Apple iOS 12 USB Restricted Mode to foil thieves, law enforcement

A rumored security feature, USB Restricted Mode, is making its premiere in Apple's iOS 12 and will protect users from brute-force passcode attacks by thieves and law enforcement alike. A security feature that had popped up in beta versions of Apple's iOS software appears to be coming in earnest as part of iOS 12, and it will protect devices against anyone trying to unlock them via USB. USB Restricted Mode is described in the iOS 12 settings as the option to enable or deny the ability to "unlock [an] iPhone to allow USB accessories to connect when it has been more than an hour since your iPhone was locked." In practice, this means a device will require a passcode unlock in order to connect any Lightning-to-USB accessory after the one-hour time limit has passed. Apple didn't mention USB Restricted Mode during the keynote at its Worldwide Developers Conference on Monday, but developers saw it in the iOS 12 preview, which was released that same day. The setting is on by default and covers any type of security on an iOS device -- Touch ID, Face ID and passcode. Experts noted USB Restricted Mode will protect users' data if a device is stolen, but it will also deny law enforcement from using unlocking services from companies like GrayKey and Cellebrite -- the latter of which was rumored to have helped the FBI unlock the San Bernardino, Calif., shooter's iPhone. Earlier tests of USB Restricted Mode had allowed for a one-week time limit, spurring GrayKey to reportedly alert customers of this feature when it surfaced in the iOS 11.3 beta, according to internal email messages obtained by Motherboard. A one-hour time limit could effectively make it impossible for customers to get the device to a company like GrayKey in time to gain brute-force access.