB Restricted Mode off. Just go into Settings > Touch/Face ID & Passcode and enable USB Accessories.

Finally, for those who have an iPhone 8, iPhone 8 Plus, or iPhone X, you can work around issues with USB Restricted Mode by getting a Qi wireless charger. Check “13 Qi Wireless Chargers for the iPhone Reviewed” (22 February 2018) for some recommendations. They bypass the Lightning issues entirely and offer a number of other advantages.