9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
If you upgraded to iOS 26, you know the design changes and visual overhaul of Liquid Glass are undeniably impressive. But from a security perspective, one feature in particular has piqued my interest and seemingly gone under the radar: a new permission setting for wired accessories. This overlooked feature could be one of the most practical defenses Apple has shipped in years.
In iOS 26, whenever you plug into a wired accessory, the system prompts you to allow or deny data transfer. If you tap “Don’t Allow,” the phone charges but blocks all data flow. If you tap “Allow,” the accessory, whether it is a charging cable, dock, or other device, can initiate data communication with your iPhone.
If the phone is locked, iOS 26 will not let any accessory transmit data until you unlock the device and confirm. Charging still works, but documents, photos, or any other data stay put unless you give explicit permission.
This is a step in the right direction against risks like juice jacking. With the new prompt, attackers hit a wall unless you actively approve the connection.
You can also adjust the behavior in Settings. Options include Always Ask, Ask for New Accessories, Allow Automatically When Unlocked, and Always Allow.
Ideally, this lowers the risk of infection or data theft when someone plugs into what looks like a safe public charging station at an airport or train station. It will not outright prevent an attack, but it forces you to pause and think before tapping “Allow” on an unfamiliar accessory. And since charging still works, most users will not mind choosing “Don’t Allow”.
My one gripe is a big one: the wording of the prompt. It is generic and does not make the threat clear. The message “Allow accessory to connect” could easily be mistaken as approval for charging, which happens regardless. Since this is meant as a security and privacy safeguard, Apple could do a much better job of explaining the risk.
If don’t think juice jacking is a real problem, check the O.MG cable, which is seriously indistinguishable from official Apple made ones.
You can check it out under Settings > Privacy & Security > Wired Accessories.
Thank you for reading Security Bite is a weekly security-focused column on 9to5Mac. Each week, Arin Waichulis delivers insights on data privacy, uncovers vulnerabilities, and sheds light on emerging threats within Apple’s vast ecosystem of over 2 billion active devices.
Follow Arin: Twitter/X, LinkedIn, Threads
FTC: We use income earning auto affiliate links. More.
