Matthew Hickey, a security researcher and co-founder of cybersecurity firm Hacker House, recently discovered a way to bypass some of Apple’s security measures meant to keep malicious actors out of devices. The attack works even on devices running the most recent version of iOS.
Since iOS 8 rolled out in 2014, all iPhones and iPads have come with device encryption. Often protected by a four- or six-digit passcode, a hardware and software combination has made it nearly impossible to break into an iPhone or iPad without cooperation from the device owner.
"An attacker just needs a turned on, locked phone and a Lightning cable," Hickey toldZDNet.
Normally, iPhones and iPads are limited in how many times a passcode can be entered each minute. Newer Apple devices contain a "secure enclave," a part of the hardware that can't be modified, which protects the device from brute-force attacks, like entering as many passcodes as possible. The secure enclave keeps count of how many incorrect passcode attempts have been entered and gets slower at responding with each failed attempt.
With USB Restricted Mode, enabled by default on iOS devices running iOS 12, USB access to an iPhone or iPad is cut off if it's been more than an hour since the device was last unlocked.
That means computers and other accessories can't be used to access a locked iPhone if it's been locked for over an hour, disabling access via a USB to Lightning cable.