Slashdot Mirror
Apple Just Killed The 'GrayKey' iPhone Passcode Hack (forbes.com)
Apple's newest version of iOS has rendered the GrayKey hacking tech useless, a report said Wednesday. How Apple pulled it off wasn't immediately clear, but it would have a huge implication for the law enforcement agencies around the world that have relied on GrayKey to break into locked iPhones. Forbes reports: Apple has put up what may be an insurmountable wall. Multiple sources familiar with the GrayKey tech tell Forbes the device can no longer break the passcodes of any iPhone running iOS 12 or above. On those devices, GrayKey can only do what's called a "partial extraction," sources from the forensic community said. That means police using the tool can only draw out unencrypted files and some metadata, such as file sizes and folder structures.
Previously, GrayKey used "brute forcing" techniques to guess passcodes and had found a way to get around Apple's protections preventing such repeat guesses. But no more. And if it's impossible for GrayKey, which counts an ex-Apple security engineer among its founders, it's a safe assumption few can break iPhone passcodes. Police officer Captain John Sherwin of the Rochester Police Department in Minnesota said of the claim iOS 12 was preventing GrayKey from unlocking iPhones: "That's a fairly accurate assessment as to what we have experienced."
Previously, GrayKey used "brute forcing" techniques to guess passcodes and had found a way to get around Apple's protections preventing such repeat guesses. But no more. And if it's impossible for GrayKey, which counts an ex-Apple security engineer among its founders, it's a safe assumption few can break iPhone passcodes. Police officer Captain John Sherwin of the Rochester Police Department in Minnesota said of the claim iOS 12 was preventing GrayKey from unlocking iPhones: "That's a fairly accurate assessment as to what we have experienced."
Apparently STILL the only phone OEM STILL looking out for the USER'S Privacy...
Exactly. You want a secure phone that nobody can hack, they don't exist!
Whenever you save or do something on your phone, take a moment to think: can this be used against me? If it can, don't save or do it!
And just to throw the police off create a bunch of files like "masterUSPlan.doc" with nothing but wombat images. Then when asked about the "wombats" you know they have dug into your phone and you can tell them all about how wombats have ruined your life.
When you activate a PIN / Touch ID / FaceID it uses the computed has as an encryption key for the entire user filesystem. Everything gets encrypted, and has for years.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Actually, the article is likely a bit off about that. The iPhone uses encrypted APFS, you shouldn't be able to get much other than "yep, there's a file system there".
What I was getting at is that I thought GreyKey was still getting past the basic whole file system encryption, but that it was stymied getting to individual app files that had been encrypted until the app opened...
That's how I read it anyway, otherwise why even bother to mention GreyKey could "still access unencrypted files" if it couldn't even get to the filesystem? It implies it can see some files at all.
Could just be bad wording on the part of the summary or article but the fact it mentions files makes me suspect it can still get into the filesystem.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I'd be wondering right now whether they actually can't crack my iPhone, or if they're just saying that so that I will keep using it, thinking it's "safe."
That's because people assume GrayKey is a magical box that you plug in and have full access to the device. It's not even close to how it works.
First, it basically does a tethered jailbreak - and injects a special app because of it. (Jailbroken apps have full access to the system - that's the original meaning of the "jailbreak" - the app could break out of the OS jail it was put in to run). This app uses those abilities to crack the device PIN. Once the PIN is broken you take the phone and connect it to a PC and use it download all the data.
What happened now is Apple changed things around that it can no longer crack the PIN - so either Apple patched the flaw that lead to the jailbreak, or fixed things that the injected app can't do the PIN search anymore. Thus the injected app only has the permissions a regular app has and access to whatever the OS allows it. Those are the limited "unencrypted" files. Likely it also cannot access the screen and thus you cannot answer the "App wants permission to access photos" dialogs as well to access photos.