Apple touts its iOS platform as more secure than Android, but we don’t actually know how secure it is. Android is open source, so everyone can follow the patching and disclosure of bugs. iOS is essentially a black box with an unknown number of flaws, some of which have been exploited by a mysterious company called Grayshift. It sells a device called GrayKey that can unlock iPhones for law enforcement, but the expensive box is reportedly almost useless after the recent update to iOS 12. Apple did something to block GrayKey, but no one knows what.
Grayshift sells the iPhone cracker exclusively to governments and police, marketing it as a way to unlock encrypted devices to get at their files. The company keeps its technology secret, and it doesn’t come cheap. The GrayKey starts at $15,000 with a limit of 300 uses, and an unlimited version costs $30,000. That unlimited license may have been less appealing over the summer as Apple prepared to implement USB Restricted Mode in iOS, which disables data access after a phone has been locked for about an hour. That was an imperfect defense, though. Security experts have speculated on several methods that could keep phones unlocked longer to ensure they can still be hacked.
The reality of using the GrayKey on iOS 12 may be even worse than police expected. A new report says that GrayKey is only able to operate in “partial extraction” mode on iOS 12 devices. That means it cannot decrypt the full device storage. All investigators get are a few unencrypted configuration files and metadata about files and folders (files sizes, folder structure, and so on).
Since Grayshift doesn’t talk about how its tools work, it’s hard to speculate on how Apple blocked it. Previously, the GrayKey would load proprietary software into the phone to brute force its passcode without running into the retry limit. There may be deep kernel changes at work to specifically block GrayKey in addition to the use of USB Restricted Mode. Some new configuration profiles could also be at work to make the GrayShift tools less effective.
This cat and mouse game won’t end anytime soon, though. Grayshift has made a great deal of money hacking into iPhones, and it’s not giving up. If it doesn’t already have another exploit waiting in the wings, it’s probably hard at work to either uncover or buy one.
Now read: Users Report Some iPhones Won’t Charge if Plugged in While Asleep, TSMC Expected to Win Exclusive Orders for Apple’s 2019 A13 SoC, and Apple Purchases Part of Dialog Semiconductor in Bid to Improve Battery Life