All this history of unlocking any iPhone by the Israeli firm Cellebrite was purposely or not quite a marketing for the company, which must have won many customers after the spotlight highlighted it.
Perhaps trying to get a little of the attention that was focused on the Israeli, another company would be running an advertisement promising the same ability to unlock iPhones running the latest iOS versions (11, 10 and soon 9), as told by Forbes.
The promise was made by the unknown American company Grayshift, which appears to be commanded by a former Apple security engineer.
According to the Forbes, the company is offering a tool called GrayKey, that costs $ 15k for a version limited to 300 uses, which requires internet connection. Another version sold for $ 30,000 has no device limits and can perform the task offline.
It would have been able to exploit the same vulnerability as Cellebrite, but the price ends up being lower. That is, if you can unlock 300 iPhones with the value of US $ 15 thousand, the price per device is ?only? US $ 50, while in Israel, the value of US $ 1.5 thousand per device is charged.
The article also mentions that, despite everything, ?normal users? need not be afraid of having their iPhones hacked remotely since, in this case, in addition to needing a good amount of money, physical access to the device is also necessary, which invaded by ?gross out?:
The marketing material does not reveal the iOS vulnerabilities that GrayKey exploits to unlock iPhones. He claims that GrayKey works on deactivated iPhones and can extract the entire file system from the Apple device, and indicates that the tool would make repeated attempts at passwords, a technique known as gross force, to first enter the device.
While we don't have to worry about the issue of remote access, we cannot ignore that both companies literally exploit vulnerabilities; This means that if it has already been discovered by companies that supposedly work solely for the purpose of public security, it may well be that criminals can also find the same loophole.
As far as this means imminent danger, but never good to know that our devices go around with loopholes in the system exactly why good that Apple has knowledge of it to be able to close it as soon as possible.
Update 12/03/2018 s 10:10
Before we even know about the Grayshift and their services, it seems that there was already a state agency very well informed about them, as Motherboard.
A receipt obtained from the website shows the purchase of a unit from GrayKey for $ 500, plus an annual license for $ 14,500, made by Indiana State Police, in the United States.
The order was placed on February 21 and the Motherboard he got access to emails that suggested urgency, stating that ?the item? was necessary ?as soon as possible to collect evidence for a current case?.
On the Grayshift team is former Apple security engineer Braden Thomas and David Miles is one of the company's co-founders. None of them wanted to comment on the police request.
We still don't know if, in fact, the police will get what they want with the service, but just knowing this request opens doors for other bodies to feel more ?comfortable? to do the same.