Apple USB Restricted Mode feature will make hard for law enforcement to crack devices

Pierluigi Paganini June 18, 2018

Apple introduced a new feature in the latest beta versions of iOS, dubbed USB Restricted Mode, to improve the security of a locked device,

Apple is implementing a new feature dubbed USB Restricted Mode to improve the security of its device, it is going to lock down the iPhone’s data port to avoid unauthorized access, but experts observed that in this way password-cracking tools used by forensics experts will be no more effective.

The USB Restricted Mode was implemented in the latest beta versions of the iOS operating system, it disables the data connection of the iPhone’s Lightning port after a specific interval of time but it doesn’t interrupt the charging process.

Any other data transfer would require the user providing the passcode.

Initially, the USB Restricted Mode required a passcode after 7 days.

“The USB Restricted Mode was implemented in the latest beta versions of the iOS operating system, it disables the data connection of the iPhone’s Lightning port after a specific interval of time but it doesn’t interrupt the charging process.” reads a blog post published by ElcomSoft.

Last week Apple provided an update on the new feature confirming that it will require a passcode every hour for the data transfers to continue.

“Apple said it was planning an iPhone software update that would effectively disable the phone’s charging and data port — the opening where users plug in headphones, power cables and adapters — an hour after the phone is locked.” reported the New York Times.

“While a phone can still be charged, a person would first need to enter the phone’s password to transfer data to or from the device using the port.”

The new feature will have a significant impact on forensics investigation conducted using cracking tools such as Cellebrite and Grayshift’s Graykey.

Bruteforcing attacks against the six-digit passcode that protect Apple devices may be a time-consuming operation, it can take up to 22 hours to crack the device.

The USB restricted mode that is enabled by default in the iOS 11.4.1 and iOS 12 betas will interfere with forensics tools.

Anyway, the new feature can be manually disabled.

Experts highlighted that the new feature will also impact the vendors of iPhone peripherals.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Apple, USB restricted mode)

[adrotate banner=”5″]

[adrotate banner=”13″]

Apple forensics tool Hacking iphone cracking Pierluigi Paganini Security Affairs USB restricted mode

Pierluigi Paganini August 21, 2025

Apple addressed the seventh actively exploited zero-day

Pierluigi Paganini August 21, 2025