'GrayKey' iPhone Unlocking Box Seeing Wide Adoption Among Law Enforcement

[shplock]

Simply not true. Since 2008 we've been selling law enforcement tools to unlock iPhones. We've even met with Apple's iOS security team and shown them these tools at work. They've done nothing to block them (directly) in updates. Sure, there are small modifications we have to make with new iOS updates, but the core tech is still the same as it has always been.

And setting to wipe after 10 attempts doesn't matter. It's not brute forcing in a way that will trigger that function.

I seriously doubt what you claim about selling this type of stuff for so many years. If true then surely the FBI would have come to you to unlock the iPhone 5c in the San Bernadino shooting? No? Didn't think so. They also would not have had the amount of problems getting into the iPhone 5c which they only just managed ti do. it was not as easy as you claim.
[doublepost=1523645102][/doublepost]

Why are we even talking about this? Do a crime and pay the time. IF you're stupid enough to put evidence on your phone about criminal actions, you get what you deserve. Crack 'em all open, G-Men

FTAB6

Yes but the problem is not about law enforcement getting into our phones etc but about safe guarding our info. Firstly there are those in law enforcement who are not lawful and act against the law and the civil liberties. Also there are those who we call criminals who will use any trick to get our info and misuse it. So if you think that this is not important then post all of your info on here. Post your name, age, date of birth, address, bank info and email passwords and so on. Then see how great your life is afterwards.
[doublepost=1523645201][/doublepost]

Great idea, right up until your sibling/friend decides to play a "hilarious" prank on you.

Precisely why having regular back ups is an even better idea!. Also any person who did that with me will have an even greater prank pulled on them. it is called my fist rearranging their face.
[doublepost=1523645639][/doublepost]

I find it hilarious that everyone here seems to think that they are James Bond, and that every FBI agent is chomping at the bit to gain access to the $26.32 in their bank account, their duck-faced Instagram selfies, lame tweets, and Facebook posts (which apparently are easy to get even without access to your phone).

Cops can get a warrant and search your entire home and office, your cell calls, your financial records, and nobody has any problems with that. But my smartphone? No, HELL no!

Um, the FBI are trying to solve real federal crimes to protect you, dummies, not gain access to Joe Q. Boring's iPhone.

At some point, there is going to be a horrendous kidnapping, mass murder, or terrorist crime which could be solved or thwarted by simple access to a smartphone, but nope - thanks to privacy and encryption uber alles, it's a no go.

Then you'll all whine about how ineffective the FBI is.

No offence but you have no idea. The issue is NOT the FBI or law enforcement. it is the criminals who can do all sorts of bad stuff with our private info.
They can for example take out a mortgage using personal info and basically run off with the money or they can get a copy of your passport and drivers license and use it to commit mass fraud, use it to open bank accounts and launder money. Then the next thing you know, the FBI is arresting you for money laundering, fraud nd maybe even kiddie porn and rape etc.
Imagine that happened to you, you you still see it the same way? No of course you won't.
We all have so much more to protect than a few dollars in our accounts.

 

[0924487]

To me, this is very concerning. I use iOS and willing to pay the premium only because it is secure.

 

[CarlJ]

Why does MacRumors not allow members to post to these types of threads, without a minimum of 100 posts? Like who are they protecting? Seriously, what does MacRumors gain from not letting everyone comment on political discussions? Is this the equality that everyones talking about?!

Why the snipe at equality? It has nothing to do with that. It's more about pragmatism and site moderation: it cuts down on the number of drive-by/sock-puppet accounts arguing on some highly flammable topic. One can't easily set up sock puppet accounts today, to agree with your posts today, or insult other people today, if they have to make 100 posts first. Anyone who is around here for a little while actually engaging in discussion will hit the 100 post minimum fairly quickly.

 

[MagnusVonMagnum]

Is that tinfoil hat getting heavy yet?
It seems you are from someplace that has NO laws dating back to past centuries since you take such a stance on Georgia. I don't know what your problem is, but you malign millions who live here.

So you take it personally that your state sent someone to prison for having oral sex with his girlfriend and because it was recorded on his phone he deserves PRISON for that??? Take it any way you like, that was absolute bullcrap what they did. It was, however, just an off the top of my head example. It ranks right up there with Texas where sex toys were illegal for decades. The absolute HYPOCRITES that think big government shouldn't be in your lives WANT government in your bedroom telling you what you can and cannot do (to yourself even) in the privacy of your own home. Thank Ted Cruz for that one as he fought tooth and nail to keep that draconian law on the books while claiming he's against big government. The tyranny of the many apparently is allowed to trample on the rights of minority. Look at the South's desperate battle against same sex marriage. Their personal beliefs don't LIKE it, so they feel the need to FORCE THEIR BELIEFS on everyone else too! Rights to freedom? Religion? Bullcrap. These hypocrites only want THEIR freedom and THEIR beliefs to be protected. They want everyone else that doesn't believe what they believe in prison, deported or hanging from a tree. If you're offended by THAT, I don't give a flying crap.

 

[Eorlas]

Harsh, but your point is taken. Maybe Apple should force passwords to be a little more robust than 6 numbers?

Admittedly so, and I apologize.

Apple could, and actually might consider doing that. Current fresh installs push for using biometric options, and using a 6digit password as opposed to a 4. I have a feeling that a great deal of Apple's user base would be frustrated to have to type in these mega passwords.

But I'm not sure how that would affect this box other than make it take progressively longer for it to decrypt passwords? The cracking method is still unclear, except we know that it won't trigger the password attempt failure safeguard.

 

[idunn]

GrayKey can crack the latest iPhones running modern versions of iOS, including iOS 11, providing law enforcement officials with easy access to locked iPhones for criminal investigations.

Or in other words all iOS devices are not secure.

Although there are issues with OSX security, that aside this is certainly an instance when the rubber meets the road for Apple and its advertised concern for customer privacy. Either they address this effectively with immediate effect—or not. Silence on the matter can mean but one thing, and damning.

 

[nicho]

But I'm not sure how that would affect this box other than make it take progressively longer for it to decrypt passwords?

Accounting for the hardware limit of 80ms between attempts, a 6 digit pin over a 4 digit pin takes it from around 13 minutes to guarantee a crack up to 22 hours.

8 digits would take up to 92.5 days at 100000000 combinations making 8000000000 milliseconds to try every combo. Currently it might take longer (because above 7 digits, iOS doesn't report how many it is expecting) but if they forced 8 digit passcodes I'd expect them to have 8 little circles for an 8 digit passcode.

12 digits would take 2800 years to guarantee a crack.

 

[AnthonyHarris]

They should just go to a standard USB-C because that is what has become the standard for other manufacturers, then everything is interchangeable.

I completely agree. Apple doesn’t like following the mainstream when it comes to their iPhone connectors, but if they are redesigning their phones from the ground up (based on the X) it might make sense, if they are ever going to switch, to do it this year. I guess only time will tell. I personally like Lightening as it’s a tight fit and doesn’t pull out. My MacBook Pros usb c ports feel a bit loose and easily disconnected in comparison.

 

[vvswarup]

I find it hilarious that everyone here seems to think that they are James Bond, and that every FBI agent is chomping at the bit to gain access to the $26.32 in their bank account, their duck-faced Instagram selfies, lame tweets, and Facebook posts (which apparently are easy to get even without access to your phone).

Cops can get a warrant and search your entire home and office, your cell calls, your financial records, and nobody has any problems with that. But my smartphone? No, HELL no!

Um, the FBI are trying to solve real federal crimes to protect you, dummies, not gain access to Joe Q. Boring's iPhone.

At some point, there is going to be a horrendous kidnapping, mass murder, or terrorist crime which could be solved or thwarted by simple access to a smartphone, but nope - thanks to privacy and encryption uber alles, it's a no go.

Then you'll all whine about how ineffective the FBI is.

It's the principle of the thing!!!! The FBI has no business being able to spy on American citizens willy nilly. As it is, even if you haven't committed any crimes that the federal government can charge you with, it has a multitude of tools at its disposal to make life miserable for you. Just look at what the IRS did to conservative groups a few years ago.

Cops can get a warrant to search someone's phone and even seize it. If they have a warrant to search your home and you lock the door and throw the away the key, the police are free to do what it takes to get in. They can kick the door down if they need to. They're free to chip away at the security measures on people's phones to their heart's content but that's not good enough for the FBI. The FBI wants the right to conscript an unrelated private party do what should be the FBI's job. Worse yet, the FBI wants the public to live with deliberately compromised encryption on the off-chance that the FBI or any other LEO might need to decrypt the contents.

 

[Tech198]

Since Apple won't comply with orders... these grey boxes would be valuable to law enforcement, while still being better than paying a hacker to do it.

Why bother, when you can do it it yourself.

I can see this will be trend.... The better security phones get more governments would rather turn directly to these kinds of tools.. and not even trying with Apple first.. Why bother, as you know they won't comply.

Plus, its just a middle man you can get out of the picture.

It's the principle of the thing!!!! The FBI has no business being able to spy on American citizens willy nilly. As it is, even if you haven't committed any crimes that the federal government can charge you with, it has a multitude of tools at its disposal to make life miserable for you. Just look at what the IRS did to conservative groups a few years ago.

No.... Users just looking for privacy only without playing by the rules.

Apple doesn't control Cellebrite, it does what it wants. Either Apple does out of business or Cellebrite does..

If Apple starts saying "You can't sell devices which bypasses our security" other phone manufactures like Android will heed Apple's threat as well. And that's not gonna happen.

 

[dk001]

Looking forward to finding them available from China for 1/10 the price.

And an auto-China update feature for no extra charge ​

 

[OldSchoolMacGuy]

It might be a violation of MR's TOS to post exactly what I think about people in the business of selling out their neighbor's privacy, but they can't stop me from thinking about it as much as I want. Have a great day..

We don't invade people's privacy. The computer forensic products we sell to law enforcement are used once a warrant has been obtained. At that point, they have no right to privacy. There is no violation of law happening.

Remember that most of the time, it's child pedophiles, terrorists, and other really bad people that these tools are used to help catch and prosecute. They provide a great service to cleaning up our world and making it a better place.

 

[fathergll]

A reminder that this is a brute force method, nothing new or special. Have a long alpha numeric passcode and it’ll take this machine literally years to break it.

No it is new because it's getting around the wipe feature. Thats what makes this device special. Thats why this was such a big deal because the FBI couldn't even crack it themselves without this box.

 

[Marshall73]

My passcode is made up of multiple words of varying lengths and also contains numbers and special characters. I made it fairly long as I don’t have to enter it very often so it’s not a major hassle having it so long. If phone thieves did get their hands on these tools good luck cracking my passcode in their lifetime.

 

[fathergll]

The fact that law enforcement can no longer solve a crime WITHOUT accessing a person's phone is enough evidence already of how ineffective they have become.

I know some are heated at the news that Apple's 'uncrackable' iOS security is indeed crackable but this comment makes no sense whatsoever. Seriously, reread your comment carefully then ask yourself when in human history was law enforcement this incredible well oiled machine that was solving crimes left and right. I'll wait....


Here's the inconvenient truth no body wants to admit. This goes way beyond iOS security and all of these misc electronic footprints we leave behind today are exactly how law enforcement is more effective today than in any time in history. The Austin bomber was caught in 19 days. You seriously think law enforcement would have been able to catch him in that amount of time in a more primitive era like the 1960s in that amount of time? Not a chance.

I'm not advocating for any position on this topic besides being truthful on the realities of the world we live in and what life was like previously. If you read some history on crimes from years past it's mind blowing how slow things were years ago. Crimes today that get solved in days might have taken months or years if you go back in previous history.

 

[RobertMartens]

At some point, non-law enforcement will have these too and then go wireless as well. We'll need one of those wraps people put their chip cards in just to stop the phone from being drained of info. Or....this is not going to be a big deal for most people.

At some point!! I'm gonna get one and open up a shop and charge $100 to open up your phone. I'm going to make a killing.

 

[chucker23n1]

I hope you both mean alpha-numeric and not just numeric because a 12 digit numeric passcode will give you about 12 seconds.

https://howsecureismypassword.net/

Leaving aside how problematic it is to run a website that encourages people to type in their passwords while also running tracker scripts from Facebook, this particular site also lacks a lot of crucial information. "It would take a computer about" — what computer? How fast? How many passwords per seconds are being assumed here? Is this an online or offline bruteforce attack?

In the case of GrayKey, it appears only an online attack takes place, which makes it quite slow because 1) you can't scale it with additional CPUs, and 2) you are limited by the deliberately slow Secure Enclave. In particular, it appears to take about 240ms for a guess, or to crack at a little over four passwords per second. So, I'll repeat what I wrote earlier:

For a four-digit passcode (10,000 possibilities), that's only 40 minutes.

For a six-digit passcode (1,000,000 possibilities), it's close to three days.

Seven digits, as someone has suggested: almost 28 days.

For an eight-character password, assuming 95 possible characters*, it's over 50 million years.

 

[anyjungleinguy]

Everyone go here and enter your password. Surely they’d never use it against you. Lol

https://github.com/howsecureismypassword/hsimp

Run your own copy. Now you can take of your tinfoil hat.

Leaving aside how problematic it is to run a website that encourages people to type in their passwords while also running tracker scripts from Facebook, this particular site also lacks a lot of crucial information. "It would take a computer about" — what computer? How fast? How many passwords per seconds are being assumed here? Is this an online or offline bruteforce attack?

The author touches on it a little here:

https://github.com/howsecureismypassword/hsimp/issues/13

 

[chucker23n1]

The author touches on it a little here:

https://github.com/howsecureismypassword/hsimp/issues/13

Right. That’s a lot of assumptions that don’t ring true here. GrayKey doesn’t do an offline attack, so no GPU acceleration, and no checking hashes. It won’t be anywhere near that fast.

 

[dk001]

I know some are heated at the news that Apple's 'uncrackable' iOS security is indeed crackable but this comment makes no sense whatsoever. Seriously, reread your comment carefully then ask yourself when in human history was law enforcement this incredible well oiled machine that was solving crimes left and right. I'll wait....


Here's the inconvenient truth no body wants to admit. This goes way beyond iOS security and all of these misc electronic footprints we leave behind today are exactly how law enforcement is more effective today than in any time in history. The Austin bomber was caught in 19 days. You seriously think law enforcement would have been able to catch him in that amount of time in a more primitive era like the 1960s in that amount of time? Not a chance.

I'm not advocating for any position on this topic besides being truthful on the realities of the world we live in and what life was like previously. If you read some history on crimes from years past it's mind blowing how slow things were years ago. Crimes today that get solved in days might have taken months or years if you go back in previous history.

Actually, that statement has some truth in it.
You need to ask if they need the phone contents for confirming or for fishing.

 

[jdoll021]

Why does MacRumors not allow members to post to these types of threads, without a minimum of 100 posts? Like who are they protecting? Seriously, what does MacRumors gain from not letting everyone comment on political discussions? Is this the equality that everyones talking about?!

Don't know if someone said this yet, but it's to keep the trolls out.

 

[Spectrum]

How does this thing actually work? Aren't password attempts limited in number and frequency?

 

[chucker23n1]

How does this thing actually work? Aren't password attempts limited in number and frequency?

Yes.

GrayKey appears exploit various security holes to circumvent limitations:

• it can connect to the iPhone without user consent. Normally, it would only be able to supply power that way. This is how it installs an app on the iPhone.
• it can circumvent the sandbox. That app shouldn't be able to access the entire file system, which is presumably how it accesses the user's password hash.
• given the above, the password attempt number and frequency limits probably don't apply. Those limits are enforced in the iOS system software, and (apparently) only if you try to log in through the regular user interface.

However, the Secure Enclave limit of 80ms per password guess still does apply, because it's enforced in hardware. On top of that, it appears to take some additional time, leading to ~240ms per guess, or a little over four guesses per second.

 

[bliggs]

I know some are heated at the news that Apple's 'uncrackable' iOS security is indeed crackable but this comment makes no sense whatsoever. Seriously, reread your comment carefully then ask yourself when in human history was law enforcement this incredible well oiled machine that was solving crimes left and right. I'll wait....


Here's the inconvenient truth no body wants to admit. This goes way beyond iOS security and all of these misc electronic footprints we leave behind today are exactly how law enforcement is more effective today than in any time in history. The Austin bomber was caught in 19 days. You seriously think law enforcement would have been able to catch him in that amount of time in a more primitive era like the 1960s in that amount of time? Not a chance.

I'm not advocating for any position on this topic besides being truthful on the realities of the world we live in and what life was like previously. If you read some history on crimes from years past it's mind blowing how slow things were years ago. Crimes today that get solved in days might have taken months or years if you go back in previous history.

The simple point that I was trying to make is that because of the technology, to which you are speaking about in great lengths, law enforcement has gotten a bit lazy and want to be spoon fed all of the information they need without ever leaving the office. I suppose I don't really blame them.

 

[fathergll]

The simple point that I was trying to make is that because of the technology, to which you are speaking about in great lengths, law enforcement has gotten a bit lazy and want to be spoon fed all of the information they need without ever leaving the office. I suppose I don't really blame them.

What they are doing is what they have always been doing; "Follow all leads". It's crime solving 101.

They have a certain objective and that means they want all possible avenues to that objective. It has nothing to due with being lazy. A smart phones can be a huge lead. Law enforcement would have to be stupid to not want to use information on a smartphone.