Apple Confirms Plans to Disable Law Enforcement Access to iPhone via Tools Like GrayKey Box

Discussion in 'Politics, Religion, Social Issues' started by MacRumors, Jun 13, 2018.

  1. MacRumors macrumors bot


    Apr 12, 2001

    Apple has confirmed that it is closing a technological loophole that allows law enforcement officials to hack into iPhones through USB-based hardware solutions like the GrayKey box, reports The New York Times.
    As we shared last week, the feature that prevents USB accessories from connecting to an iPhone or iPad if it's been more than an hour since the device was last unlocked is included in iOS 12. This setting is enabled by default and it will not allow USB-based accessories like the GrayKey box to connect to an iOS device until a passcode is entered. Charging, however, is still possible as it does not require a data connection.


    Apple's new setting effectively disables the techniques that law enforcement officials have been using to access locked iPhones over the past couple of years. A current popular iPhone unlocking option, for example, is the GrayKey box, which has been sold to hundreds of law enforcement agencies across the United States.

    The GrayKey box is designed to plug into the Lightning port of an iPhone where it uses a data connection to brute force a passcode in as little as a few hours. With the change, the GrayKey box will not work on an iPhone unless it has been less than an hour since the device was last unlocked. The short time period available for access via USB essentially renders the GrayKey box useless.

    Located under Touch ID & Passcode, the USB access setting can be disabled, but most users will have no reason to turn it off as there's no real benefit to doing so. All iOS devices will have this setting turned on by default after upgrading to iOS 12, which means law enforcement officials will have a much more difficult time accessing devices running iOS 12 and beyond.

    As The New York Times points out, law enforcement officials have become aware of the changes Apple is planning to implement in iOS 12 and they're not happy. Chuck Cohen, who leads an Indiana State Police task force on internet crimes against children, told The New York Times that the Indiana State Police had unlocked 96 iPhones using the GrayKey box in 2017.

    "If we go back to the situation where we again don't have access, now we know directly all the evidence we've lost and all the kids we can't put into a position of safety," said Cohen.

    iPhone unlocking devices like the GrayKey box, however, are often not only used by law enforcement officials and can be used by hackers and other nefarious individuals, making it crucial for Apple to patch the security flaw that allows the devices to work.

    Apple is not aiming to thwart law enforcement efforts with its on-device security changes. The company regularly complies with requests for the data that it stores on its servers, and has a dedicated team of professionals to respond to these requests. Since 2013, Apple has responded to more than 55,000 U.S. government requests seeking information relating to over 208,000 devices, accounts, or financial identifiers.

    Apple also has a team for responding to national security requests, and in 2017 alone, Apple received 29,250-29,748 National Security Requests from the U.S. government. Specific numbers are not available because of U.S. law.

    An Apple spokesperson told MacRumors that Apple is always working on strengthening security protections and addressing iPhone vulnerabilities as quickly as possible to defend customers against hackers.

    "At Apple, we put the customer at the center of everything we design. We're constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don't design our security improvements to frustrate their efforts to do their jobs."

    Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

    Article Link: Apple Confirms Plans to Disable Law Enforcement Access to iPhone via Tools Like GrayKey Box
  2. KPandian1 macrumors 6502a

    Oct 22, 2013
    Now, wait for the knee-jerk reaction from the extreme nuts. They don't understand the concept of privacy for one means privacy for all.

    Hope Google, Microsoft, Amazon and other big boys come out with support and similar methods.
  3. cycomiko macrumors 6502

    Oct 14, 2008
    So they went straight to the old trope of "won't somebody think o the children"
  4. bperrella macrumors regular

    Apr 8, 2010
    Wow that quote from the police is literally a meme. Bbbut think of the children.
  5. Rhonindk macrumors 68040


    So continues the giant game of "TAG".


  6. dwman macrumors 6502


    Nov 15, 2007
    San Francisco
    Given the current nature of our banana republic and the slow creep towards 24hr surveillance of law-abiding citizens, this is a prudent move by Apple. Glad they have the guts to stand up for their users rights.
  7. -Garry- macrumors 6502a


    Oct 23, 2005
    Manchester, UK
    I’m glad the New York Times decided in their quote to clarify what the charging and data port is. I’d never have known otherwise.
  8. Ca$hflow macrumors 6502


    Jan 7, 2010
    London, ON
    LOL, protect the children. How lame to use children as a way to thwart personal privacy. You can save a million percent more children by NOT giving kids an iPhone at too young of an age.
  9. Manzzle macrumors regular


    Jun 11, 2012
    The more you guys broadcast this, they will work harder to find a way to break through.
  10. nt5672 macrumors 68000

    Jun 30, 2007
    Mr. Chuck Cohen did not bother to indicate how many of these 96 phones had information that actually made a difference in the investigation and I know why. This is not about the children, but about making the police's job easier. How about the police getting off their duff and doing some police work instead of just sitting around demanding free access to any phone they want.
  11. KPandian1 macrumors 6502a

    Oct 22, 2013
    Will they move at the pace of a sloth if "we Guys" don't broadcast this?

    Anything to suppress!

    You underestimate the hacking community.
  12. -BigMac- macrumors 65816


    Apr 15, 2011
    Melbourne, Australia
    Epic. Super exciting time to be an Apple user in the era of constant surveillance and giant privacy leaks.

    Although this doesnt patch the whole picture, its another step forward. Well done! :apple:
  13. Peepo macrumors 6502a

    Jun 18, 2009
    I wonder if Apple and other companies charge a fee for national security requests. I would have to presume that they do and it is probably a lucrative business for Apple.
  14. PaulRustad007 macrumors 6502


    Jun 3, 2015
    It is always about the.....


    and it almost the worst excuse ever......
  15. macduke macrumors G3


    Jun 27, 2007
    Central U.S.
    The reason we haven't heard much about them trying to get access is that they've been using this to get access for the past year or two. Once that goes away we'll either hear more complaints or silence. If we hear silence then we should be worried because they've got a backup plan.
  16. DocMultimedia macrumors 6502


    Sep 8, 2012
    Charlottesville, VA
  17. Swift macrumors 68000


    Feb 18, 2003
    Los Angeles
    It's not a cure-all, but that's good. Another part of this that I really love is the amount of anonymization there will be in Safari in iOS 12 and Mojave. I hate those ads that want to know who you are for two reasons: in the end, they collect a hell of a lot of information about you ... right, Google...? And they can sell this stuff to, like Cambridge Analytics -- now deceased and renamed -- and they can merge what Google has, what Facebook has, and what your voter registration has, and all other public or cheap info, and they've got a portrait of you for any number of reasons, from blackmail to political ads. I would strongly back a regulation of the Internet that made that kind of mass collection illegal. For one thing, look at Facebook in 2016. For another, think of what's to come. Big Brother we don't need.

    And for another, all that javascript junks up webpages so they jiggle and jitter for 25 seconds, when a plain page loads in 5 seconds. And it's a place for viruses to hide. Show us an ad based on what you know about what kind of people read this, or watch this. Guess. It made TV a s--tton of money. But the TV couldn't take pictures of you, and nobody thought that it could or that it should.
  18. jerwin macrumors 68000

    Jun 13, 2015
    it's possible that an earlier draft said "lightning port", and the copy editors nixed that, without deleting the now somewhat superfluous clarification.
  19. surf2snow1 macrumors regular

    Feb 26, 2008
    This started under the last administration. To be fair, it started at the local (not federal) level.
  20. JimmyHook macrumors 6502a

    Apr 7, 2015
    Good. Because military contractors like Google don’t believe in privacy (or security really).
    --- Post Merged, Jun 13, 2018 ---
    Don’t play those games. Trump is as Orwellian as it gets. It technically started a LONG time ago, but Agent Orange is making it way worse
  21. djlythium macrumors 6502a


    Jun 11, 2014

    It’s actions like these that keep me buying Apple products, and recommending them to others for their focus on privacy.
  22. rafark macrumors 6502a


    Sep 1, 2017
  23. KPandian1 macrumors 6502a

    Oct 22, 2013
    Yes, please don't trivialize this issue.

    Add Republicans to the Big Brother brood. In fact they have always been so for almost a century!
  24. Robert.Walter macrumors 65816

    Jul 10, 2012
    This feature needs to kick in when one uses the click the power button for sos feature.

    If this has been overlooked then that’s a design flaw.
  25. cmwade77, Jun 13, 2018
    Last edited: Jun 13, 2018

    cmwade77 macrumors 6502a

    Nov 18, 2008
    I think you may be right, otherwise they would have an option to securely erase the phone after X number of unsuccessful password attempts and perhaps even provide a way to have a password that would immediately erase the phone.
    --- Post Merged, Jun 13, 2018 ---
    Honestly, it started well before that, well before 9/11 even, it dates all the way back to the founding of the country. There are reasons that the constitution has protections against unlawful searches after all. Various events throughout history, such as 9/11 have given the government excuses to slowly chip away at this and we, the people have forgotten that WE have the power to stop them. We have also collectively decided that we would rather have "security" rather than privacy, even though the "security" really isn't security at all, instead it is security theater and in the name of making security easier rather than insisting the government do its job properly.

    I don't think the feature goes far enough and I don't think there should be the ability to disable it either, as some clever person will find a way to disable the feature without unlocking the phone.

Share This Page