Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Grayshift May Already Have iPhone Unlocking Solution for iOS 12's USB Restricted Mode

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
67,490
37,778



iOS 12 introduces USB restrictions that effectively put an end to law enforcement access to iPhones and iPads using devices like the GrayKey box, but Grayshift, the company that makes the box, may have already developed a workaround.

VICE's Motherboard shared an email from a forensic expert who planned to meet with Grayshift, which said the company had "gone to great lengths" to futureproof its technology and that USB Restricted Mode had been "already defeated."

graykey1.jpg
Grayshift's GrayKey iPhone unlocking box, via MalwareBytes​
"Grayshift has gone to great lengths to future proof their technology and stated that they have already defeated this security feature in the beta build. Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on," a June email from a forensic expert who planned to meet with Grayshift, and seen by Motherboard, reads, although it is unclear from the email itself how much of this may be marketing bluff. "They seem very confident in their staying power for the future right now," the email adds.
Click to expand...
A second source that spoke to Motherboard said Grayshift addressed the topic of USB Restricted Mode in a webinar several weeks ago.

Coming in iOS 12, USB Restricted Mode prevents USB accessories from connecting to an iPhone or iPad if it's been more than an hour since the device was last unlocked.

The setting is enabled by default and it will not allow USB-based accessories like the GrayKey box to connect to an iOS device until a passcode is entered, effectively disabling the current techniques law enforcement officials across the United States are using to access locked iPhones.

ios12usbaccessoriessetting-800x450.jpg

Motherboard's sources did not share details on how Grayshift plans to avoid the new USB restrictions, so it's not clear if the GrayKey box will continue to function or if Grayshift has another iPhone access solution in the works.

Despite Grayshift's potential workaround, law enforcement officials are concerned about the changes Apple is implementing, and are said to be frustrated with the attention the GrayKey box has received in the media. "Some vendors are frustrated with GrayKey," one researcher told Motherboard. "They feel the media hype brought too much attention to the attack vector."

Apple yesterday confirmed its plans to implement new USB access restrictions in iOS 12 and clarified that it is aiming to defend customers against hackers, not frustrate law enforcement officials.

"At Apple, we put the customer at the center of everything we design. We're constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don't design our security improvements to frustrate their efforts to do their jobs," Apple said in a statement to MacRumors.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Article Link: Grayshift May Already Have iPhone Unlocking Solution for iOS 12's USB Restricted Mode
 
Article Link
https://www.macrumors.com/2018/06/14/grayshift-usb-restricted-mode-solution/
The issue is that it costs Apple a lot less money to throw some software updates in a patch than it does for Grayshift to update theirs. Sure, an update is an update, but it has to update easily or it will be something police will not waste money on.
 
  • Like
Reactions: tridley68, sos47 and SonicSoundVW
I am a little out of the loop. I know a similar feature was in the last iOS 11 beta. I think it turned off the port after seven days instead of one hour. Was this feature still present in the current public release? Or was it removed?
 
MacRumors said:
VICE's Motherboard shared an email from a forensic expert who planned to meet with Grayshift, which said the company had "gone to great lengths" to futureproof its technology and that USB Restricted Mode had been "already defeated."
Click to expand...
Sounds a bit like damage control, if you ask me. Hoping to make a few extra bucks before the well runs dry. Normally, I'm all for the little guys taking on the big-bad corporate baddies... but script-kiddies and crackers I can do without. (That means you, too, NSA!)

Remember CurrentC from a few years ago? No? That's because Apple Pay rendered it laughably dead-on-arrival. Grayshift is going to be DOA as well, easily outmaneuvered if Apple has their way.
 
  • Like
Reactions: Breaking Good, Lopov Jack, osx86 and 8 others
viperGTS said:
If they were smart, they would've waited until iOS 12 was in the GM stage to announce this. Now Apple can look into fixing their bypass. :D
Click to expand...
"Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on"
If they're announcing it, there's a good chance they already have another avenue ready to exploit. This is a constant game of one-upsmanship.

tjleonard said:
The issue is that it costs Apple a lot less money to throw some software updates in a patch than it does for Grayshift to update theirs. Sure, an update is an update, but it has to update easily or it will be something police will not waste money on.
Click to expand...
This makes no sense. Cost is dependent on time and resource allocation. Also why would an easy update deter law enforcement? It's a tool for work, not a consumer device.:p Easy updating isn't a deterrent.
 
69Mustang said:
This is a constant game of one-upsmanship.
Click to expand...
It will be a constant back and forth between hackers and Apple. The good thing is it seems that Apple is on top of it enough to make sure that things get taken care of before bad actors get their hands on it.

I'm sure Apple is working as hard as they can to get their hands on one of these devices to figure out how it works, and probably have been successful. I'm sure they could have easily set up a shell company that claims to be a private investigator firm needing to get into a client's phone.
 
tridley68 said:
Everything has a price and Apple is definitely not short on cash I think they will get their hands on one. Of these boxes if the haven't already
Click to expand...

Everything has a price? That same saying can be used against Apple. Someone can pay an apple employee to steal Apple's digital signing keys. Ultimate back door right there.
 
MacRumors said:
"Some vendors are frustrated with GrayKey," one researcher told Motherboard. "They feel the media hype brought too much attention to the attack vector."
Click to expand...
Too bad. The media was doing their jobs by reporting on the fact that the government is paying huge chunks of money to some company to hack our phones. This is how you have accountability in a free and open society. They need to get over it. At the end of the day this is yet another security vulnerability that must be patched. If some kid was doing this the FBI would raid his home and he'd serve jail time.
 
  • Like
Reactions: RichTeer, Breaking Good, LinusR and 21 others
mrkramer said:
It will be a constant back and forth between hackers and Apple. The good thing is it seems that Apple is on top of it enough to make sure that things get taken care of before bad actors get their hands on it.

I'm sure Apple is working as hard as they can to get their hands on one of these devices to figure out how it works, and probably have been successful. I'm sure they could have easily set up a shell company that claims to be a private investigator firm needing to get into a client's phone.
Click to expand...
I have no doubt Apple has the means to get one of the devices. Probably already has one.

As for Apple already figuring out how it works... I'm guessing you'd have to go on the presumption Grayshift's code isn't encrypted. Or it is and Apple cracked their encryption. Who knows. Grayshift says they already have other avenues ready. It's going to be a back and forth for a while it seems.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back