Apple's new USB security feature has a major flaw

[Arika]

7 hours ago, Blade of Grass said:

 

No. They really shouldn’t. Doing so just creates a larger attack surface for attackers to try and exploit. There is not such thing as a “secure back door”. 

 

17 hours ago, Arika S said:

I'm not suggesting a not a backdoor. I'm saying that there needs to be something in place that law enforcement can contact Apple, raise their case as to why they need immediate access without having to wait for a warrant, as depending on the circumstances a warrant may be too late. It will be up to Apple to make the decision as to whether or not it's a legitimate excuse. and if they unlock it, it's only available for x amount of time to find what they need to, after that it's locked again and will not be unlocked again without a warrant.

 

[Blade of Grass]

5 hours ago, Arika S said:

 

 

You've suggested Apple create a method to subvert the security measures of the device, this is a de facto backdoor.

[Arika]

27 minutes ago, Blade of Grass said:

You've suggested Apple create a method to subvert the security measures of the device, this is a de facto backdoor.

Apple don't have to create anything, it already exists. Currently the only "correct" way police can access a phone is to obtain a warrant and present it to Apple to get them to unlock the phone, or you you believe that once a phone is locked that absolutely no one is able to unlock it?

[Blade of Grass]

14 hours ago, Arika S said:

Apple don't have to create anything, it already exists. Currently the only "correct" way police can access a phone is to obtain a warrant and present it to Apple to get them to unlock the phone, or you you believe that once a phone is locked that absolutely no one is able to unlock it?

No, police cannot gain access to a locked iPhone by presenting Apple with a warrant. There is no “official” way to do it beside exploiting vulnerabilities in the software/hardware. Read up on the San Bernardino case to see this exact thing in action.

Quote

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

https://www.apple.com/customer-letter/

 

I would honestly just suggest reading Apple’s public letter about this exact topic. The only thing Apple can provide them access to is some iCloud things, but my understanding is that even most of the data on iCloud is encrypted and not accessible even by Apple. 

[AnonymousGuy]

 

16 hours ago, Arika S said:

Apple don't have to create anything, it already exists. Currently the only "correct" way police can access a phone is to obtain a warrant and present it to Apple to get them to unlock the phone, or you you believe that once a phone is locked that absolutely no one is able to unlock it?

Yes, unless there's a security hole somewhere Apple uses blind encryption, meaning there are no backdoors or recovery keys to get into a locked iPhone.   The only current known attack vector is to brute force the PIN via the lightning port and as this thread describes, that ability went away in iOS 11.4 and moreso in iOS 12. 

 

Supposedly even if you tried attacking the hardware you wouldn't get very far.  Apple claims they don't record what cryptographic keys are burned into the silicon.

[BlueChinchillaEatingDorito]

On ‎2018‎-‎07‎-‎10 at 8:08 AM, Shorty88jr said:

Apple needs to drop the security illusion they are selling before it ruins them.

I guess so should the TSA because they can't detect anything. 

[Fasterthannothing]

1 hour ago, BlueChinchillaEatingDorito said:

I guess so should the TSA because they can't detect anything. 

How does that even compare security like the TSA is supposed to be a deterrent first with some defense to back it up if something does go wrong while cyber security is supposed to be a defense first and foremost. 

[Thaldor]

On 7/12/2018 at 6:13 AM, Arika S said:

I'm not suggesting a not a backdoor. I'm saying that there needs to be something in place that law enforcement can contact Apple, raise their case as to why they need immediate access without having to wait for a warrant, as depending on the circumstances a warrant may be too late. It will be up to Apple to make the decision as to whether or not it's a legitimate excuse. and if they unlock it, it's only available for x amount of time to find what they need to, after that it's locked again and will not be unlocked again without a warrant.

Basicly it would be a backdoor.

 

Even if the police would need to contact Apple for unlocking the iPhone, Apple would need to have access to that iPhone no matter what security features are used and that would be a backdoor. And as with any backdoor, sooner or later someone outside will know about and tell to someone and at some point someone who can break through that backdoor will hear about and every single iPhone is at risk. Even if it's something extremely over engineered or requires something extreme measures (like SHA-256 key or similar "unbreakable"), when someone wants it bad enoughthey can get it. Also this kind of backdoor could open other ways to bypass the security, just like in normal locks, if more than one key and its copies can open it, it's easier to pick it open.

 

This "bypass" of USB restricted mode sounds very much like Apples softening for law enforcement, they know that law enforcement will try to brute force their way to iPhones through the lightning trick and while USB restricted mode could easily make it impossible, they have left specific steps through which it can be bypassed and used the old good brute force. Too bad that now probably every black hat and criminal who needs to unlock some specific iPhones knows it too.

[DrMacintosh]

iOS 12 beta 4 now disables the USB port immediately upon locking the phone. No more countdown timer, effectively making this flaw no longer an issue. 

[Arika]

4 minutes ago, DrMacintosh said:

iOS 12 beta 4 now disabled the USB port immediately upon locking the phone. 

iOS 13 Beta 1 will wipe all data off your phone and format it each time it's locked.

 

can't steal data if there is no data