Apple has effectively disabled the GrayKey iPhone unlocking device used by law enforcement agencies to crack the passcodes on iPhones, reports Forbes.
On these devices, law enforcement agencies are limited to a partial extraction that provides unencrypted files and metadata like file size and folder structure.
It is not clear what method Apple used to block GrayKey access to iPhones running iOS 12 and later. Vladimir Katalov, CEO of ElcomSoft, said Apple’s method is unknown.
“No idea. It could be everything from better kernel protection to stronger configuration-profile installation restrictions,” he suggested. The kernel is the core part of the operating system, from which the rest of iOS launches. Configuration profiles typically allow individuals and companies to customize the ways in which iOS apps work.
Details about the GrayKey box, made by a company called Grayshift, first leaked in March of this year. Provided to law enforcement agencies, the GrayKey box connects to an iPhone and then installs proprietary software that’s designed to crack the passcode of the device.
It can take as little as 6.5 minutes for the box to crack a 4-digit passcode, while a 6-digit passcode can be calculated in approximately 11 hours.
Apple in an iOS 11 update introduced a new USB Restricted Mode feature that prevents USB accessories like the GrayKey box from connecting to an iPhone or iPad if it’s been more than an hour since the device was last unlocked.
It was believed that this would prevent the GrayKey device from working, but after details on USB Restricted Mode were released, forensic experts said that it had already been defeated.
It’s not known if USB Restricted Mode had an impact or if Apple implemented another method for blocking the GrayKey box, but companies like Grayshift are likely to find a workaround or a new method for cracking the iPhone.
As Rochester Police Department Captain John Sherwin told Forbes, there’s always a new method in the works. “Give it time and I am sure a ‘workaround’ will be developed … and then the cycle will repeat,” he said. Someone is always building a better mousetrap, whether it’s Apple or someone trying to defeat device security.”
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Discuss this article in our forums