One of the basic principles of computer security is that if someone has physical access to a machine, compromising it is simply a matter of time (yes, even technologies like whole-disk encryption via GPG/PGP, BitLocker, or TrueCrypt are often still susceptible to “Evil Maid” attacks). But while all devices are vulnerable to hands-on attacks, some devices are more vulnerable than others.
Innocuous-looking USB accessories for both PCs and smartphones have long been a preferred for attacks aiming to gain unauthorized access to a machine. Devices that look like USB sticks can easily direct a computer they’re plugged into to dump data to an external device or online file storage by mimicking a keyboard/mouse, an attack no antivirus or antimalware software can prevent. Smartphones have been susceptible to similar attacks, even from something as seemingly-innocent as a regular phone charger. These hardware-based attacks have been well-documented, and while a passcode on the device can mitigate such attempts, it’s no cure-all.
With iOS 7, Apple has introduced a new feature called “trusted devices” which requires the user to actually authorize the attached USB “charger”/accessory to access data on the device. When plugging in an iPhone to a computer (or a computer masquerading as a charger), the user sees a prompt as in the screen below:
Trust the currently connected computer?
Trusting this computer will allow it full access to your device and all of its data.
This prompt is only shown on an unlocked iPhone and until the user selects the “trust” option, the iPhone will treat the connected accessory as a “dumb” power source and not present any USB mass storage device interfaces, rendering USB-based attacks to a (locked) iPhone ineffective.
Combined with some of the other security improvements shipped in the next iOS update (“Find my iPhone” enabled even after full device format, iTunes account-based activation lock after full format, etc.), iOS 7 is shaping up to be the most security-centric release to date.
OK. This is perhaps a good security feature. Now, since we are taking this extra security step, will Apple finally let us access other file types in iOS 7 from a USB drive besides just photo & video files in a DCIM folder? For some who use the iPad for work functions, it sure would be nice to have this capability. For instance, in my job, one of our pieces of equipment, not network connected, generates a proprietary file. We have to submit it via email for certain documentation purposes. It sure would be convenient to put on a USB drive and email from my iPad rather than booting up my Windows laptop.
Let’s say I change my mind, how does one edit the list of trusted/untrusted computers?
I untrusted my pc first time I connected after iOS 7 upgrade. Now I am not getting this option to trust whenever I connect via USB….please help, I urgently need to backup my media files but I am not getting this option
please could someone reply to ‘Appleuser’s comment above. I also need to know how to change to ‘trust’
I accidentally pressed “don’t trust” when I connected the USB on my laptop. PLEASE REPLY w/ FIX ASAP.
Hi Guys,
If I have added an internet cafe computer as a trusted device will any of my files stay on the computer?
I used one the other day and had to charge my phone and accidentally added the PC as a trusted console, bit worried now that people may be able to access my files?
Please advise 🙁
Mike
Hi, for those who had accidentally clicked “Don’t Trust” from your iphone, please try the following.
1. Connect the USB cable from your iphone to the PC.
2. Go to Control Panel > Hardware and Sounds > Devices and Printers. You should be able to see your Apple Device connected to the PC.
3. Right click and select Properties.
4. Select the Hardware tab.
5. Click on the Properties button.
6. Select the Driver tab.
7. Click Uninstall button and then click OK.
8. You will see that your iPhone is removed from the available devices.
9. You can now reconnect your iphone device and click “Trust”.
Hope this helps.
Thanks
Kristel 🙂
I wish I could use my Iphone on my Ubunutu 12.04 system instead of having to go to windows to access it. If anybody knows a fix let me know thanks.
This is funny because many Android phones do similar thing. It asks if you want to enable the data interface. And to be able to asndwer you have to have unlocked the screen usually. I never really thought about someone smart enough to hack into yolur phone using a charger that is modified. I can imagine this could happen, if you were to borrow or use while visiting someone. Beyond that it could be used to delete files from your phone as well.
Anybody figure out after this release how to have the picture folder for your phone automatically refresh in Windows Explorer when the phone is connected via ASB. I take a picture on my pone while connected and it use to immediately show up in the list of files in Windows Explorer. Now I have to disconnect & reconnect each time I take a picture to see it on my PC.
Hi, for those who had accidentally clicked “Don’t Trust” from your iphone, please try the following.
1. Connect the USB cable from your iphone to the PC.
2. Go to Control Panel > Hardware and Sounds > Devices Manager. You should be able to see your Apple Device connected to the PC.
3. Uninstall the drivers.
4. You will see that your iPhone is removed from the available devices.
5. You can now reconnect your iphone device and click “Trust”.
Hope this helps.
Thanks