Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Grayshift May Already Have iPhone Unlocking Solution for iOS 12's USB Restricted Mode
- Thread starter MacRumors
- Start date
- Sort by reaction score
After Tim Cook publicly called devices like this a "backdoor," I don't trust Apple's PR anymore on this subject.
[doublepost=1529084152][/doublepost]
Yeah. If they're selling a box that they say can crack iOS 12, it will crack it, at the very least around the time it's sold. But maybe people suspect them of claiming this in advance without actually having it, just to keep the media hype going until they can actually do it.
Last edited:
Anyone that doubts Grayshift's sincerity about being able to crack iOS 12 because "they wouldn't lie to the police" is just being naive. They can say whatever they want right now- iOS 12 is in early beta stages and none of their clients can actually prove that Grayshift was not being truthful. Additionally, Grayshift certainly can always say that Apple subsequently updated iOS 12 and thwarted the crack, thus not being caught in a marketing lie.
Comey is the right height, but he would probably have to pass as a mentally challenged Darth Vader - but certainly enough of the dark side for his moral compass.
Corrupt???....hmmmmm...Ever wonder how come we have not one drug free prison in the US?
We all love the cops...... they are sort of like that crazy ex-girlfriend who is great in the sack but drives you insane.
I imagine the key is split and requires many employees to cooperate to make that happen. It only takes one person to steal a GreyBox device.
Easy, they see how they’re being compromised and it takes a lot less time to fix than to exploit."Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on"
If they're announcing it, there's a good chance they already have another avenue ready to exploit. This is a constant game of one-upsmanship.
This makes no sense. Cost is dependent on time and resource allocation. Also why would an easy update deter law enforcement? It's a tool for work, not a consumer device.Easy updating isn't a deterrent.
It wouldn't be hard for a department to get their hands on a device running the iOS 12 Beta and test it. If it turns out that they are lying it would be the end of their business, so I doubt they would risk it.
That would be an interesting item on Tim's expense report though.
And, a company would never, ever commit fraud.
I'd be surprised if Apple hasn't managed to get their hands on one. If Grayshift, for example, sells to private security firms it'd be pretty trivial for Apple to get one.
LOL.
[doublepost=1529168528][/doublepost]
"You can always use your passcode instead of Face ID, and it’s still required under the following circumstances:
- The device has just been turned on or restarted.
- The device hasn’t been unlocked for more than 48 hours.
- The passcode hasn’t been used to unlock the device in the last 156 hours
(six and a half days) and Face ID has not unlocked the device in the last
4 hours.
- The device has received a remote lock command.
- After five unsuccessful attempts to match a face.
- After initiating power off/Emergency SOS by pressing and holding either volume button and the side button simultaneously for 2 seconds.
I was about to post same info in response to all the silly “just hold it to their face” comments
If police can’t compel you to enter your password (& need a Greykey) it’s extremely unlikely they could compel you to unlock it with your face due to all the reasons in your list.
Not necessarily, since entering the code is a form of self incrimination and thus protected by the 5th in the US, whereas biometrics such as fingerprints aren't; so I would guess holding a phone to your face to unlock it would not be protected.
Last edited:
Cool. Hopefully nothing ever happens to you where you need them. Don't call them.
As for the ability to crack it, I'm sure you'll always have groups behind the scenes working on that.
Especially when heinous crimes are committed.
If they were smart, they would've waited until iOS 12 was in the GM stage to announce this. Now Apple can look into fixing their bypass.
They had to make this statement (true or false) to stay in business.
[doublepost=1529271623][/doublepost]
Off-course Apple has one, they could simply acquire Grayshift I they wanted to.
Clever, that's how I install software where certs have expired as well on Mac if i choose to trust them
Yeah, I thought about there being a special hardware clock for this purpose. Ofc there's always in theory a way to mess with it, as it's always possible to lift the memory contents and decrypt them without the phone (assuming a weak encryption key), question is how practically hard they can make it.
That wouldn't be possible in software, though. It's possible to physically carve out the flash chip, then read that, but it's highly error-prone, and we know for a fact that that's not GrayKey's current approach.
Assuming they're not lying/exaggerating about being able to work around USB Restricted Mode, they must have found a different way of installing their app.
I would guess if they encrypt the data even reading it from flash wold be of little use unless you can also determine the key.
On a hardware note, apple could prevent that by coating key chips with epoxy.
Yeah I get that.. but my point was that due to the reasons he listed they simply cannot “hold the phone to your face” and unlock it without your cooperation, and the people implying that they can, do not seem to understand quite how Face ID works or what safeguards are in place.
Believe me... my wife has tried many times to hold my phone to my face and unlock it.
If the user has the default 6-digit passcode, the key must somehow be derived from that, so it theoretically takes at most a million guesses to crack. There could be factors like hashing difficulty involved, but I think GreyKey's solution is cracking the key, so it must not be an issue.
Good points. Mine was even if they get the data off the chip absent the key (which they could guess) the data is not useful if encrypted, in addition if tehy bypass the encryption algorithm and directly get the stored data they would need to know the algorithm used was well.
I wonder if they would need a warrant to break into the phone? They may take the phone during a stop to preserve it but would that allow the to search it absent a warrant?
Yes and no. The encryption key tangles the passcode with the hardware UID (which is itself a 256-bit key and can't be read from software).
GrayKey's old solution (assuming a new one even exists) brute-forces the passcode. It's an online attack, so it's very slow (~240ms/guess). At six digits, that's ~6.7 hours, so you're probably well-advised to add another digit or two.
But that's all moot, since their new attack presumably doesn't work this way.
[doublepost=1529347891][/doublepost]
Generally speaking, yes.