'GrayKey' iPhone Unlocking Box Seeing Wide Adoption Among Law Enforcement

Discussion in 'Politics, Religion, Social Issues' started by MacRumors, Apr 12, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    GrayShift's recently publicized "GrayKey" box designed to crack locked iPhones is seeing wide adoption among police forces and federal agencies across the United States according to a recent investigation by Motherboard.

    Motherboard found that regional police forces like the Maryland State Police, the Indiana State Police, and the Miami-Dade County Police have purchased or are soon purchasing GrayKey technology, while other forces like the Indianapolis Metropolitan Police Department have looked into boxes and received quotes from GrayShift.

    [​IMG]


    The Secret Service is also planning to purchase "at least half a dozen" GrayKey boxes for unlocking iPhones, while the State Department has already bought them and the Drug Enforcement Administration has expressed interest.

    Current FBI Director Christopher Wray said in January at the International Conference on Cyber Security that law enforcement officials are facing a "Going Dark" challenge where an "enormous" number of cases rely on an electronic device. "We're increasingly unable to access that evidence, despite lawful authority to do so," said Wray.

    Motherboard's investigation into GrayShift, the GrayKey iPhone unlocking boxes, and other smartphone unlocking methods suggest that is not the case. The FBI uses the going dark debate to advocate for easier access to electronic devices through backdoors, but the seemingly readily available tools like GrayKey undermine these arguments.
    In recent months, law enforcement officials have been quietly revisiting proposals that would require tech companies to build backdoor access into smartphones and other electronics, something Apple vehemently fought against back in 2016 following the San Bernardino shooting where the FBI attempted to order the company to provide it with a tool to crack the iPhone 5c involved in the case.

    As has been previously reported, the GrayKey mentioned by Motherboard is a small, portable gray box that's equipped with dual Lightning cables. An iPhone can be plugged into one of the cables to install proprietary software that's able to guess the passcode for an iPhone in either a few hours or a few days, depending on the strength of the passcode.

    Once the GrayKey software has unlocked an iPhone, it can be plugged back into the GrayKey box to download all of the data on the iPhone. GrayKey can crack the latest iPhones running modern versions of iOS, including iOS 11, providing law enforcement officials with easy access to locked iPhones for criminal investigations.

    Grayshift charges $15,000 for a GrayKey box that requires internet connectivity, is geofenced to a specific location, and allows for 300 unlocks, or $30,000 for a box that requires no connection, can be used anywhere, and can unlock an unlimited number of devices.

    As Motherboard points out, the technology used in the GrayKey boxes may eventually be outdated through updates to the iOS operating system, leading to periods where some versions of iOS may be difficult to access. Because of the ongoing cat and mouse game of Apple patching a vulnerability as third-party iPhone cracking services look for new methods to get into iPhones, the argument for backdoors into smartphones is likely to surface time and time again.

    Motherboard's full report on the iPhone unlocking tools available to law enforcement officials can be viewed over on the website.

    Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

    Article Link: 'GrayKey' iPhone Unlocking Box Seeing Wide Adoption Among Law Enforcement
     
  2. gsmornot macrumors 68030

    gsmornot

    Joined:
    Sep 29, 2014
    #2
    At some point, non-law enforcement will have these too and then go wireless as well. We'll need one of those wraps people put their chip cards in just to stop the phone from being drained of info. Or....this is not going to be a big deal for most people.
     
  3. JimmyHook macrumors 6502a

    Joined:
    Apr 7, 2015
    #3
    Waste of taxpayer money. It’ll be worthless in a few weeks. Also, everyone should enable wiping the phone after 10 failed attempts, also use a complex passcode
     
  4. lowendlinux Contributor

    lowendlinux

    Joined:
    Sep 24, 2014
    Location:
    North Country (way upstate NY)
    #4
    I'm overwhelmed with shock that the cops are buying these
     
  5. RedKite macrumors regular

    RedKite

    Joined:
    Dec 19, 2017
    #5
    Surprised that Apple haven’t stepped up and announced a new security process doohickey that renders these boxes useless!
     
  6. Mefisto macrumors 6502a

    Mefisto

    Joined:
    Mar 9, 2015
    Location:
    The North
    #6
    It's my understanding that the device gets around this safety measure. Don't ask me how, though, I understand very little of what it actually does apart from "unlocks iPhones and stuff".
     
  7. Relentless Power macrumors Core

    Relentless Power

    Joined:
    Jul 12, 2016
    #7
    Just a thought, How upsetting would it be to Graybox if Apple changed the lighting charging method.
     
  8. Merkie macrumors 68020

    Joined:
    Oct 23, 2008
    #8
    I really doubt this will happen. First, almost no one cares about personal data, let alone enough to warrant purchasing a $15,000 dollar device. Second, your phone is probably worth more than your data, so why not just steal the phone in its entirety? Third, it takes a long time to crack your pass code. Fourth, it's not even possible to do this wireless. Fifth, Apple won't be sitting still and will take countermeasures with every iOS release.
     
  9. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
  10. OldSchoolMacGuy macrumors 68040

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #10
    These articles are so cute and naive. Law enforcement has had this type of stuff for 10+ years. I started selling it to them back in 2008.
     
  11. agsystems macrumors 6502a

    Joined:
    Aug 1, 2013
    #11
    thank you - I am thinking this helps Apple's argument why they don't need back doors since these boxes are available. That's why they don't go all out an encrypt all iCloud data and they do make it available to law enforcement under subpoena - this way they can 'appear' to be helpful to the courts
     
  12. tridley68 macrumors 6502

    tridley68

    Joined:
    Aug 28, 2014
    #12
    The FBI is going to spend almost a Hundred grand only to find out IOS12 will render it useless way to waste tax dollars Fumbling Bureau of idiots
     
  13. OldSchoolMacGuy macrumors 68040

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #13
    Simply not true. Since 2008 we've been selling law enforcement tools to unlock iPhones. We've even met with Apple's iOS security team and shown them these tools at work. They've done nothing to block them (directly) in updates. Sure, there are small modifications we have to make with new iOS updates, but the core tech is still the same as it has always been.

    And setting to wipe after 10 attempts doesn't matter. It's not brute forcing in a way that will trigger that function.
     
  14. prasand macrumors 6502

    prasand

    Joined:
    Mar 24, 2015
    Location:
    UES, New York
    #14
    That's a lot of money being spent for a device that Tim Cook while reading this MR article, will say "let's address that" and will be made obsolete next week. Well, I guess they'll still be able to work on devices not updated (which will be many).
     
  15. lkrupp macrumors 6502a

    Joined:
    Jul 24, 2004
    #15
    If i read correctly about this box it tries a sequence of pin numbers until it hits the right one. I can’t remember if the option to lock the iPhone after 10 tries is on by default or if the user has to turn it on. If it’s not on by default then I could see this working since most wouldn’t even know about this option. However, user who are aware of this security feature would sure turn it on if they planned to do bad things. Somebody set me straight on this.
     
  16. now i see it macrumors 68000

    Joined:
    Jan 2, 2002
    #16
    Next version of iOS will inevitably make these gray boxes bricks. 5 more months until these boxes become worthless.
     
  17. spazzcat macrumors 68020

    spazzcat

    Joined:
    Jun 29, 2007
    #17
    I thought it didn't work with alpha based passcodes?
     
  18. fenderbass146, Apr 12, 2018
    Last edited: Apr 13, 2018

    fenderbass146 macrumors 65816

    fenderbass146

    Joined:
    Mar 11, 2009
    Location:
    Northwest Indiana
    #18

    Any proof of this? And who is "we"?
     
  19. BasicGreatGuy Contributor

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #19
    Child’s play. Go with 12. ;)
     
  20. dmx macrumors 6502a

    Joined:
    Oct 25, 2008
    #20
    Apple should sue them for infringement if they don’t have MFi certification.
     
  21. npmacuser5 macrumors 6502a

    npmacuser5

    Joined:
    Apr 10, 2015
  22. BasicGreatGuy Contributor

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #22
    Shines the spotlight. What the heck, MacGuy. You are supposed to be on our side. :p
     
  23. blackcrayon macrumors 68000

    Joined:
    Mar 10, 2003
    #23
    It isn't using the iPhone's user interface to enter the passcodes, so it isn't limited by any safeguards against wrong passwords. Even without the wipe feature, iPhones will take progressively longer to allow you to punch in codes manually. If this device were doing that, it would probably take years to crack a code.

    It *does* seem limited by the complexity of your passcode though. If you use a 12 character alphanumeric code, i wonder if it still can do it in "days".
     
  24. StarShot macrumors 6502a

    StarShot

    Joined:
    Mar 31, 2014
    #24
    Why are we even talking about this? Do a crime and pay the time. IF you're stupid enough to put evidence on your phone about criminal actions, you get what you deserve. Crack 'em all open, G-Men

    FTAB6
     
  25. AppleInLVX macrumors 6502a

    AppleInLVX

    Joined:
    Jan 12, 2010
    #25
    Been using a long alphanumeric password ever since touch ID. This box is utterly useless.
     

Share This Page