Grayshift becomes second service to promise forensic unlocks for Apple's iPhone 8 & X
Adding to the evidence that Apple's latest iPhones are no longer safe from hackers — legal or otherwise — a second company has come forward selling its ability to break in.
A startup called Grayshift is advertising a tool called "GrayKey," which costs $15,000 for an always-online version limited to 300 uses, Forbes said on Monday. An unlimited offline edition is priced at $30,000. Grayshift is said to be staffed by U.S. intelligence agency contractors and a former Apple security engineer.
GrayKey is marketed as being able to extract the full filesystem from a device, and brute-force passcodes, despite Apple's safeguards against that practice.
It may be relying on exploits thought to be used by Cellebrite, targeting the Secure Enclave found in every iPhone since the iPhone 5s. Normally it takes longer and longer between brute-force passcode attempts, ultimately up to an hour. With a six-digit passcode, it can take an inordinate amount of time to stumble across correct numbers.
Because GrayKey doesn't require sending devices into a lab, Apple should be able to obtain a copy and reverse-engineer it to discover how it works and fix relevant security holes.
GrayKey is meanwhile said to be cheaper per-device than Cellebrite's product, which is roughly $1,500 per iPhone. Assuming an organization expects to crack at least 300 iPhones, Grayshift's price works out to just $50 for each hack.
Although companies like Grayshift and Cellebrite may be used in legitimate efforts by law enforcement and spy agencies, critics have worried that those same agencies can potentially help governments — and corporations — abuse their reach.