Apple's iOS 12 update breaks iPhone-cracking GrayKey forensic tool

Shifting the balance of the encryption battle back in Apple's favor, iOS 12 has reportedly disrupted one of the most popular digital forensics tools, Grayshift's GrayKey.

GrayKey is unable to crack the passcodes of iPhones running the new software, sources in the forensic industry told Forbes. The only possibility is a "partial extraction," meaning the downloading of unencrypted files and metadata such as filesizes and folder structures.

It's even unclear what Apple did to improve security. "It could be everything from better kernel protection to stronger configuration-profile installation restrictions," said Elcomsoft's Vladimir Katalov.

The GrayKey hardware uses a form of "brute forcing" to run through iPhone passwords, and with previous iOS releases was somehow able to defeat Apple's safeguards against the tactic. It's now in use with law enforcement in multiple countries, including the U.S. and the U.K.

Apple and Grayshift have been engaged in a never-ending race to defeat each other's technology. In June for example Grayshift was quick to announce that it had already bypassed iOS 12's USB Restricted Mode, which, once a certain amount of time has elapsed, prevents devices from connecting to an iPhone or iPad without a user login.

Around the world, police and spy agencies have worried about communications "going dark," arguing that full-disk and end-to-end encryption methods are allowing terrorists and other criminals to operate outside their reach. Apple, other tech companies, and various activist groups have countered that people have a right to privacy, and that creating government backdoors would weaken security and leave people vulnerable to hacks.

At an event in Brussels on Wednesday, Apple CEO Tim Cook called security "foundational to trust and all other privacy rights," and pushed for a U.S. privacy law that would better anonymize data collection and give people more control over their information.

16 Comments

anome 1545 comments · 16 Years

About 6 years ago

So how long before they claim to have a new one, which will also cost tens of thousands?

I'm not saying Grayshift are frauds, they actually do seem to have built something that will get past iOS security, but I'm curious as to how long it will take them to update their hardware to get round iOS 12, and how they'll market it to law enforcement.

lkrupp 10521 comments · 19 Years

anome said:

So how long before they claim to have a new one, which will also cost tens of thousands?
I'm not saying Grayshift are frauds, they actually do seem to have built something that will get past iOS security, but I'm curious as to how long it will take them to update their hardware to get round iOS 12, and how they'll market it to law enforcement.

No different than the jailbreak developers. They can claim all they want. The proof is in the doing. Why is it always implied that Apple’s engineers are incompetent dummies and lone wolf security ‘researchers’ are some kind of alien geniuses?

tokyojimu 531 comments · 17 Years

But can we please go back to being able to charge without entering a passcode?

lkrupp said:

anome said:

So how long before they claim to have a new one, which will also cost tens of thousands?
I'm not saying Grayshift are frauds, they actually do seem to have built something that will get past iOS security, but I'm curious as to how long it will take them to update their hardware to get round iOS 12, and how they'll market it to law enforcement.

No different than the jailbreak developers. They can claim all they want. The proof is in the doing. Why is it always implied that Apple’s engineers are incompetent dummies and lone wolf security ‘researchers’ are some kind of alien geniuses?

Because it feeds into the general anti-Apple sentiment. The same thing is true of people who say the same thing about Windows exploits, they're feeding a general anti-Microsoft sentiment. The chief difference is that Windows has so many issues that come out, an issue with Apple seems rarer. (I have no idea what the actual numbers are, but we've had 30 years of Windows security flaws and bugs to get us used to it.)