GrayKey is Making it Possible for Police Departments Across the U.S. to Easily Bypass iPhone Encryption

104 Shares

The Federal Bureau of Investigation (FBI) has stuck to its story that it is getting increasingly more difficult to bypass iPhone security systems, which would give them unfettered access to a device as they see fit.

The FBI’s goal here is to force companies like Apple, and Google, to create software backdoors into their mobile operating systems, essentially giving federal law enforcement agencies a key to supposedly secure software. Apple has been adamantly against this, and remains so, even while security firms work out ways to bypass Apple’s encryption on their own.

One such firm, Grayshift, was featured not too long ago for its own tool, what it calls GrayKey. The initial report indicated that Grayshift’s tool was capable of bypassing iPhone encryption basically at will, even leaving the iPhone X running the newest version of iOS vulnerable to the tool.

Now, Motherboard has a new report outlining that the FBI’s story isn’t entirely true, and that police departments all across the United States are capable of accessing locked iPhones — thanks to the GrayKey security tool. While some departments have already purchased the tool, others are speaking to Grayshift to buy it, and federal law enforcement agencies, including the Drug Enforcement Agency (DEA).

“It demonstrates that even state and local police do have access to this data in many situations,” Matthew Green, an assistant professor and cryptographer at the Johns Hopkins Information Security Institute, told Motherboard in a Twitter message. “This seems to contradict what the FBI is saying about their inability to access these phones.”

Here is what Motherboard discovered in their report:

  • Regional police forces, such as the Maryland State Police and Indiana State Police, are procuring a technology called ‘GrayKey’ which can break into iPhones, including the iPhone X running the latest operating system iOS 11.
  • Local police forces, including Miami-Dade County Police, have also indicated that they may have bought the equipment.
  • Other forces, including the Indianapolis Metropolitan Police Department, have seemingly not bought GrayKey, but have received quotations from the company selling the technology, called Grayshift.
  • Emails show the Secret Service is planning to buy at least half a dozen GrayKey boxes to unlock iPhones.
  • The State Department has already bought the technology, and the Drug Enforcement Administration is interested in doing so.

GrayKey is just one of the tools being advertised by security firms out there, and if Apple products can be accessed that easily from Grayshift’s efforts, then it stands to reason that other firms have created just as equally capable tools.

Our Take

There was some initial speculation that GrayKey, and other tools, was only able of accessing older iPhones running older versions of iOS, with the idea that newer models running the newest version of the software were “safe”. But that does not appear to be the case. With Apple’s focus on security, it will be interesting to see what happens next and how Apple shifts strategies.

[via Motherboard]

Like this post? Share it!
104 Shares