Instructions for iPhone cracking tool GrayKey have surfaced online and it appears they were written by the San Diego Police Department.
A report from NBCNews mentions a tool from GrayKey called Hide UI, and until now has been kept secret from the public.
But another tool, previously unknown to the public, doesn’t have to crack the code that people use to unlock their phones. It just has to log the code as the user types it in.
Software called Hide UI, created by Grayshift, a company that makes iPhone-cracking devices for law enforcement, can track a suspect’s passcode when it’s entered into a phone, according to two people in law enforcement, who asked not to be named out of fear of violating non-disclosure agreements.
This is called a keylogger, and it is neither new nor revolutionary. It would be cheaper for police to use pen and paper to write down a suspect’s passcode, although there is that pesky fifth amendment.
iOS forensics company Grayshift was forced to raise its prices last year, noting that “Forensic Access to iOS continues to increase in difficulty and complexity.”
“I think it’s going to get harder and harder to find these kinds of unlocking flaws, because Apple does control the entire stack,” Alex Stamos, director of the Stanford Internet Observatory and former Facebook chief security officer, previously told Motherboard. “I think a couple more hardware revisions of understanding the ways that these unlocks are happening and [Apple is] going to make it extremely difficult. Which then will bring this debate back…”
It’s a complex issue. On one hand it’s good news for Apple customers. On the other hand, it makes the government is fight tooth and nail to take away our security.
When a company like Cellebrite or GrayKey use their devices to break into your iPhone, it’s not just your local data that can be accessed. Using various types of “cloud forensics” or cloud extraction technology, they can get your data in the cloud as well. It’s a long read but worth it.
Cellebrite’s UFED Cloud Analyzer, for example, uses login credentials that can be extracted from the device to then pull a history of searches, visited pages, voice search recording and translations from Google web history and view text searches conducted with Chrome and Safari on iOS devices backed-up iCloud.
- Gift Picks and Grinchbots – TMO Daily Observations 2021-12-01
- Adele's Shuffle Challenge and Apple's Stand on State-Sponsored Spyware, with Jeff Gamet - ACM 562
- The Great Rebundling — Media+
- Security Tips for Holiday Visits – TMO Daily Observations 2021-11-24
- Security Friday: Chip Flaws and Data Breaches – TMO Daily Observations 2021-11-19
- Ben Surtees talks Bartender – TMO Daily Observations 2021-11-22
But Motherboard reports that Grayshift is confident that its device is future-proof.
In this episode, Bryan Chaffin and Jeff Gamet talk about how Amazon has quietly become the Cyberpunk king. They also discuss Tim Cook’s choice of dinner companions for the White House’s state dinner, and how Grayshift’s data breach is the proof in the pudding that backdoors and cracks get mishandled.
And the data breach resulted in a semi-public attempt at extortion by the not-very-good-at-extortion thieves.
The GrayKey box is available only to law enforcement, but it’s a perfect example of why strong passcodes for our iPhones are so important.