Last week we reported about an Israeli firm Cellebrite, which claimed to have developed capability to unlock just about any iPhone even the latest models. Now another startup service called Grayshift is claiming the same including iPhone X and iPhone 8.
According to reports, the US-based Grayshift has created a tool called GrayKey that can extract the complete filesystem from the iOS device as well as brute-force passcodes and bypass Apple’s security measures to unlock the phone. Grayshift is run by US intelligence agency contractors and a former Apple security engineer.
It is believed that Grayshift has used same exploits that are being used by Cellebrite to crack iPhones. GrayKey targets the Secure Enclave installed in almost all iPhone models that have been introduced after iPhone 5s. It can crack encrypted iPhones running on iOS 11 to access data stored on the phones but it is currently not clear which specific version of iOS 11 is vulnerable to exploitation by GrayKey. That is, does GrayKey targets a flaw identified in iOS 11 or iOS 11.1 or is there any other vulnerability if the identified ones have been patched in iOS 11.2.
According to Forbes, an always online, limited version of GrayKey can be bought for $15,000 but this version will be limited to 300 uses only and the unlimited version of the software is priced at $30,000. It is much cheaper than Cellebrite’s software, which costs $1,500 per iPhone whereas GrayKey costs around $50 per hack.
GrayKey doesn’t need to send devices to the lab, which is why it is possible for Apple to obtain a copy to reverse engineer the tool and identify the salient security holes that it exploits. Although software like GrayKey gets developed with the intention to aid intelligence agencies and law enforcement critics are of the opinion that it is always a possibility that the software is used for illegal purposes.
However, iPhone users need not be concerned or consider GrayKey as a security threat since the exploit is quite costly and it won’t be easy for an average attacker to target anyone without a hefty payoff. Moreover, the tool works only if an attacker has physical access to the device. Grayshift has also clarified that the tool works on disabled iPhones and would make repeated guesses to extract passcodes, which we know as brute-forcing, to penetrate the device.
Apple, on the other hand, has been improvising the basic features of its phones to thwart brute-force attacks. Such as every time the company releases a new model, it increases the time between passcode attempts after multiple failed passcodes. After ten failed attempts, the following path will allow the user to erase data.
Settings -> Passcode –> Erase Data
Nonetheless, the best way to keep your iPhone secure is to always keep the firmware updated to the latest iOS version and keep checking latest security updates from Apple.
Image credit: DepositPhotos