The iPhone X is coming, and with it a shiny new iOS for legions of Apple fans to excitedly pore over. One group that may not be so stoked on the update, however, is law enforcement.
Two new features in the operating system will make it more difficult for investigators to access data on seized devices, and security experts are heralding it as an overdue change to how the data on our smartphones is protected — both from potential criminals and the cops.
The first update we learned about in August: Hitting the home button five times in quick succession will disable Touch ID, requiring instead the use of a passphrase to unlock the phone. This could come in handy if, say, an activist knew his or her phone was about to be confiscated. In the U.S., police can compel people to unlock their phones with fingerprints but not with passwords.
The second and latest security revelation is a tad more subtle, but equally intriguing. Digital forensic tool manufacturer ElcomSoft dived into the new iOS and found that connecting an iPhone to a computer is about to get more secure. As it currently stands, when an unlocked iPhone is plugged in it asks the user if they trust the device. If they do, the computer can then access the contents of the smartphone. That process is getting an overhaul.
“Establishing trust with a new computer now becomes a two-step process,” the company explains in a blog post, “and requires supplying device passcode in addition to confirming the ‘Trust this computer?’ prompt.”
No, let me fix that for you: iOS 11 is putting logical control squarely back in the hands of users, reducing leaky pairing record threats
— Joseph Lorenzo Hall (@JoeBeOne) September 11, 2017
Notably, a fingerprint will not work for this second verification. “During the second step, the device will ask to enter the passcode in order to complete pairing,” notes a more detailed ElcomSoft blog post. “This in turn requires forensic experts to know the passcode; Touch ID alone can no longer be used to unlock the device and perform logical acquisition.”
Why does this matter? Well, if your smartphone has been seized by police (or stolen by a thief) while unlocked, the person in possession of the phone could previously download all of the contents to a computer — allowing for a detailed analyses by security forensic tools (like those manufactured by ElcomSoft). With iOS 11, however, the iPhone will require a re-entering of the password.
You see where this is going?
“Without first pairing the iOS device to a computer, experts will be unable to make a local backup of the device,” explains ElcomSoft. “This in turn would leave iCloud as the only remaining acquisition option.”
Basically, it just got harder for cops to lift all the data off your phone in one fell swoop. Sure, they could still manually scroll through all your texts, emails, phone records, and everything else stored locally — but making a backup and analyzing it wholesale is another story.
