iOS 11.4 Disables Lightning Connector After 7 Days, Limiting Law Enforcement Access

[Breaking Good]

An unintended downside: imagine you have a close friend or family member pass away. You/their family want to access their devices afterwards for photos, remembrance, information about their final days, etc. Absent the biometric and passcode (which I am assuming you don't have) you will need the cord access to get in. With a billion devices out there, I am thinking this will happen more frequently than the law enforcement access it is intended to prevent.

And to anyone who wonders why this would even be necessary, I submit you have not suddenly lost a loved one. Not uncommon to go looking for answers or solace in their devices, notify friends of the passing, etc. Asking people to try to get in there within 7 days isn't always realistic or feasible.

Of course, it is also possible that the recently deceased did not want anyone accessing their device in the event they unexpectedly passed away.

I'm willing to believe their are more people who do not want others to know of their digital life after they pass away than there are those who do.

Those who do have probably already shared it on social media like Facebook.

 

[notabadname]

Simply brilliant, brilliantly simple. Love this.

 

[rsdotscot]

It warms the cockles of my heart to see Apple going NWA

 

[fairuz]

Of course, it is also possible that the recently deceased did not want anyone accessing their device in the event they unexpectedly passed away.

I'm willing to believe their are more people who do not want others to know of their digital life after they pass away than there are those who do.

Those who do have probably already shared it on social media like Facebook.

Agreed. People have plenty of ways to share what they want. My family has my Electrum Bitcoin wallet seed in the even that I randomly die, but that's it.

 

[bollman]

This has been the case since iOS 7.
[doublepost=1525861292][/doublepost]

Then you charge it. This doesn't disable charging via Lightning. It disables data via Lightning.
[doublepost=1525861648][/doublepost]

Right. I've posted likely durations a few times here. GrayKey is basically impractical as soon as you have seven digits, much less any alphanumeric characters…
[doublepost=1525861963][/doublepost]

iOS does use NTP.

iOS does not use GSM's time signal. At least early versions did not, and I'd be surprised if Apple ever bothered to implement it.



Leaving aside how seldom most people move between time zones, iOS uses Location Services for that, not GSM.



You're making an awful lot of assumptions here based on 1980s'-level implementations of cellphones.
[doublepost=1525862191][/doublepost]

Or bad news for trolls.

Um, if the iPhone only used NTP, it would be even worse, since that would be a lot easier to attack using MiM.
Do you think the "automatic" setting in Date and Time requires data to reach an NTP server? RTFM:
From the iOS documentation:
https://support.apple.com/en-us/HT203483
"The option to turn on Set Automatically might not be available with all carriers or in all countries and regions"

If the time and date relied on NTP servers independent of carrier and network functions, that line would not be needed, would it?
From your post, I assume you seldom move between time zones. Just to remind you though, even the US has 6 time zones, people are sure to move between them a lot more often than you obviously are. Maybe that's the problem?

So, there you go, my assumptions of 80s implementation (I actually had a mobile phone in the 80s, and they didn't even have RTC) were actually correct, and your guesses were totally incorrect, although posted incorrectly as facts.

 

[chucker23n1]

Ah, I was wondering if they had something like that. But how frequently does iOS check the NTP server? If it's 15 minutes or less, you can keep the phone at the same time forever or go backwards slowly.

macOS checks hourly (depending on network state), so iOS probably does as well. I suppose that attack might work with a crazy amount of effort (assuming crypto isn’t used), yes.

 

[bitslap47]

...
From the iOS documentation:
https://support.apple.com/en-us/HT203483
"The option to turn on Set Automatically might not be available with all carriers or in all countries and regions"

If the time and date relied on NTP servers independent of carrier and network functions, that line would not be needed, would it?...

Some countries may block data access to certain servers. I'm not saying they are or would block an NTP server... but they block all kinds of stuff for political reasons. So there is an alternate explanation... but I see where you are going.

I was leaning toward GPS myself...
[doublepost=1525896999][/doublepost]

macOS checks hourly (depending on network state), so iOS probably does as well. I suppose that attack might work with a crazy amount of effort (assuming crypto isn’t used), yes.

I think MacOS checks on boot also... won't swear though.

 

[fairuz]

I think MacOS checks on boot also... won't swear though.

I would think so. Say you boot up your machine for the first time in a while, and it's off by more than 15 minutes, it shouldn't fail to set the time. In 2009, I was pretty sure it did because I saw the time end up reset to some distant past date (2001 I think) after a dead MBP battery, and it did correct soon after.

 

[Moorepheus]

I like the direction, like other, why not do it as soon is the iPhone locks? I am still on the side of Law Enforcement on this one however.

 

[kruegdude]

When I die, the last thing I want is for anyone, family included, to decide it’s appropriate to go snooping through my phone. You wouldn’t snoop on your living family members’ phones or computers. What is it about death that makes it okay to disrespect them like that?

Um, you not existing anymore. That being said, your iPhone would belong to your estate so your heirs would actually own it and its content.

 

[chucker23n1]

By the way.... I do work in the reverse engineering field from time to time, and have for quite a long time. What OldSchoolMacGuy is saying is not impossible. So just be aware. I have actually done some law enforcement forensics myself.

A lot of things are possible, but OldSchoolMacGuy's are extraordinary, to say the least. Especially this one.

I assume OldSchoolMacGuy hasn't invented quantum computing, isn't referring to that password literally being "aaaaaaaaaaAAAAAAAAAA1234!", and isn't referring to a dictionary attack either, so it's most likely indeed impossible.
[doublepost=1525901109][/doublepost]

Um, if the iPhone only used NTP, it would be even worse, since that would be a lot easier to attack using MiM.

Er, because? As has already been discussed, Apple's NTP client most likely accepts a maximum drift per request. A MITM would thus be, at the very least quite time-consuming.

Do you think the "automatic" setting in Date and Time requires data to reach an NTP server? RTFM:
From the iOS documentation:
https://support.apple.com/en-us/HT203483
"The option to turn on Set Automatically might not be available with all carriers or in all countries and regions"

If the time and date relied on NTP servers independent of carrier and network functions, that line would not be needed, would it?

That "FM" says nothing about the protocol used, and no, your assumption is wrong. Plenty of cellular carriers don't allow all application-layer protocols (for example, blocking VoIP used to be quite common because they didn't want to lose their cellular call revenues), and it's quite plausible that a carrier would block NTP.

It's possible iOS supports GSM-based time signals. I doubt it does, though, as there's simply little reason to.

From your post, I assume you seldom move between time zones. Just to remind you though, even the US has 6 time zones, people are sure to move between them a lot more often than you obviously are. Maybe that's the problem?

Yes, thank you for the reminder that other countries have different geographical attributes. What is your point?

So, there you go, my assumptions of 80s implementation (I actually had a mobile phone in the 80s, and they didn't even have RTC) were actually correct, and your guesses were totally incorrect, although posted incorrectly as facts.

OK, honey. You do you!

 

[charlituna]

Nice! Now would be even nicer if it was shorter then 7 days. 1 day is fine with me. A couple of hours would be fine with me too.

As long as it’s just a data restriction I agree. Charging should always function. Heck make it more like 12 hours.
[doublepost=1525901389][/doublepost]

Um, you not existing anymore. That being said, your iPhone would belong to your estate so your heirs would actually own it and its content.

Own the phone yes. The contents no. They are mine unless I grant them to someone else by giving them my passcode
[doublepost=1525901452][/doublepost]

I like the direction, like other, why not do it as soon is the iPhone locks? I am still on the side of Law Enforcement on this one however.

If it cuts a data connection as long as the phone locks it would screw up running backups with the screen locked

 

[chucker23n1]

I think MacOS checks on boot also... won't swear though.

Right. I suppose it's possible to accelerate this drift attack by rebooting over and over.

Anyway, the original claim (which has apparently since been deleted?) was something along the lines of it being trivial to reset the date to something within the seven days. As someone has pointed out, one of the assumptions for that to work is that the timer Apple uses is date-based. Maybe. It could also be continuous, in which case changing the date wouldn't affect it at all.

The discussion then drifted into how one might go about resetting the date.

I feel like this is quite a house of cards of assumptions (the timer relies on the date, the date can be arbitrarily changed using a MITM, etc.) just to confirm a vague assertion that the 7-day limit can be trivially circumvented.

Which, if you think about it, is also quite an extraordinary claim.

I bet this 7-day limit has flaws. I strongly doubt they can be trivially found in some random forum thread.

 

[AFDoc]

As many have said I'd prefer to see the time adjustable to a setting of the users liking. I'd set it for 1 day and forget about it.

 

[asiga]

[...] Limiting Law Enforcement Access.

Ah, so I guess that if Apple puts the user freedom above Law Enforcement, they'll take the user freedom seriously and also allow us to decide what iOS version we use, choose to downgrade when we want, permit us to answer "No" instead of "Ask me tomorrow again", prevent the Photos app to decide what's a remarkable record in our life, and even a per-app Internet permission switch, so that we only allow Internet access to the apps we want (with the capability of also turning Internet off for Apple official apps and allow it only for some certain third-party apps if we wish so).

Ooops, but... "limiting Law Enforcement" is easier than supporting the real user freedom because Law Enforcement doesn't pay the bills, while doing business with the user data does pay the bills.

It's surreal, to say the least, to see so many people concerned about Law Enforcement and not caring about the total and complete lack of freedom that Apple is putting (more and more) in their current devices. Maybe that's because all these users never owned a real Mac (read: before Apple began pushing hard on income from services) and never experienced the achievement in user freedom that you got when switching from Windows to Mac back in the days.

 

[dilbert99]

Why not have it disabled all the time and then put in your password/biometric to enable it for that session

 

[chucker23n1]

It's surreal, to say the least, to see so many people concerned about Law Enforcement and not caring about the total and complete lack of freedom that Apple is putting (more and more) in their current devices. Maybe that's because all these users never owned a real Mac (read: before Apple began pushing hard on income from services) and never experienced the achievement in user freedom that you got when switching from Windows to Mac back in the days.

Um, what? The Mac has never been the "freer" platform in that sense. The original Mac didn't have an expansion slot. If you wanted a lot of customization, you could do that in DOS. You went for the Mac if you wanted a damn good baseline. I've been a Mac user since '92 and your narrative that "you achieved user freedom when switching from Windows to Mac" is strange.

The freedom offered by the Mac and by iOS isn't that you can tweak things all over the place. It's that the tool is good enough and thoughtful enough that it gets out of the way to let you express yourself creatively.

 

[fabian9]

They should take it one step further and disable the USB data port entirely unless the phone is unlocked.

 

[chucker23n1]

They should take it one step further and disable the USB data port entirely unless the phone is unlocked.

This makes various stuff like CarPlay awkward to use.

 

[usarioclave]

You can also have a cell tower set the time, but it requires you have a cell site simulator. It's not a normal piece of hardware to have lying around, but you never know who has what equipment.

You could use an SDR to make a cell tower, which is what Burning Man does. Just set it up as an EDGE/3G access point then drift the time backwards by a few minutes every second.

Apple could stop that by not doing time updates while locked, but that might cause other problems.

The fact is, there's "good enough" and there's "ultra secure." The latter will require tradeoffs that could cause major issues.

Once you have access to the device all security bets are off anyway. At some point someone will figure out how to do a RAM snapshot on a live phone. What's going to happen then, in-RAM encryption?

 

[I7guy]

...It's surreal, to say the least, to see so many people concerned about Law Enforcement and not caring about the total and complete lack of freedom that Apple is putting (more and more) in their current devices. Maybe that's because all these users never owned a real Mac (read: before Apple began pushing hard on income from services) and never experienced the achievement in user freedom that you got when switching from Windows to Mac back in the days.

What total and complete lack of freedom is being discussed?

 

[Mirice99]

They can use your image legally. Part of “booking” you is taking your picture. By extension, your face is fair game.

So are your finger prints.

They can force you to touch your phone to unlock it with your fingerprint. And they can scan your face.

If you want true security, then do not use biometric unlocking options.

You should only use a passcode, and make it long and complicated.

The law cannot legally force you to reveal contents of your brain. They could issue an order to compel. But that can be fought. There is no way to force you to reveal information verbally, and they cannot actually force you to write it.

They can legally use anything they find written down. But they cannot make you write it.

There is a law to permit you to avoid self incrimination.

But anything physical or visual is fair game. The contents of your brain are legally protected though.

Excellent advice for pedophiles who have kiddie porn on their phones and don't want to spend the rest of their lives in jail.

 

[AsherN]

Apple could stop that by not doing time updates while locked, but that might cause other problems.

Mot doing time updates while locked would not cause any problems. Yo realize that the iPhone can keep accurate time on it's own, right?

And what makes you think Apple will rely on the network time? It's a lot better to start an internal counter when the phone locks. When that counter reaches 7 days, regardless of the network time, disable the port.

 

[vvswarup]

Take off the tinfoil hat. The government doesn't care about you. They don't care what's on your phone. You're a nobody as far as they're concerned. Unless you're trading child porn, selling secrets, committing acts of terrorism, or other crimes, they don't care.

But you'd rather let all pedophiles run free and abuse children. You sound like a great human.

You're a nobody? The government doesn't care about you? Ever hear of COINTELRO? That was only six years ago. COINTELPRO was an FBI program designed to disrupt "subversive" political organizations. In reality, it was J. Edgar Hoover's personal ego trip disguised as a program to promote national security. Methods included spreading rumors in order to sow discord among target groups and collaborating with local law enforcement agencies to arrest targets on trumped up charges. How about the IRS controversy over alleged targeting of political groups? All we know is the FBI didn't charge anyone but people did resign. Then again, the FBI didn't charge Hillary but at least she went through a million inquiries and didn't resign.

You say the government won't care unless one is committing crimes but who decides what a crime is? It's the government that decides. So if the government has the capability to spy on Americans indiscriminately, the government will find a way to use that capability.

 

[Felix01]

So what happens after 7 days? Understand the Lightning port gets locked for data transfer but then does the clock restart (and the port becomes fully functional again) again as soon as you log in with your unlock code? If so, seven days seems too long. I'd prefer 24 hours, or better yet, make it user configurable.

As long as the Lightning port becomes fully functional again when the user logs in with a valid code, there's no reason to set the clock at a week. That's excessive.
[doublepost=1525956794][/doublepost]

This makes various stuff like CarPlay awkward to use.

How so?