Business

Apple tweaks settings that police use to hack into iPhones

Selecting a new phone Source: AAP/David Moir

Apple is changing iPhone settings to limit communication through the USB port, a favourite method of law enforcement agencies to break into devices.

Apple says it will change iPhone settings to undercut the most popular means for law enforcement to break into the devices.

The company said it is aiming to protect all customers, especially in countries where phones are readily obtained by police or by criminals with extensive resources, and to head off further spread of the attack technique.

The privacy standard-bearer of the tech industry will change default settings in the iPhone operating system to cut off communication through the USB port when the phone has not been unlocked in the past hour.

That port is how machines made by forensic companies GrayShift, Cellebrite and others connect and get around the security provisions that limit how many password guesses can be made before the device freezes them out or erases data.

Now they will be unable to run code on the devices after the hour is up.

These companies have marketed their machines to law enforcement in multiple countries this year, offering the machines themselves for thousands of dollars but also per-phone pricing as low as $US50.

Apple representatives said the change in settings will protect customers in countries where law enforcement seizes and tries to crack phones with fewer legal restrictions than under US law.

They also noted that criminals, spies and unscrupulous people often use the same techniques. Even some of the methods most prized by intelligence agencies have been leaked on the internet.

Apple began working on the USB issue before learning it was a favourite of law enforcement.

Apple said that after it learned of the techniques, it reviewed the iPhone operating system code and improved security. It decided to simply alter the setting, a cruder way of preventing most of the potential access by unfriendly parties.

With the changes, police or hackers will typically have an hour or less to get a phone to a cracking machine. That could cut access by as much as 90 per cent, security researchers estimated.

The setting change could also draw criticism from US law enforcement officials who have been engaged in an on-again, off-again campaign for legislation or other ways to force technology companies to maintain access to users' communications.

Apple has been the most prominent opponent of those demands. In 2016, it went to court to fight an order that it break into an iPhone 5c used by a killer in San Bernardino.

Stay up to date with SBS NEWS

  • App
  • Subscribe
  • Follow
  • Listen
  • Watch