Apple has finally managed to block the GrayKey device from cracking the passcode on your iPhone, reports Forbes.
Grayshift, a company run by an ex-Apple security engineer and U.S. intelligence agency contractors, created a device called GrayKey that was sold to law enforcement agencies in the United States, United Kingdom, and likely elsewhere. For at least half a year, the GrayKey device has been able to crack the passcode of any iPhone with relative ease, rendering the iPhone's security useless.
Apple's first step in combating the hack was to introduce USB Restricted Mode, this prevented USB accessories from connecting to your iPhone if it hadn't been unlocked in the last hour. Grayshift claimed to be able to defeat USB Restricted Mode shortly after it was announced.
Now, it appears Apple has taken further steps to prevent the passcode crack.
Multiple sources familiar with the GrayKey tech tell Forbes the device can no longer break the passcodes of any iPhone running iOS 12 or above. On those devices, GrayKey can only do what’s called a “partial extraction,” sources from the forensic community said. That means police using the tool can only draw out unencrypted files and some metadata, such as file sizes and folder structures.
Interestingly, no one appears to know how Apple blocked the hack. Vladimir Katalov, chief of forensic tech provider Elcomsoft, was also stumped. "No idea. It could be everything from better kernel protection to stronger configuration-profile installation restrictions,” he suggested to Forbes.
For now, it appears your privacy is once again intact. However, Police officer Captain John Sherwin of the Rochester Police Department in Minnesota thinks that it's just a matter of time until a another hack is found.
"Give it time and I am sure a ‘workaround’ will be developed ... and then the cycle will repeat. Someone is always building a better mousetrap, whether it’s Apple or someone trying to defeat device security."
Read More
Grayshift, a company run by an ex-Apple security engineer and U.S. intelligence agency contractors, created a device called GrayKey that was sold to law enforcement agencies in the United States, United Kingdom, and likely elsewhere. For at least half a year, the GrayKey device has been able to crack the passcode of any iPhone with relative ease, rendering the iPhone's security useless.
Apple's first step in combating the hack was to introduce USB Restricted Mode, this prevented USB accessories from connecting to your iPhone if it hadn't been unlocked in the last hour. Grayshift claimed to be able to defeat USB Restricted Mode shortly after it was announced.
Now, it appears Apple has taken further steps to prevent the passcode crack.
Multiple sources familiar with the GrayKey tech tell Forbes the device can no longer break the passcodes of any iPhone running iOS 12 or above. On those devices, GrayKey can only do what’s called a “partial extraction,” sources from the forensic community said. That means police using the tool can only draw out unencrypted files and some metadata, such as file sizes and folder structures.
Interestingly, no one appears to know how Apple blocked the hack. Vladimir Katalov, chief of forensic tech provider Elcomsoft, was also stumped. "No idea. It could be everything from better kernel protection to stronger configuration-profile installation restrictions,” he suggested to Forbes.
For now, it appears your privacy is once again intact. However, Police officer Captain John Sherwin of the Rochester Police Department in Minnesota thinks that it's just a matter of time until a another hack is found.
"Give it time and I am sure a ‘workaround’ will be developed ... and then the cycle will repeat. Someone is always building a better mousetrap, whether it’s Apple or someone trying to defeat device security."
Read More