GrayShift's recently publicized "GrayKey" box designed to crack locked iPhones is seeing wide adoption among police forces and federal agencies across the United States according to a recent investigation by Motherboard.
Motherboard found that regional police forces like the Maryland State Police, the Indiana State Police, and the Miami-Dade County Police have purchased or are soon purchasing GrayKey technology, while other forces like the Indianapolis Metropolitan Police Department have looked into boxes and received quotes from GrayShift.
The Secret Service is also planning to purchase "at least half a dozen" GrayKey boxes for unlocking iPhones, while the State Department has already bought them and the Drug Enforcement Administration has expressed interest.
Current FBI Director Christopher Wray said in January at the International Conference on Cyber Security that law enforcement officials are facing a "Going Dark" challenge where an "enormous" number of cases rely on an electronic device. "We're increasingly unable to access that evidence, despite lawful authority to do so," said Wray.
Motherboard's investigation into GrayShift, the GrayKey iPhone unlocking boxes, and other smartphone unlocking methods suggest that is not the case. The FBI uses the going dark debate to advocate for easier access to electronic devices through backdoors, but the seemingly readily available tools like GrayKey undermine these arguments.
"It demonstrates that even state and local police do have access to this data in many situations," Matthew Green, an assistant professor and cryptographer at the Johns Hopkins Information Security Institute, told Motherboard in a Twitter message. "This seems to contradict what the FBI is saying about their inability to access these phones."
"The availability and affordability of these tools undercuts law enforcement's continual assertions that they need smartphone vendors to be forced to build 'exceptional access' capabilities into their devices," Riana Pfefferkorn, cryptography fellow at the Stanford Center for Internet and Society, told Motherboard in a Twitter message.
In recent months, law enforcement officials have been quietly revisiting proposals that would require tech companies to build backdoor access into smartphones and other electronics, something Apple vehemently fought against back in 2016 following the San Bernardino shooting where the FBI attempted to order the company to provide it with a tool to crack the iPhone 5c involved in the case.
As has been previously reported, the GrayKey mentioned by Motherboard is a small, portable gray box that's equipped with dual Lightning cables. An iPhone can be plugged into one of the cables to install proprietary software that's able to guess the passcode for an iPhone in either a few hours or a few days, depending on the strength of the passcode.
Once the GrayKey software has unlocked an iPhone, it can be plugged back into the GrayKey box to download all of the data on the iPhone. GrayKey can crack the latest iPhones running modern versions of iOS, including iOS 11, providing law enforcement officials with easy access to locked iPhones for criminal investigations.
Grayshift charges $15,000 for a GrayKey box that requires internet connectivity, is geofenced to a specific location, and allows for 300 unlocks, or $30,000 for a box that requires no connection, can be used anywhere, and can unlock an unlimited number of devices.
As Motherboard points out, the technology used in the GrayKey boxes may eventually be outdated through updates to the iOS operating system, leading to periods where some versions of iOS may be difficult to access. Because of the ongoing cat and mouse game of Apple patching a vulnerability as third-party iPhone cracking services look for new methods to get into iPhones, the argument for backdoors into smartphones is likely to surface time and time again.
Motherboard's full report on the iPhone unlocking tools available to law enforcement officials can be viewed over on the website.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
