'GrayKey' iPhone unlock in use by Indiana police, documents reveal

Posted:
in iPhone
A recently exposed forensic tool called "GrayKey" -- sold as being able to hack into iOS 11 devices like the iPhone 8 and iPhone X -- is being used by at least one regional police force in the U.S.




In a purchase order dated Feb. 21, the Indiana State Police bought one GrayKey unit costing $500, and a $14,500 annual license covering 300 unlocks, Motherboard reported on Friday. Developer Grayshift sells two versions of GrayKey -- an online-only, limited-use license costing $15,000, and a $30,000 offline version without restrictions. The Indiana State Police received a $500 discount for their first year.

Emails obtained by Motherboard suggest the agency was extremely eager to sign up.

"This is a RUSH request because item is needed ASAP for evidence gathering for current cases. Please review and forward for approval," one official wrote to a peer on Feb. 20.

In another document, the agency indicated that GrayKey will be used in everything from "high profile murder cases to crimes against children cases where suspects are hiding their content from law enforcement," admitting that even with warrants, there are some devices it has been unable to hack.

The main advantage of GrayKey over options like those from Cellebrite is its price. While $15,000 may sound expensive, the Indiana State Police said Cellebrite submitted a quote valued over $200,000. The FBI infamously paid about $1 million to break into the iPhone 5c of San Bernardino shooter Syed Rizwan Farook.

That could mean that until Apple is able to fix exploits used by Grayshift, iPhone unlocks by law enforcement allowed by a warrant will become increasingly commonplace. Apple prides itself on the impregnability of on-device iPhone encryption, though it regularly hands over iCloud data when served with legal orders.

Comments

  • Reply 1 of 20
    9secondkox29secondkox2 Posts: 2,666member
    An Apple front behind GrayKey?

    seems crazy that folks outside of Apple can commercialize a fairly guaranteed hack. 

    like buying a vacuum to clean carpet. 
    edited March 2018
  • Reply 2 of 20
    maestro64maestro64 Posts: 5,043member
    the question is, will Apple break this product on the next release of software as they did with jailbreakers. This may be another cat and mouse game with Apple and these companies.
    mwhitedavidwlostkiwiwatto_cobra
  • Reply 3 of 20
    mike1mike1 Posts: 3,275member
    maestro64 said:
    the question is, will Apple break this product on the next release of software as they did with jailbreakers. This may be another cat and mouse game with Apple and these companies.
    I'd bet on WILL be.
    mwhitemagman1979StrangeDayslkruppracerhomie3cornchipwatto_cobra
  • Reply 4 of 20
    linkmanlinkman Posts: 1,035member
    I'm sure that Apple purchases hacks like these -- albeit probably in a manner that disguises the identity of the buyer -- in an effort to discover and patch the vulnerabilities that those devices/software exploits. If that works, then $15000 is at least an order of magnitude below the going price of many exploits.
    magman1979racerhomie3lostkiwiwatto_cobra
  • Reply 5 of 20
    Mike WuertheleMike Wuerthele Posts: 6,858administrator
    designr said:
    Of course I never expect any truthful disclosures on this question: It would be interesting to learn what the evidentiary value of information gained from hacked phone has been. Much noise has been raised about "what if" ... "what if they left all of their secret plans and a list of their co-conspirators, their complete manifesto...and a map to their secret headquarters." but i really wonder...after the hack is done...did they actually get anything valuable.
    Well, we know nothing from San Bernardino.
    racerhomie3baconstangcornchipwatto_cobra
  • Reply 6 of 20
    StrangeDaysStrangeDays Posts: 12,844member
    An Apple front behind GrayKey?
    Nope. There are no secrets -- this would come out and destroy Apple's brand. More tinfoil needed.
    cornchipjony0watto_cobra
  • Reply 7 of 20
    volcanvolcan Posts: 1,799member
    That 37 Cord would be really expensive today.
    GeorgeBMaccornchip
  • Reply 8 of 20
    volcanvolcan Posts: 1,799member
    linkman said:
    I'm sure that Apple purchases hacks like these -- albeit probably in a manner that disguises the identity of the buyer -- in an effort to discover and patch the vulnerabilities that those devices/software exploits. If that works, then $15000 is at least an order of magnitude below the going price of many exploits.
    They would probably need the offline version for $30K to reverse engineer it but it would be in GreyKey's best interest to only sell them to law enforcement and not to corporations because you actually need a warrant to use it. I think they would probably prefer to keep it out of Apple's hands.
    edited March 2018 cornchip
  • Reply 9 of 20
    jmey267jmey267 Posts: 57member
    So if this is a hack turned into a product to get into iPhones is it not illegal to use? Wouldn't this pose a problem for valid legal evidence gathering?
    GeorgeBMac
  • Reply 10 of 20
    jmey267 said:
    So if this is a hack turned into a product to get into iPhones is it not illegal to use? Wouldn't this pose a problem for valid legal evidence gathering?
    It would be inter sting to see that get played out in court. 

    If if it gets invalidated, then it would be hard to make any case at all given that any further investigation done based on the information obtained illegally would also be invalidated 
  • Reply 11 of 20
    airnerdairnerd Posts: 693member
    Anachr0n said:
    jmey267 said:
    So if this is a hack turned into a product to get into iPhones is it not illegal to use? Wouldn't this pose a problem for valid legal evidence gathering?
    It would be inter sting to see that get played out in court. 

    If if it gets invalidated, then it would be hard to make any case at all given that any further investigation done based on the information obtained illegally would also be invalidated 
    Seems it would at least be worth it for a defense lawyer to suggest that the hack is what put the evidence there.  Of course that only works when the phone is the only evidence.  If it merely shows location or contacts then it wouldn't work.  But if photos from it are used..."That's not mine, must have been from some hacker" should at least be attempted.  Make the state show their method and what they did to the phone before they could use it to convict you. 
    watto_cobra
  • Reply 12 of 20
    wigbywigby Posts: 692member
    maestro64 said:
    the question is, will Apple break this product on the next release of software as they did with jailbreakers. This may be another cat and mouse game with Apple and these companies.
    All security is (and always will be) a cat and mouse game. I’m a little disappointed that they’ve caught up to Apple though. I feel much more secure when the current hacks are a few iOS generations behind the latest Apple IOS.
    lostkiwi
  • Reply 13 of 20
    wigbywigby Posts: 692member
    airnerd said:
    Anachr0n said:
    jmey267 said:
    So if this is a hack turned into a product to get into iPhones is it not illegal to use? Wouldn't this pose a problem for valid legal evidence gathering?
    It would be inter sting to see that get played out in court. 

    If if it gets invalidated, then it would be hard to make any case at all given that any further investigation done based on the information obtained illegally would also be invalidated 
    Seems it would at least be worth it for a defense lawyer to suggest that the hack is what put the evidence there.  Of course that only works when the phone is the only evidence.  If it merely shows location or contacts then it wouldn't work.  But if photos from it are used..."That's not mine, must have been from some hacker" should at least be attempted.  Make the state show their method and what they did to the phone before they could use it to convict you. 
    That defense won’t work provided a legal warrant was issued to retrieve the data. That’s the whole reason for legal warrants.
    baconstang
  • Reply 14 of 20
    The data might have been legally obtained but the method needs to be subject to examination by the defence. If the data can't be validated then legal or not, it is inadmissable in a trial. [1]
    My guess is that the Police will try to plea bargain everything they can and for as long as they can.
    Eventually, the method used to crack into the phone will escape and become public knowledge. Then it will be next to useless as Apple will block it from being used again.
    And the game of cat and mouse goes on.

    [1] When DNA tests became widely available, the testing process had to be peer reviewed many times to ensure not only its accuracy but its repeatability before it could be used as evidence. The same rules will apply to information obtained via this device.


  • Reply 15 of 20
    cornchipcornchip Posts: 1,945member


    Great. Another black hole for tax dollars.

    volcan said:
    That 37 Cord would be really expensive today.
    Well spotted. I was going to ask if that’s what I thought it was.
  • Reply 16 of 20
    GeorgeBMacGeorgeBMac Posts: 11,421member
    volcan said:
    That 37 Cord would be really expensive today.
    You might get a discount due to its lack of headlights....
  • Reply 17 of 20
    GeorgeBMacGeorgeBMac Posts: 11,421member
    jmey267 said:
    So if this is a hack turned into a product to get into iPhones is it not illegal to use? Wouldn't this pose a problem for valid legal evidence gathering?
    It seems that police aren't much constrained by the law these days...
    cornchip
  • Reply 18 of 20
    wg45678wg45678 Posts: 47member
    volcan said:
    That 37 Cord would be really expensive today.
    You might get a discount due to its lack of headlights....
    The Cord was the 1st car to have hidden headlights.  In the fender behind the State police signs I believe. 
  • Reply 19 of 20
    GeorgeBMacGeorgeBMac Posts: 11,421member
    wg45678 said:
    volcan said:
    That 37 Cord would be really expensive today.
    You might get a discount due to its lack of headlights....
    The Cord was the 1st car to have hidden headlights.  In the fender behind the State police signs I believe. 
    R E A L L Y !     W O W!
    It was a really cool car even without that!
Sign In or Register to comment.