USB Restricted Mode can be fooled by a $39 device

The USB Restricted Mode in iOS 11.4.1 has been setup in order to secure the device against passcode cracking solutions that are provided like companies Cellerbrite and Grayshift.

The new default behavior of the USB restricted mode is that it will disable data connectivity after one hour since the device has been unlocked. It will also disable it after it has been disconnected from a trusted USB accessory.

Once USB Restricted Mode is engaged on a device, no data communications occur over the Lightning port. A connected computer or accessory will not detect a “smart” device.



The guys from Elcomsoft said it perfectly, once the iPhone is in the USB Restricted Mode it is nothing more than a dumb battery pack.