Apple hardens Lightning port access
With the release of the so-called GrayKey it
seemed as if even the newest iPhones were
prone to being hacked easily. Although there
were some hurdles to take.
The GrayKey was just able to perform key inputs at 1key/4s, which is really slow! Even if the phone was only secured with the obligatory 6digit key, it would take 4 million seconds in the worst case to find the correct PIN. That would mean, an iPhone could be unlocked within 46 days of brute-forcing. The nasty thing was that the “Erase phone after 10 wrong passphrase entries” feature was defeated.
Apple however has now put an end to this and secured the lightning port for USB access even more. So if the phone gets locked and is demanding for either FaceID/TouchID or the passphrase, then even the USB access is locked and the GrayKey will not be able to brute-force the phone anymore.
The USB lock will also kick in automatically if the user has not connected any USB-access-requesting device within 3 days. To unlock the access again, the user must authenticate using biometric unlock or the passkey/passphrase.
Also the lock is triggered when the user is enforced to authenticate. This may happen by even entering the passcode wrong for 3 times or if the biometric authentication fails 3 times.
There will be an 1hr timeslot however if the user connects any Lightning adapter accessoire to the port to prevent the code entry window to appear too frequently. So if a hacker snatches your phone and wants to gain access to it, all he has to do to repeatedly connect a Lightning accessoire to the port within the given timeslot.
MAybe Apple will also employ an Emergency lock feature allowing the user to instantly block all access to the lightning port once the user has activated the Emergency mode from another device, say an Apple Watch or another iDevice using the “Find my iPhone” feature.
Leave a comment