Last week, we commented here about an American company called Grayshift, which claimed to be able to unlock recent iPhones was the same practice that brought Israeli Cellebrite into the limelight and brought it closer to FBI agents and various intelligence agencies around the world.
So far, however, we don't know exactly what method Grayshift used to break into locked smartphones. Well, we are still not 100% sure which way the Americans take this task, but at least we have an idea thanks to these photos and reports published by the blog. Malwarebytes.
This seemingly harmless black box you see above, the infamous Graykey, the key to the whole process. The two Lightning cables on the front of the device allow two iPhones to be connected and unlocked at the same time, in a process that takes about two minutes. In the meantime, it is speculated that the box will make a kind of jailbreak on the device and install malicious software on it; then disconnect the iPhone from the cable and the newly installed program does its task of discovering the access code (this step can last from two hours to three or more days, depending on the complexity of the password).
Once the password is discovered, iPhone can be connected back to the device so that it can download all the data in its internal memory. This data can be accessed through a computer connected to it, and even includes information about it. system keys (ie your passwords). GrayKey works in all recent versions of iOS, up to 11.2.5.
So far the story is obscure enough to raise eyebrows around the world, but that's the part that raises the most concern: Grayshift doesn't use the device internally to unlock company-shipped iPhones; instead, it sells the boxes directly to stakeholders (presumably governments and intelligence agencies, but who can guarantee that?).
There are only two options: the cheapest one mentioned in our original post costs $ 15K and has the ability to unlock 300 iPhones. It also works only if connected to the internet and has a geographical lock ie if it is turned on in a place from which it was installed, it will be automatically disabled for (obvious) security reasons.
More problematic is the second option, which costs $ 30K. This one has no unlock limit and also doesn't require internet access or geographical limitation; instead, the box is enabled by a two-factor authentication system (which, while reasonably secure, can be hacked just like any digital security system). That is, in addition to worrying about Grayshift's responsibility to deal only with “responsible” entities and “in pursuit of the greater good” (which in itself generates quite a complicated discussion), we still have to think about the possibility of the box falling into the wrong hands after The purchase is for use by criminal organizations or the like.
Obviously, it is not the case that we run down the hills (in fact, this is a phrase I always repeat in these articles). Firstly, because GreyKey's availability in the “market” would certainly mean that Apple could put its hand in one of the boxes and reverse engineer the hole in iOS that allows it to function, and from that, all updated devices would be immune to your. The question is how long it would take and whether Apple could effectively protect all of its devices quickly, of course.
In the end, the simplest way to protect your iPhone and its data is always: Keep your device with you, always up-to-date and protected by a complex and secure password, without irresponsibly using it (downloading suspicious files or entering shady websites). By following these steps, it is very difficult that you will ever have to worry about raids and unlocks out.