Police, GreyShift struggle to keep iPhone unlocking tool purchases secret

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Police and government agencies have tried to keep secret that they've bought GreyShift's GreyKey iPhone unlocking technology.

GreyShift's GreyKey iPhone forensics tool has been revealed in FCC filings before. But now a series of non-disclosure agreements and other confidentiality documents have revealed certain details about the use and requirements of the tool.

According to Motherboard, the documents were obtained through a series of public record requests. They are the documentation that police and other authorities are required to sign, and adhere to, before they can use GreyKey. They reveal what GreyShift needs police to keep secret.

Some of the documents contain sections that apparently were supposed to be redacted. One such section is related to a previous report that GreyShift had beaten Apple's 2018 USB Restricted Mode.

"Without limiting and foregoing, you acknowledge and agree that you will not disclose the existence of any GrayKey features and solutions designed to circumvent USB Restricted Mode released in iOS 11.4.1," says one such document, "and updated throughout future iOS versions made available to you on or about the date hereof, or any detail or functionality thereof."

The documents specify how the tool must be used on devices actually in police possession. And the series of documents also separately includes ones from government agencies who sought to keep secret that they had bought GreyKey.

"Confidentiality agreements help to protect our customers and partners with how confidential information is disclosed, and we protect and maintain the integrity of our relationships," GreyShift CEO David Miles told Motherboard over email.

"In addition, they are instrumental in preventing the public disclosure of our intellectual property to protect the integrity of our security research," he continued. "Confidentiality agreements are not at all meant to prevent disclosure of evidentiary data or general information about GrayKey in court proceedings that may result from data extracted by GrayKey during our customers' investigations."