Apple Confirms Plans to Disable Law Enforcement Access to iPhone via Tools Like GrayKey Box

Discussion in 'Politics, Religion, Social Issues' started by MacRumors, Jun 13, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Apple has confirmed that it is closing a technological loophole that allows law enforcement officials to hack into iPhones through USB-based hardware solutions like the GrayKey box, reports The New York Times.
    As we shared last week, the feature that prevents USB accessories from connecting to an iPhone or iPad if it's been more than an hour since the device was last unlocked is included in iOS 12. This setting is enabled by default and it will not allow USB-based accessories like the GrayKey box to connect to an iOS device until a passcode is entered. Charging, however, is still possible as it does not require a data connection.

    [​IMG]

    Apple's new setting effectively disables the techniques that law enforcement officials have been using to access locked iPhones over the past couple of years. A current popular iPhone unlocking option, for example, is the GrayKey box, which has been sold to hundreds of law enforcement agencies across the United States.

    The GrayKey box is designed to plug into the Lightning port of an iPhone where it uses a data connection to brute force a passcode in as little as a few hours. With the change, the GrayKey box will not work on an iPhone unless it has been less than an hour since the device was last unlocked. The short time period available for access via USB essentially renders the GrayKey box useless.

    Located under Touch ID & Passcode, the USB access setting can be disabled, but most users will have no reason to turn it off as there's no real benefit to doing so. All iOS devices will have this setting turned on by default after upgrading to iOS 12, which means law enforcement officials will have a much more difficult time accessing devices running iOS 12 and beyond.

    As The New York Times points out, law enforcement officials have become aware of the changes Apple is planning to implement in iOS 12 and they're not happy. Chuck Cohen, who leads an Indiana State Police task force on internet crimes against children, told The New York Times that the Indiana State Police had unlocked 96 iPhones using the GrayKey box in 2017.

    "If we go back to the situation where we again don't have access, now we know directly all the evidence we've lost and all the kids we can't put into a position of safety," said Cohen.

    iPhone unlocking devices like the GrayKey box, however, are often not only used by law enforcement officials and can be used by hackers and other nefarious individuals, making it crucial for Apple to patch the security flaw that allows the devices to work.

    Apple is not aiming to thwart law enforcement efforts with its on-device security changes. The company regularly complies with requests for the data that it stores on its servers, and has a dedicated team of professionals to respond to these requests. Since 2013, Apple has responded to more than 55,000 U.S. government requests seeking information relating to over 208,000 devices, accounts, or financial identifiers.

    Apple also has a team for responding to national security requests, and in 2017 alone, Apple received 29,250-29,748 National Security Requests from the U.S. government. Specific numbers are not available because of U.S. law.

    An Apple spokesperson told MacRumors that Apple is always working on strengthening security protections and addressing iPhone vulnerabilities as quickly as possible to defend customers against hackers.

    "At Apple, we put the customer at the center of everything we design. We're constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don't design our security improvements to frustrate their efforts to do their jobs."

    Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

    Article Link: Apple Confirms Plans to Disable Law Enforcement Access to iPhone via Tools Like GrayKey Box
     
  2. KPandian1 macrumors 6502a

    Joined:
    Oct 22, 2013
    #2
    Now, wait for the knee-jerk reaction from the extreme nuts. They don't understand the concept of privacy for one means privacy for all.

    Hope Google, Microsoft, Amazon and other big boys come out with support and similar methods.
     
  3. cycomiko macrumors 6502

    Joined:
    Oct 14, 2008
    #3
    So they went straight to the old trope of "won't somebody think o the children"
     
  4. bperrella macrumors regular

    Joined:
    Apr 8, 2010
    #4
    Wow that quote from the police is literally a meme. Bbbut think of the children.
     
  5. Rhonindk macrumors 68040

    Rhonindk

    #5
    So continues the giant game of "TAG".

    Try
    Again
    Government

    :D
     
  6. dwman macrumors 6502

    dwman

    Joined:
    Nov 15, 2007
    Location:
    San Francisco
    #6
    Given the current nature of our banana republic and the slow creep towards 24hr surveillance of law-abiding citizens, this is a prudent move by Apple. Glad they have the guts to stand up for their users rights.
     
  7. -Garry- macrumors 6502a

    -Garry-

    Joined:
    Oct 23, 2005
    Location:
    Manchester, UK
    #7
    I’m glad the New York Times decided in their quote to clarify what the charging and data port is. I’d never have known otherwise.
     
  8. Ca$hflow macrumors 6502

    Ca$hflow

    Joined:
    Jan 7, 2010
    Location:
    London, ON
    #8
    LOL, protect the children. How lame to use children as a way to thwart personal privacy. You can save a million percent more children by NOT giving kids an iPhone at too young of an age.
     
  9. Manzzle macrumors regular

    Manzzle

    Joined:
    Jun 11, 2012
    #9
    The more you guys broadcast this, they will work harder to find a way to break through.
     
  10. nt5672 macrumors 68000

    Joined:
    Jun 30, 2007
    #10
    Mr. Chuck Cohen did not bother to indicate how many of these 96 phones had information that actually made a difference in the investigation and I know why. This is not about the children, but about making the police's job easier. How about the police getting off their duff and doing some police work instead of just sitting around demanding free access to any phone they want.
     
  11. KPandian1 macrumors 6502a

    Joined:
    Oct 22, 2013
    #11
    Will they move at the pace of a sloth if "we Guys" don't broadcast this?

    Anything to suppress!

    You underestimate the hacking community.
     
  12. -BigMac- macrumors 65816

    -BigMac-

    Joined:
    Apr 15, 2011
    Location:
    Melbourne, Australia
    #12
    Epic. Super exciting time to be an Apple user in the era of constant surveillance and giant privacy leaks.

    Although this doesnt patch the whole picture, its another step forward. Well done! :apple:
     
  13. Peepo macrumors 6502a

    Joined:
    Jun 18, 2009
    #13
    I wonder if Apple and other companies charge a fee for national security requests. I would have to presume that they do and it is probably a lucrative business for Apple.
     
  14. PaulRustad007 macrumors 6502

    PaulRustad007

    Joined:
    Jun 3, 2015
    #14
    It is always about the.....


    toy3story201.jpg


    and it almost the worst excuse ever......
     
  15. macduke macrumors G3

    macduke

    Joined:
    Jun 27, 2007
    Location:
    Central U.S.
    #15
    The reason we haven't heard much about them trying to get access is that they've been using this to get access for the past year or two. Once that goes away we'll either hear more complaints or silence. If we hear silence then we should be worried because they've got a backup plan.
     
  16. DocMultimedia macrumors 6502

    DocMultimedia

    Joined:
    Sep 8, 2012
    Location:
    Charlottesville, VA
  17. Swift macrumors 68000

    Swift

    Joined:
    Feb 18, 2003
    Location:
    Los Angeles
    #17
    It's not a cure-all, but that's good. Another part of this that I really love is the amount of anonymization there will be in Safari in iOS 12 and Mojave. I hate those ads that want to know who you are for two reasons: in the end, they collect a hell of a lot of information about you ... right, Google...? And they can sell this stuff to, like Cambridge Analytics -- now deceased and renamed -- and they can merge what Google has, what Facebook has, and what your voter registration has, and all other public or cheap info, and they've got a portrait of you for any number of reasons, from blackmail to political ads. I would strongly back a regulation of the Internet that made that kind of mass collection illegal. For one thing, look at Facebook in 2016. For another, think of what's to come. Big Brother we don't need.

    And for another, all that javascript junks up webpages so they jiggle and jitter for 25 seconds, when a plain page loads in 5 seconds. And it's a place for viruses to hide. Show us an ad based on what you know about what kind of people read this, or watch this. Guess. It made TV a s--tton of money. But the TV couldn't take pictures of you, and nobody thought that it could or that it should.
     
  18. jerwin macrumors 68000

    Joined:
    Jun 13, 2015
    #18
    it's possible that an earlier draft said "lightning port", and the copy editors nixed that, without deleting the now somewhat superfluous clarification.
     
  19. surf2snow1 macrumors regular

    Joined:
    Feb 26, 2008
    #19
    This started under the last administration. To be fair, it started at the local (not federal) level.
     
  20. JimmyHook macrumors 6502a

    Joined:
    Apr 7, 2015
    #20
    Good. Because military contractors like Google don’t believe in privacy (or security really).
    --- Post Merged, Jun 13, 2018 ---
    Don’t play those games. Trump is as Orwellian as it gets. It technically started a LONG time ago, but Agent Orange is making it way worse
     
  21. djlythium macrumors 6502a

    djlythium

    Joined:
    Jun 11, 2014
    #21
    THANK YOU, APPLE!

    It’s actions like these that keep me buying Apple products, and recommending them to others for their focus on privacy.
     
  22. rafark macrumors 6502a

    rafark

    Joined:
    Sep 1, 2017
  23. KPandian1 macrumors 6502a

    Joined:
    Oct 22, 2013
    #23
    Yes, please don't trivialize this issue.

    Add Republicans to the Big Brother brood. In fact they have always been so for almost a century!
     
  24. Robert.Walter macrumors 65816

    Joined:
    Jul 10, 2012
    #24
    This feature needs to kick in when one uses the click the power button for sos feature.

    If this has been overlooked then that’s a design flaw.
     
  25. cmwade77, Jun 13, 2018
    Last edited: Jun 13, 2018

    cmwade77 macrumors 6502a

    Joined:
    Nov 18, 2008
    #25
    I think you may be right, otherwise they would have an option to securely erase the phone after X number of unsuccessful password attempts and perhaps even provide a way to have a password that would immediately erase the phone.
    --- Post Merged, Jun 13, 2018 ---
    Honestly, it started well before that, well before 9/11 even, it dates all the way back to the founding of the country. There are reasons that the constitution has protections against unlawful searches after all. Various events throughout history, such as 9/11 have given the government excuses to slowly chip away at this and we, the people have forgotten that WE have the power to stop them. We have also collectively decided that we would rather have "security" rather than privacy, even though the "security" really isn't security at all, instead it is security theater and in the name of making security easier rather than insisting the government do its job properly.


    I don't think the feature goes far enough and I don't think there should be the ability to disable it either, as some clever person will find a way to disable the feature without unlocking the phone.
     

Share This Page