Slashdot Mirror
Documents Prove Local Cops Have Bought Cheap iPhone Cracking Tech (vice.com)
GrayShift is a new company that promises to unlock even iPhones running the latest version of iOS for a relatively cheap price. From a report: In a sign of how hacking technology often trickles down from more well-funded federal agencies to local bodies, at least one regional police department has already signed up for GrayShift's services, according to documents and emails obtained by Motherboard. As Forbes reported on Monday, GrayShift is an American company which appears to be run by an ex-Apple security engineer and others who have long held contracts with intelligence agencies. In its marketing materials, GrayShift offers a tool called GrayKey, an offline version of which costs $30,000 and comes with an unlimited number of uses. For $15,000, customers can instead buy the online version, which grants 300 iPhones unlocks.
This is what the Indiana State Police bought, judging by a purchase order obtained by Motherboard. The document, dated February 21, is for one GrayKey unit costing $500, and a "GrayKey annual license -- online -- 300 uses," for $14,500. The order, and an accompanying request for quotation, indicate the unlocking service was intended for Indiana State Police's cybercrime department. A quotation document emblazoned with GrayShift's logo shows the company gave Indiana State Police a $500 dollar discount for their first year of the service. Importantly, according to the marketing material cited by Forbes, GrayKey can unlock iPhones running modern versions of Apple's mobile operating system, such as iOS 10 and 11, as well as the most up to date Apple hardware, like the iPhone 8 and X.
This is what the Indiana State Police bought, judging by a purchase order obtained by Motherboard. The document, dated February 21, is for one GrayKey unit costing $500, and a "GrayKey annual license -- online -- 300 uses," for $14,500. The order, and an accompanying request for quotation, indicate the unlocking service was intended for Indiana State Police's cybercrime department. A quotation document emblazoned with GrayShift's logo shows the company gave Indiana State Police a $500 dollar discount for their first year of the service. Importantly, according to the marketing material cited by Forbes, GrayKey can unlock iPhones running modern versions of Apple's mobile operating system, such as iOS 10 and 11, as well as the most up to date Apple hardware, like the iPhone 8 and X.
if the DMCA doesn't outlaw this, it should be revamped to cover this
outrageous
Unless it's Apple's way of circumventing the public outcry they'd be suffering under if it was found out they don't actually believe in security for their users the way they've been saying. Seriously, my very first thought reading that sentence is, "Ah, Apple found a way to give the government what they wanted without getting blamed for it directly."
So, I don't want to Godwin this entire thread, but quite honestly I view companies which do this as little better than Nazi Sympathizers.
They don't care about the potential harm they do, they don't treat this on a case by case basis -- they're just providing a carte blanche tool to police.
And, like all such people, I'm sure they're fairly indiscriminate about selling to the nastier countries with terrible track records on human rights.
I bet there is little to no judicial oversight in how these tools are being used, because the police don't care for such things.
Sorry, but making and selling tools like this should make you a target. You clearly don't give a damn about the finer details of when this is used and the impact to people's lives .. so why the fuck should we give a fuck about your life?
There is no claim of "how was I to know" or "I was just following orders". This is straight up helping a totalitarian state for profit.
Morally, I don't see the difference between these guys and the people who helped the Nazis.
This is why there can never be backdoors for law enforcement. Fuck 'em all.
I'd decrypt for a third party pledged to access only what the warrant is seeking. I don't think it's fair to decrypt and give blanket access for fishing expeditions.
Cheap storage VM.
We'll see how quick apple is to patch this. It definitely shouldn't be out of their reach.
Cheap storage VM.
No.
It only requires that the Police lie to the judge.
Except if Apple knew about the backdoor, they probably would have patched it by now. The FBI likely knew of the third party utility all along but just wanted to make security seem unpatriotic.
And if they DON'T patch it, and they DON'T go after their ex-employee for the damage they did to the security of their systems, then you can just take it to assume that Apply is complicit with their ex-employee and the government at undermining the safety and security of their customer's information.