The future! - GrayKey iPhone unlocker poses serious security concerns - Sensationalist Headlines

ZDNet A little-known Atlanta, Ga.-based tech outfit appeared seemingly out of nowhere this month with a bold claim -- that it can crack the passcodes on even the most recent iPhones, a feat managed by only a select few.Grayshift wasn't widely known until Forbes blew the lid on the company earlier this month -- likely because the company's main clientele are police departments and local law enforcement divisions. The company is founded by Justin Fisher (whose LinkedIn profile currently only shows he works at a "private company") and Braden Thomas, a former Apple security engineer, who spent six years at the technology giant from 2006. But little is publicly known about the company, including its flagship product, GrayKey, a $15,000 unlock tool that promises in marketing materials to be able to obtain the passwords on iPhone 5s devices and newer. The box is said to be able to tap into even the latest iPhone 8 and iPhone X handsets, running the latest iOS 11 software. Techspot As can be seen in the screenshot above, the GrayKey works on the latest hardware, and at least on iOS up to 11.2.5 (which was likely the most current system at the time this image was captured). The GrayKey device itself comes in two “flavors.” The first, a $15,000 option, requires Internet connectivity to work. It is strictly geofenced, meaning that once it is set up, it cannot be used on any other network. However, there is also a $30,000 option. At this price, the device requires no Internet connection whatsoever and has no limit to the number of unlocks. It will work for as long as it works; presumably, until Apple fixes whatever vulnerabilities the device relies on, at which time updated phones would no longer be unlockable. The offline model does require token-based two-factor authentication as a replacement for geofencing for ensuring security. However, as people often write passwords on stickies and put them on their monitors, it’s probably too much to hope that the token will be kept in a separate location when the GrayKey is not being used. Most likely, it will be stored nearby for easy access. So yeah. If anyone is familiar with IP Box and IP Box 2, this is pretty similar besides the fact that Graykey works up to more recent versions of iOS. It's limited to law enforcement, but there are concerns of this kinda tech finding its way into the wild since the $30k version can be taken on the go. So yeah

Doesn't the future also already have remote device wiping features? Android does too I think

It’ll be on eBay in 15 years I guess.

There is that option, yes! However, the info can be recovered since it's stored on the cloud, which won't stop someone with a tool like graykey

Well that and the first thing law enforcement is going to do in a mobile device recovery is disable all wireless radios and put the device in a Faraday bag. Most devices let you do so from the lockscreen.

So-called nuclear passwords with dedicated crypto hardware are probably the best option here, if the nuclear password is entered then the crypto key from the dedicated (and undumpable) crypto processor is wiped and the data becomes unrecoverable.

Don't you need a warrant to search a phone? You should if not.

Not sure if it is "the future". It is brute forcing, anything more then 6 digits or a proper passphrase will render this a $15k gray brick.

Reminder that you can choose to use an actual password to unlock your iPhone

Does the exploit only work if you have a numeric pin? Will it still work if you have touch-id and a decent password?

It has the most success with numeric and small passwords, taknig up to, at-least, 3 days to crack. They didn't say how long it took for bigger passwords. Don't think your average user knows they can use non-numeric passwords, unfortunately.

No, they can't. If you remotely wipe/deactivate/deauthenticate your phone it cannot be recovered from the cloud without your account password.

In most cases, yes you do. Typically, law enforcement will keep the device isolated from the network and charged while waiting for the warrant. The exception comes in situations where waiting could cause harm to police or civilians. Of course, they need to be able to back up that claim.

I'm pulling up conflicting info. Some sites report you can, if you backed up the info on the iCloud even after the disable, some reporting you cannot. You may be right though! Like Awaken said, however, a faraday bag and cut off from connection anywhere and it's out of your hands completely.

If the government sends forensic analysts to your house, the first thing they'll do is ice your devices. if some rando fucker steals them though, or any criminal org short of the Sinaloa cartel, they probably won't think to do that. Also, the second the device is out of said fairday cage/bag, it'd be nuked unless they have a legit facility.