Apple May Have Blocked GrayKey Phone Hacker in iOS 12 Update

Apple May Have Blocked GrayKey Phone Hacker in iOS 12 Update

Apple touts its iOS platform as more secure than Android, but we don’t actually know how secure it is. Android is open source, so everyone can follow the patching and disclosure of bugs. iOS is essentially a black box with an unknown number of flaws, some of which have been exploited by a mysterious company called Grayshift. It sells a device called GrayKey that can unlock iPhones for law enforcement, but the expensive box is reportedly almost useless after the recent update to iOS 12. Apple did something to block GrayKey, but no one knows what.

Grayshift sells the iPhone cracker exclusively to governments and police, marketing it as a way to unlock encrypted devices to get at their files. The company keeps its technology secret, and it doesn’t come cheap. The GrayKey starts at $15,000 with a limit of 300 uses, and an unlimited version costs $30,000. That unlimited license may have been less appealing over the summer as Apple prepared to implement USB Restricted Mode in iOS, which disables data access after a phone has been locked for about an hour. That was an imperfect defense, though. Security experts have speculated on several methods that could keep phones unlocked longer to ensure they can still be hacked.

The reality of using the GrayKey on iOS 12 may be even worse than police expected. A new report says that GrayKey is only able to operate in “partial extraction” mode on iOS 12 devices. That means it cannot decrypt the full device storage. All investigators get are a few unencrypted configuration files and metadata about files and folders (files sizes, folder structure, and so on).

A GrayKey box with two lightning cables.
A GrayKey box with two lightning cables.

Since Grayshift doesn’t talk about how its tools work, it’s hard to speculate on how Apple blocked it. Previously, the GrayKey would load proprietary software into the phone to brute force its passcode without running into the retry limit. There may be deep kernel changes at work to specifically block GrayKey in addition to the use of USB Restricted Mode. Some new configuration profiles could also be at work to make the GrayShift tools less effective.

This cat and mouse game won’t end anytime soon, though. Grayshift has made a great deal of money hacking into iPhones, and it’s not giving up. If it doesn’t already have another exploit waiting in the wings, it’s probably hard at work to either uncover or buy one.

Continue reading

The Xbox Series S Is Handicapped by Its Storage Capacity
The Xbox Series S Is Handicapped by Its Storage Capacity

The Xbox Series S has been favorably received, for the most part, but the console's low base storage makes the Xbox Series X a better value for a lot of people.

In Massive Shift, Apple Announces New Macs With ARM-Based M1 Chip
In Massive Shift, Apple Announces New Macs With ARM-Based M1 Chip

Apple saw huge success the last time it switched architectures to Intel, but this time? The jury's still out, but one thing is certain: Apple is about to make a lot more money.

Apple’s New M1 SoC Looks Great, Is Not Faster Than 98 Percent of PC Laptops
Apple’s New M1 SoC Looks Great, Is Not Faster Than 98 Percent of PC Laptops

Apple's new M1 silicon really looks amazing, but it isn't faster than 98 percent of the PCs sold last year, despite what the company claims.

What Does It Mean for the PC Market If Apple Makes the Fastest CPU?
What Does It Mean for the PC Market If Apple Makes the Fastest CPU?

Apple's M1 SoC could have a profound impact on the PC market. After 25 years, x86 may no longer be the highest-performing CPU architecture you can practically buy.