What if law enforcement had a tool that could unlock any iPhone in a matter of minutes? Well, it appears they now have that tool. GrayKey is a little black box that can unlock any iPhone, even the latest iPhone X. The infamous San Bernadino case in which the FBI asked Apple to crack an iPhone 5C has shone a brighter light on mobile security. Some experts are concerned about GrayKey and what it could mean for iPhone users privacy and security.
The GrayKey device isn’t much to look at. It’s just a simple black box with a couple of Lightning cables sticking out of it. The process starts by plugging in one or two iPhones into GrayKey for two minutes which presumably loads some sort of software. After two minutes, the iPhone is unplugged and left to sit for up to two hours. The iPhone will then power back on to a black screen which serves up the passcode and other data.
Once the passcode is displayed and recorded, the iPhone can be rebooted and the passcode used to unlock the interface. The two-hour waiting process is for iPhones with 4-digit passcodes. Those with six-digit passcodes can still be cracked but the person cracking it may have to wait up to 3-days while the software does its job. GrayKey can unlock any iPhone even those that are disabled.
After the device is unlocked, the full contents of the filesystem are downloaded to the GrayKey device. From there, they can be accessed through a web-based interface on a connected computer and downloaded for analysis. The full, unencrypted contents of the keychain are also available for download.
While the GrayKey device is only available to law enforcement, the fear is that the method to crack Apple’s encryption is now out there. GrayKey will cost law enforcement departments $15,000USD for internet connected units and $30,000USD for one that doesn’t require a connection. Another fear is the possibility of these units being stolen. Once one gets in the wrong hands, you can bet the technology will spread.
GrayKey will work until Apple finds a way to patch the vulnerabilities the device is exploiting. There’s no way of really telling when that will be. Head over to the MalwareBytes website at the link below to read a full in-depth technical analysis of the situation.
Last Updated on March 17, 2018.