Grayshift becomes second service to promise forensic unlocks for Apple's iPhone 8 & X
Adding to the evidence that Apple's latest iPhones are no longer safe from hackers -- legal or otherwise -- a second company has come forward selling its ability to break in.
A startup called Grayshift is advertising a tool called "GrayKey," which costs $15,000 for an always-online version limited to 300 uses, Forbes said on Monday. An unlimited offline edition is priced at $30,000. Grayshift is said to be staffed by U.S. intelligence agency contractors and a former Apple security engineer.
GrayKey is marketed as being able to extract the full filesystem from a device, and brute-force passcodes, despite Apple's safeguards against that practice.
It may be relying on exploits thought to be used by Cellebrite, targeting the Secure Enclave found in every iPhone since the iPhone 5s. Normally it takes longer and longer between brute-force passcode attempts, ultimately up to an hour. With a six-digit passcode, it can take an inordinate amount of time to stumble across correct numbers.
Because GrayKey doesn't require sending devices into a lab, Apple should be able to obtain a copy and reverse-engineer it to discover how it works and fix relevant security holes.
GrayKey is meanwhile said to be cheaper per-device than Cellebrite's product, which is roughly $1,500 per iPhone. Assuming an organization expects to crack at least 300 iPhones, Grayshift's price works out to just $50 for each hack.
Although companies like Grayshift and Cellebrite may be used in legitimate efforts by law enforcement and spy agencies, critics have worried that those same agencies can potentially help governments -- and corporations -- abuse their reach.
A startup called Grayshift is advertising a tool called "GrayKey," which costs $15,000 for an always-online version limited to 300 uses, Forbes said on Monday. An unlimited offline edition is priced at $30,000. Grayshift is said to be staffed by U.S. intelligence agency contractors and a former Apple security engineer.
GrayKey is marketed as being able to extract the full filesystem from a device, and brute-force passcodes, despite Apple's safeguards against that practice.
It may be relying on exploits thought to be used by Cellebrite, targeting the Secure Enclave found in every iPhone since the iPhone 5s. Normally it takes longer and longer between brute-force passcode attempts, ultimately up to an hour. With a six-digit passcode, it can take an inordinate amount of time to stumble across correct numbers.
Because GrayKey doesn't require sending devices into a lab, Apple should be able to obtain a copy and reverse-engineer it to discover how it works and fix relevant security holes.
GrayKey is meanwhile said to be cheaper per-device than Cellebrite's product, which is roughly $1,500 per iPhone. Assuming an organization expects to crack at least 300 iPhones, Grayshift's price works out to just $50 for each hack.
Although companies like Grayshift and Cellebrite may be used in legitimate efforts by law enforcement and spy agencies, critics have worried that those same agencies can potentially help governments -- and corporations -- abuse their reach.
Comments
How long till my personal iPhone is hacked? Should I switch to Android now so I’m safe? I’m dead serious. We never hear a peep about Android security so I must assume it’s impregnable. No bragging from Cellebrite opr Grayshift about cracking Windows or Android so... won’t ISIS and Al Qaeda just switch to Android now? Wouldn’t Apple save a lot of money by just forgetting about security since there is none anymore?
I think LKrupp was being sarcastic guys. Seriously though... one never hears about the huge security hole that is Android, nor raises a stink about it. A blind man with no arms and legs can break into an Android phone, yet no one discusses it, yet that one or two articles about some firms that go through some serious technical and engineering exploits to break into an iPhone gets all the news and implies that now any iPhone at any time can be hacked? Seriously?
No phone, no OS, is 100% secure. FACT. Given enough time and resources, any device can be broken into. Why AI is casually implying that iOS was 100% secure just screams of clickbait.
Second
Apple will most certainly fix the vulnerabilities at some point and then the chase will resume. For now, it’s good news for law enforcement agencies (with good intentions) and bad news for consumers until Apple fixes the issue(s).
Even with my tin foil hat on, that is a virtual certainty. Of course, it's likely true of every other major tech company in the U.S. as well, along with many foreign ones. Industrial espionage is a thing, and it's not just practiced by industry.
You trouble maker! See what you started? You got the cult all riled up...
.... I'll bet you were the one who glued the teacher's book closed in grade school too!