Skip to content

USB Restricted Mode: why is Apple blocking police hacking tools?

The latest update for iPhone and iPad quietly introduced a security feature which blocks hacking tools like the ones commonly used by the police and the FBI in criminal investigations.

A device called GrayKey is routinely used by several US police departments to access the data on a locked iPhone or iPad. With the release of iOS 11.4.1, however, these tools will be much less effective.

USB Restricted Mode, active by default for all users who update to the latest iOS, disables all connections made through the Lightning port after the device is inactive for an hour. Seeing as GrayKey and similar hacking tools work through a wired connection, this puts a pretty tight time limit on proceedings.

Despite being dubbed a “cop blocker,” Apple is keen to point out that it’s not attempting specifically to thwart the police – rather, it will close any security hole it’s aware of to ensure nobody can get in. Even Apple itself. As CEO Time Cook puts it, “the contents of your phone are none of our business.”

If you leave open a known vulnerability that police investigators can exploit, inevitably people with less noble intentions can hack in using the same techniques. These wired hacking devices are not especially difficult to come by, and Apple is not keen to leave users’ private data vulnerable for anyone.

Of course, Apple has a history of fighting with the FBI over this issue, and looks to be standing firmly by its stance to put customer privacy above all else. It works hard to make the most secure devices possible and refuses to make exceptions, even for law enforcement.