Apple closed breach used by FBI and other agencies on iOS 12

In the first half of the year, a small and modest little black box got the spotlight of the technological world. Named after Graykey, the contraption manufactured by a very obscure security company called Grayshift promised and fulfilled unlocking any iPhone or iPad running recent versions of iOS, toppling one of Apple's biggest marketing points: security.

The damage was done. Governments and law enforcement agencies around the world have invested a great deal of money in the purchase of the devices and their aftermath. although there is no news about it, it is very likely that individuals and organizations on the other side of the law (the wrong one) have done the same. Apple tried a solution to prevent action on iOS 11.4, but died on the beach. Life went on. Now we have a new and, with any luck, the definitive chapter of the novel.

According to the Forbes, Apple finally succeeded block GrayKey's action and its twins iOS 12. According to multiple sources heard by the publication, unlocking solutions are (almost) completely ineffective in the latest versions of the system, performing at most what is classified as a “partial extraction” which corresponds to unencrypted data capture and metadata as file sizes. file and folder structures. That is, nothing that will compromise anyone's privacy.

No one knows exactly what Apple's maneuver was to plug the hole that was allowing GrayKey's. Elcomsoft Chief Security Officer Forensic Technology Vladimir Katalov speculated that Ma may have done a number of things, from improving protection to kernel of the devices to implement stronger restrictions in the installation of configuration profiles.

It's not hard to imagine, and it's just my assumption that Ma also put her hands in one of the little black boxes under the cloth to apply a few doses of reverse engineering to the technology and lock it at the heart of her system.

Of course, the story may not be over yet: Grayshift, after all, can get its hands dirty to discover another loophole that will make it possible for its product to function again at least as police and government agencies around the world expect. world, who do not want to have their investments thrown in the trash overnight.

Will the "cat and mouse game" have to continue?

via iClarified