Can this thing remove iCloud lock? If so, one of these + dirt cheap iCloud locked iPhones from eBay/Craigslist = PROFIT
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
'GrayKey' iPhone Unlocking Box Used by Law Enforcement Shown Off in Photos
- Thread starter MacRumors
- Start date
- Sort by reaction score
Nope. Just a rectangular box. Dots only appear as you type the code.
Attachments
Yeah I'm not exactly pleased with how secure it is inside the police station either.
Let me paint a picture for those who lack imagination or maybe have never lived in a small town and dealt with small town politics...
Sheriff Joe is a "law and order" kind of guy favored by about half of the voters. However, Sheriff Joe is known to occasionally color outside of the lines to protect the Security of the Community from those Bad Hombres.
I decide to run against Joe as is my right in an effort to provide an alternative candidate. Now Joe doesn't like the fact someone is running against him. Hasn't happened in the last two elections and shouldn't be happening now. Heaven forbid some weenie, liberal gets elected, the Bad Hombres will run the place over.
So, it's Joe's Responsibility to the good People of the Community to have someone steal/borrow my phone and hook it up to that fun new toy he bought with his homeland security money. Joe now has details about my business, my schedule, my family, maybe even some tasteful, but not pornographic, boudoir photos of my significant other. Things that can be used to intimidate and/or harass me.Its the least he can do to protect the Security of the People of the Community.
This is why I stand 100% behind companies like Apple who comply with legal warrants and inquiries to the best of their ability but make every effort to prevent some hack, even an elected one, from getting into peoples private business.
If you truly believe that LEO should have access to peoples devices, you have a Responsibility to do everything you can to move forward legislation that requires companies to install backdoors on their devices and software. Then everyone can stop believing these devices are secure and truly understand they should never put anything on them they don't want to potentially go public.
As long as Apple keeps playing Whack-A-Mole at the best of their ability, they'll have my business. The exploits need to be closed. Expensive black boxes need to be turned into paperweights.
It flew over everyones head then. Probably because you forgot to put anything funny in the comment. Which is kinda important if you claim the comment was a 'joke'
The exploit is that they bypass the locking function after x tries. It allows them to brute force. This is feasible for 4-6 or perhaps even 7-8 digit numerical passcodes. Above that they need to be very patient for the result.
The remedy is to set a longer passcode, 10-12 digits or more.
The remedy is to set a longer passcode, 10-12 digits or more.
Perhaps it’s able to disable that option? It doesn’t sound like it’s simply a brute force approach.
And i would if my FaceID didn't have a success rate of under 70%
Google "Phone password 5th amendment" for some details. The idea is that the act of providing your password is testifying or providing information about yourself. It also relates to being deprived of your personal property without due process.
https://cyb3rcrim3.blogspot.com/2015/09/the-sec-company-smartphones-and.html
[doublepost=1521163522][/doublepost]
It would provide access to any/all sites that you store the passwords for in your iCloud Keychain, if you do that, including iCloud, your bank, your car's telematics tracking site (for those with fancy cars).
If the government has not been listening to my phone calls for years and years, I've been living my life all wrong.
Assume your phone is tapped,
Assume your phone is tapped,
Just because you're paranoid, it doesn't mean they're not out to get you.
I thought briefly about doing that, but then I remembered that if I set my phone to erase after 5 failed attempts, I’d be having to restore my phone constantly thanks to my toddler.
It attaches via lightning, and there are only so many vectors that you can use to get in that way. It also looks like it doesn't rewrite the firmware, since the normal iPhone status bar is visible on-screen.
What's fascinating is that it doesn't actually unlock the phone, the end-user does. I wonder if that's a required forensic step.
What's fascinating is that it doesn't actually unlock the phone, the end-user does. I wonder if that's a required forensic step.
I never once said LEO should have this kind of access. I've also been strongly opposed to the FBI wanting a "back door" into iOS devices or weaker encryption (that they have the master keys to). In fact, this is a million times worse as something like a set of master encryption keys can be stolen and rapidly distributed to numerous people.
These exploits (because they could be rendered useless overnight simply by Apple issuing an iOS update) are far too valuable to the companies that discover them (and the agencies that use them). It's in their interest to use this particular exploit on specific (and likely difficult) cases they are currently investigating ASAP before time runs out. And given the time it takes to crack an iPhone (hours to days) they literally don't have the time to just open up every iPhone they see. Only serious cases will get access to their "magic box" because they have no idea when it will stop working.
My point is that I'm not worried about the police having access to some device a company created to access iPhones. It's not going to harm me, I'm not worried about people/criminals getting access to them, and it's very likely it will only work for a short period of time until Apple plugs whatever exploit it's using. And then someone else tries to come up with another method. Rinse and repeat.
In other words, when our intelligence agencies cry foul about encryption, it's a thin cover for the fact that they can easily get into your phone anyway. They just want to make a lot of noise about it so that people are lulled into a false sense of security, thinking they can keep incriminating evidence on their phones without worrying.
This is an assumption that may not be accurate.
Apple could conceivably "find" a device, or "borrow" one, or they could just hire (create) a company whose sole purpose is to acquire one -- by having it done by a third-party, they could have plausible deniability.
[doublepost=1521168500][/doublepost]
Oh good - so the device is fully charged as it's hacked.... very handy...
This device did the same for iOS 11 beta versions : https://appleinsider.com/articles/1...-screen-passcodes-but-could-take-days-to-work
I wonder if there are still holes in the DFU/restore/update paths that are being exploited?
If I order 50 for my Kremlin associates, and another 120 for my Chinese Ministry of State Security (secret police) comrades I'll be immensely rich! Of course they want several, at all costs. 
In the case of China, Apple was in a position where not only the customer base, but their manufacturing facilities were at risk if the didn't comply. They apparently negotiated quite vigorously but eventually had to back down. Consider that Apple was in a position where the Chinese government could be the bully by increasing taxes, increasing inspections (thus exposing trade secrets), and generally being intrusive and disruptive. The lesser evil (from a business perspective -- I won't comment on the moral aspect) was to move the data to China.
It should also be pointed out that many jurisdictions are looking into requiring data to be stored locally rather than in some other country, ostensibly for security of their citizens, but more likely to simplify access for the relevant intelligence agencies.
[doublepost=1521169688][/doublepost]
I am South Asian, but I wouldn't want this to occur.
India is a country mired in red tape and bureaucracy. The South Asian workforce has a different approach to efficiency and consistency as compared to the Oriental workforce. As a shareholder, I would also be concerned regarding increased costs of manufacturing and decreased productivity.
And given recent interactions, I'm not sure that India holds such a benign view of the US.