Hackers and cops hate Apple’s iOS 11.4.1 update


iPhone hacking is more difficulty with iOS 11.4.1
iPhone hacking is more difficulty if a new "USB Accessories" setting in iOS 11.4.1 is left off.
Photo: Apple/Cult of Mac

The iOS version debuting today partially deactivates the Lightning port after an iPhone hasn’t been used for an hour. This makes iPhone hacking more difficult, for both criminals and law enforcement.

Previously, this feature was available in iOS betas. iOS 11.4.1 is the first time it’s been in a public version.

The goal of this change is to protect the user’s privacy, but deactivating the lightning port after an hour of non-use might inconvenience some users. “If you don’t first unlock your password-protected iOS device—or you haven’t unlocked and connected it to a USB accessory within the past hour—your iOS device won’t communicate with the accessory or computer, and in some cases, it might not charge. You might also see an alert asking you to unlock your device to use accessories,” warns Apple.

This change isn’t supposed to affect charging the device through the Lightning port. Apple’s warning that this happens “in some cases” shows that all the bugs aren’t ironed out.

If an accessory is left connected, the Lightning port won’t be deactivated after an hour.

Turning off USB Restricted Mode

Anyone who runs into problems with their Lightning accessories can turn off this new feature.  Go to Settings, then choose Face ID & Passcode. Typing in your passcode is required to access this sub-section. Once that’s been done, scroll down until you see a slider labeled USB Accessories.

It’s necessary to activate this slider in order to allow Lightning accessories to access the iPhone or iPad at any time. It’s off by default, so the Lightning port will deactivate after an hour of non-use

Just be aware that by activating this setting, you leave yourself a little more vulnerable to iPhone hacking.

iPhone hacking 101

To understand why Apple is partially disabling the Lightning port after an hour, it’s necessary to know how hackers surreptitiously access iOS devices.

The simplest method of unlocking someone else’s iPhone involves guessing multiple passcodes until the correct one is reached. To prevent this, Apple allows its iOS devices to restrict the number of passcodes that can be entered. The phone can automatically erase itself if too many are entered.

Passcode unlockers are attached to the Lightning port and circumvent that restriction. They quickly enter thousands of passcodes through this port. The change made today in iOS 11.4.1 turns off the Lightning port an hour after the last correct passcode was entered, rendering this type of unlocking tool almost useless.

At least in theory. Police across the country purchased a tool called GrayKey, an iPhone unlocker used on devices involved in crimes. Grayshift, the maker of GrayKey, says it has found a way to keep the Lightning port active after an hour.


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.