The security of our devices covers many fronts. A few days ago we saw how thanks to a combination of attacks it was possible to skip the password request screen on Windows computers simply plugging in a small connector. With this in mind, there is a tremendously powerful little tweak on our iPhone or iPad that we will probably want to activate.
USB accessories, the key to many attacks
Just yesterday we were talking about how Hide UI, the new Grayshift tool, allows you to extract the code from a locked iPhone. How do you get it? Well the process is relatively simple: after connecting the iPhone to the corresponding machine this will install malware that captures the password of the device once the user enters it.
GrayKey, as a tool, is probably the most striking, as it is designed to perform a brute force attack against the device password, but there are many other cases. Cases that, as Apple expresses when saying that “you cannot create a back door only for the good guys”, come from entities that have nothing to do with law enforcement. In the face of this kind of attack, what can we do? Easy, disconnect the port until the password is entered.
Apple has offered us this option for a while now. We can activate it by following these steps:
- We open the app Adjustments on our iPhone or iPad.
- We came in Face ID and code or Touch ID and code.
- We introduce our code and press okay.
- We deactivate USB accessories under the section Allow access when blocked.
With this simple step, we achieve that when the iPhone or iPad has been locked for more than an hour, any USB accessory that connects to it you will not have access to the data interface required to communicate with the device.
That easy. Without being able to communicate with the device, it is not possible to install, read or modify any file on the device. Without a doubt, one of the many security measures that Apple adopts to protect the large amount of personal data that we store on our devices.