It seems, however, that pressing matters may have forced Apple to nearly silently roll out its USB Restricted Mode feature in the new iOS 11.4.1 update. The new feature does not allow third parties to break into the phone without the owners agreement, effectively tightening security even more. Launch Settings, navigate to iCloud Find My iPhone and make sure that the feature is disabled.
"What we want to see is more granular control over what can and what cannot trigger the USB Restricted Mode".
According to ElcomSoft, USB Restricted Mode generally works exactly as expected: Even if the device is rebooted or software restored, the lock persists.
USB Restricted Mode on iPhones now shuts off all USB access after a phone has been locked for about an hour.More news: George Clooney reportedly hurt in motorcycle crash in Italy
More news: Gareth Southgate says England can become immortal like 1966 heroes
More news: Trump to Announce His Supreme Court Nominee Tonight
If an accessory is connected to the iPhone within that one-hour timeframe before the Restricted Mode is enabled, then it will be able to disable the lockdown timer. "Prior to iOS 11.4.1, isolating the iPhone inside a Faraday bag and connecting it to a battery pack would be enough to safely transport it to the lab", he concludes. The toggle is off by default, and that's how you'll want it in order to use the feature.
Most (if not all) USB accessories fit the goal - for example, Lightning to USB 3 Camera Adapter from Apple. Law enforcement and private companies could leverage the loophole and design new hardware to continue to crack passcodes through the Lightning port.
We've contacted Apple for comment and will update this post when we hear from them.
While Apple might fix the flaw in the next iOS 11.4 release or in the iOS 12, Afonin doesn't consider it as a severe vulnerability and calls it an "oversight".
Another user pointed out that the iPhone's Settings apps shows that the Personal Hotspot is using up nearly 50 percent of the device's battery life even when the user has never activated it. Does installing iOS 11.4.1 fix the issue, or are there better alternatives to solving it? However, Apple had not released the details on its security page at the time of this posting, but expect them to appear sometime soon.