We recently became aware of a new security feature in iOS 11 which makes it much harder for ill-intended attackers or snoops to access user data stored on iPhone or iPad from a computer.
In effect, pairing an iOS device with a Mac or PC computer will not only require the iOS device to be unlocked, but will now also request passcode authentication after the Trust This Computer prompt on the device:
This new security feature was first reported by Redmond Pie when iOS 11 beta 5 launched in early August, but received very little coverage since.
Interestingly, at the time Redmond Pie reported that Touch ID could be used to authenticate pairing:
But in our tests with beta 7 and 8, iOS systematically asked for the passcode. We believe this change should be understood in the context of recent investigative overreach which have demonstrated how governments can (and will) force citizens to unlock their phones via Touch ID.
Requiring the passcode in this context is safer:
This hypothesis fits nicely with another similar iOS 11 security feature which temporarily disables Touch ID, providing as The Verge puts it a 'cop button'.
Apple doesn't make such moves randomly. iOS 11's increased pairing security was likely provoked by cases of identity theft, investigative overreach, and domestic or corporate spying.
To grasp how authentication protected pairing better safeguards user data in iOS 11, it is important to understand how iOS devices and computers interact. By default, a computer simply cannot access any data before trust is established between the computer and the device. This process is referred to as pairing.
In order to establish pairing:
Once pairing is established, the following data can be extracted directly, via USB or local Wi-Fi connection:
A backup of the device can also be performed, granting access to even more personal information:
⚠ Data can only be extracted from a backup if iTunes Backup Encryption has not been explicitly enabled by the owner of the device. At DigiDNA, we actively encourage all our users to enable backup encryption via clear prompts and warnings in our software.
Until iOS 11's new security features, pairing could be achieved without consent in the following scenarios:
Once pairing is effective, the attacker can access the victim's data via Wi-Fi whenever the attacker's computer is connected to the same Wi-Fi network as the victim's mobile device. This can happen without the victim's knowledge, the only sign being a sync indicator on the victim's phone if the attacker performs a backup of the target device. Accessing photos, videos, and user documents of some productivity apps' can happen completely silently.
Apple's next flagship iPhone will most probably replace Touch ID with a face recognition authentication mechanism, Face ID. It is rumored to be very safe, integrating far more data points than Touch ID and being more immune to attacks than Samsung's similar efforts, thanks to the also much rumored 3D sensing capabilities of the new camera module.
But by nature, face recognition could make it even easier for law enforcement to coerce the public into unlocking their device: all it takes is to point the phone at it's owner. We don't yet know how Face ID will precisely work, but it could very well be that the fallbacks to good old passcode protected authentication we've evoked here are related.
Obviously, updating your iOS devices to iOS 11 when it will officially be released in September is a great first step.
If you think that your device may have been paired with a computer without your consent, you can break the pairing relationship by resetting location and privacy settings in your iPhone or iPad's Settings app: General > Reset > Reset Location & Privacy
Finally, don't share your passcode, and make sure that Erase Data is enabled in Settings > Passcode and Touch ID. Your data is yours only, keep it safe!