- Apple is changing the default settings on iPhones, stopping people from exploiting a security loophole to gain access to devices using the charging and data port.
- Police sometimes use this loophole to gain access to devices.
- Apple has butted heads with law enforcement about unlocking iPhones before. In 2016, it refused to help the FBI break into the phone of the San Bernardino gunman.
Apple is reportedly changing the default settings on iPhones to close a loophole which can be used to access locked phones via the charging and data port.
The software update, reported by The New York Times, will disable the iPhone’s Lightning port an hour after the phone is locked. After that, a user will be able to charge the phone, but unable to transfer any data to or from the device unless the passcode is entered.
The update will block anyone using a GrayKey device, which costs $15,000 (£11,000) and can be used to hack into iPhones via the Lightning port. Multiple US law enforcement agencies have purchased such devices, including the Drug Enforcement Administration.
But Apple insists it is not trying to make law enforcement more difficult.
“We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data,” Apple spokesman, Fred Sainz, said in an email quoted by the New York Times.
“We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs.”
Chuck Cohen, a police officer who leads an Indiana State Police task force on internet crimes against children, told the New York Times: “If we go back to the situation where we again don’t have access, now we know directly all the evidence we’ve lost and all the kids we can’t put into a position of safety.”
Cyber-security expert Alan Woodward, who is a visiting professor at the University of Surrey, is sceptical of the idea that GrayKey devices could be used for mass surveillance by police.
“The expense and the need to have physical access to the phone means that this is not something that is going to be used for mass surveillance,” he told Business Insider. “It is very much a forensic tool aimed at seeking evidence after an event.”
Security blogger Graham Cluley however views the update as a positive. “Apple’s security engineers have worked tirelessly for years,” he told Business Insider, “strengthening the iOS operating system from hackers. It would be wrong to reduce hundreds of millions of iPhone users’ security and privacy just to help law enforcement agencies, authoritarian regimes, and state-sponsored hackers crack into a few mobile phones.”
Apple has butted heads with law enforcement about unlocking iPhones before. In 2016, Apple refused to co-operate with an FBI request to unlock the phone of a gunman who, with his wife, killed 14 people in San Bernardino in 2015.
“By taking this action,” Professor Woodward said, “Apple have moved the situation back in favour of preventing access to iPhones, but it won’t last forever.”
Business Insider has reached out to Apple for comment.