'GrayKey' iPhone Unlocking Box Seeing Wide Adoption Among Law Enforcement

GrayShift's recently publicized "GrayKey" box designed to crack locked iPhones is seeing wide adoption among police forces and federal agencies across the United States according to a recent investigation by Motherboard.

Motherboard found that regional police forces like the Maryland State Police, the Indiana State Police, and the Miami-Dade County Police have purchased or are soon purchasing GrayKey technology, while other forces like the Indianapolis Metropolitan Police Department have looked into boxes and received quotes from GrayShift.

graykey1


The Secret Service is also planning to purchase "at least half a dozen" GrayKey boxes for unlocking iPhones, while the State Department has already bought them and the Drug Enforcement Administration has expressed interest.

Current FBI Director Christopher Wray said in January at the International Conference on Cyber Security that law enforcement officials are facing a "Going Dark" challenge where an "enormous" number of cases rely on an electronic device. "We're increasingly unable to access that evidence, despite lawful authority to do so," said Wray.

Motherboard's investigation into GrayShift, the GrayKey iPhone unlocking boxes, and other smartphone unlocking methods suggest that is not the case. The FBI uses the going dark debate to advocate for easier access to electronic devices through backdoors, but the seemingly readily available tools like GrayKey undermine these arguments.

"It demonstrates that even state and local police do have access to this data in many situations," Matthew Green, an assistant professor and cryptographer at the Johns Hopkins Information Security Institute, told Motherboard in a Twitter message. "This seems to contradict what the FBI is saying about their inability to access these phones."

"The availability and affordability of these tools undercuts law enforcement's continual assertions that they need smartphone vendors to be forced to build 'exceptional access' capabilities into their devices," Riana Pfefferkorn, cryptography fellow at the Stanford Center for Internet and Society, told Motherboard in a Twitter message.

In recent months, law enforcement officials have been quietly revisiting proposals that would require tech companies to build backdoor access into smartphones and other electronics, something Apple vehemently fought against back in 2016 following the San Bernardino shooting where the FBI attempted to order the company to provide it with a tool to crack the iPhone 5c involved in the case.

As has been previously reported, the GrayKey mentioned by Motherboard is a small, portable gray box that's equipped with dual Lightning cables. An iPhone can be plugged into one of the cables to install proprietary software that's able to guess the passcode for an iPhone in either a few hours or a few days, depending on the strength of the passcode.

Once the GrayKey software has unlocked an iPhone, it can be plugged back into the GrayKey box to download all of the data on the iPhone. GrayKey can crack the latest iPhones running modern versions of iOS, including iOS 11, providing law enforcement officials with easy access to locked iPhones for criminal investigations.

Grayshift charges $15,000 for a GrayKey box that requires internet connectivity, is geofenced to a specific location, and allows for 300 unlocks, or $30,000 for a box that requires no connection, can be used anywhere, and can unlock an unlimited number of devices.

As Motherboard points out, the technology used in the GrayKey boxes may eventually be outdated through updates to the iOS operating system, leading to periods where some versions of iOS may be difficult to access. Because of the ongoing cat and mouse game of Apple patching a vulnerability as third-party iPhone cracking services look for new methods to get into iPhones, the argument for backdoors into smartphones is likely to surface time and time again.

Motherboard's full report on the iPhone unlocking tools available to law enforcement officials can be viewed over on the website.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Popular Stories

iPhone SE 4 Thumb 1

iPhone SE 4 With Apple's Own 5G Modem 'Confirmed' to Launch in March

Tuesday November 19, 2024 12:12 pm PST by
Barclays analyst Tom O'Malley and his colleagues recently traveled to Asia to meet with various electronics manufacturers and suppliers. In a research note this week, outlining key takeaways from the trip, the analysts said they have "confirmed" that a fourth-generation iPhone SE with an Apple-designed 5G modem is slated to launch towards the end of the first quarter next year. In line with previo...
airtag purple

AirTag 2 Rumored to Launch Next Year With These New Features

Sunday November 17, 2024 5:18 am PST by
Apple released the AirTag in April 2021, so it is now three over and a half years old. While the AirTag has not received any hardware updates since then, a new version of the item tracking accessory is rumored to be in development. Below, we recap rumors about a second-generation AirTag. Timing Apple is aiming to release a new AirTag in mid-2025, according to Bloomberg's Mark Gurman....
Magic Mouse Next to Keyboard

No, Apple CEO Tim Cook Didn't Say He Prefers Logitech's MX Master 3 Over the Magic Mouse

Sunday November 17, 2024 3:03 pm PST by
While the Logitech MX Master 3 is a terrific mouse for the Mac, reports claiming that Apple CEO Tim Cook prefers that mouse over the Magic Mouse are false. The Wall Street Journal last month published an interview with Cook, in which he said he uses every Apple product every day. Soon after, The Verge's Wes Davis attempted to replicate using every Apple product in a single day. During that...
Generic iOS 18 Feature Real Mock

Apple Releases iOS 18.1.1 and iPadOS 18.1.1 With Security Fixes

Tuesday November 19, 2024 10:10 am PST by
Apple today released iOS 18.1.1 and iPadOS 18.1.1, minor updates to the iOS 18 and iPadOS 18 operating systems that debuted earlier in September. iOS 18.1.1 and iPadOS 18.1.1 come three weeks after the launch of iOS 18.1. The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. Apple has also released iOS 17.7.2 for...
at t turbo indicator iphone 16 pro max v0 8hrh7w5f3w1e1

AT&T Turbo Indicator Showing Up in iPhone Status Bar for Subscribers

Wednesday November 20, 2024 3:42 am PST by
AT&T has begun displaying "Turbo" in the iPhone carrier label for customers subscribed to its premium network prioritization service, according to reports on Reddit. The new indicator seems to have started appearing after users updated to iOS 18.1.1, but that could be just coincidence. Image credit: Reddit user No_Highlight7476 The Turbo feature provides enhanced network performance through ...
iPhone 17 Slim Feature Single Camera 1 Redux

'iPhone 17 Air' Rumored to Surpass iPhone 6 as Thinnest iPhone Ever

Monday November 18, 2024 1:07 pm PST by
In a research note with Hong Kong-based investment bank Haitong today, obtained by MacRumors, Apple analyst Jeff Pu said he agrees with a recent rumor claiming that the so-called "iPhone 17 Air" will be around 6mm thick. "We agreed with the recent chatter of an 6mm thickness ultra-slim design of the iPhone 17 Slim model," he wrote. If that measurement proves to be accurate, there would be ...
bug security vulnerability issue fix larry

Make Sure to Update: iOS 18.1.1 and macOS Sequoia 15.1.1 Fix Actively Exploited Vulnerabilities

Tuesday November 19, 2024 10:52 am PST by
The iOS 18.1.1, iPadOS 18.1.1, and macOS Sequoia 15.1.1 updates that Apple released today address JavaScriptCore and WebKit vulnerabilities that Apple says have been actively exploited on some devices. With the JavaScriptCore vulnerability, processing maliciously crafted web content could lead to arbitrary code execution. The WebKit vulnerability had the same issue with maliciously crafted...

Top Rated Comments

JimmyHook Avatar
86 months ago
Waste of taxpayer money. It’ll be worthless in a few weeks. Also, everyone should enable wiping the phone after 10 failed attempts, also use a complex passcode
Score: 37 Votes (Like | Disagree)
Mefisto Avatar
86 months ago

Also, everyone should enable wiping the phone after 10 failed attempts, also use a complex passcode
It's my understanding that the device gets around this safety measure. Don't ask me how, though, I understand very little of what it actually does apart from "unlocks iPhones and stuff".
Score: 21 Votes (Like | Disagree)
fenderbass146 Avatar
86 months ago
Simply not true. Since 2008 we've been selling law enforcement tools to unlock iPhones. We've even met with Apple's iOS security team and shown them these tools at work. They've done nothing to block them (directly) in updates. Sure, there are small modifications we have to make with new iOS updates, but the core tech is still the same as it has always been.

And setting to wipe after 10 attempts doesn't matter. It's not brute forcing in a way that will trigger that function.
Any proof of this? And who is "we"?
Score: 21 Votes (Like | Disagree)
MagnusVonMagnum Avatar
86 months ago
Why would anyone who is not a wanted criminal and has no plans to commit a crime in the near future care about this?
Why would you care if someone watched you take a shower or use the bathroom if you have nothing to hide?

1> Some people value privacy (unlike many of the younger generation that don't seem to know WTF privacy is, even).

2> Corrupt governments manufacture crimes (Is the US there yet? I dunno, but if I lived in somewhere like Russia I'd want as secure a phone as I could possibly get. I know I don't trust parts of the government as far as I can spit).

3> People commit crimes every day without even knowing it. I read once the average person commits like two felonies a month and has NO IDEA they are doing it. This is because there are so SO many laws on the books, both federal and state, some dating back to the 18th Century and while politicians are always in a hurry to make loads of new laws, they almost NEVER repeal older laws. Given the FACT that "ignorance of the law" is NEVER an excuse, would you REALLY want to bet your last dollar you've never committed a crime and that your phone could NEVER be used against you because you simply didn't INTEND to commit one? We're living in a country where marijuana is legal in several states now for recreational use, but illegal on a federal level. You're FRACKED even if you have a prescription and use it and the federal government decides to go after you since it's illegal on the federal level and considered to have NO MEDICINAL VALUE due to MORONS classifying it that way (see that Traveling Gnome guy running the justice department to see WTF you're really dealing with in this corrupt country).

People have gone to PRISON for having physical relations with their girlfriend in back-arsewards states like Georgia due to PURITAN type laws on the books for over a hundred years where things like oral are (or at least were) 100% ILLEGAL UNDER ALL CIRCUMSTANCES (married even) in that joke of a state and guess what convicted the guy? His PHONE!!! He had a video of it on it. Not fair? Too farking bad!!! What you THINK is "just" or "fair" or "right" doesn't mean SQUAT in a court of law! PERIOD! Ignorance of the law means NOTHING. You will go to prison and be branded for the rest of your life and not even understand WHY in some of these "hick" states!!! Do you really want to take the chance you may have broken a law and just hand yourself over on an unrelated charge/search because you went on vacation in a backwards state where something is illegal that you filmed with your wife??? It may sound crazy, but it's happened.

Do you think you have the right to backup your own software? The DMCA has never been tested fully in court on "fair use" arguments. The problem is that while you're supposed to have fair use, you're not allowed by bypass protection for ANY REASON including backups! Would/could that stand up in courts? Neither side really wants to fully test it since both sides stand to lose a LOT. But this is the kind of GARBAGE you have to deal with when MORON politicians pass laws they don't even FRACKING READ first!!!! (let alone understand)

Ultimately, privacy means NOTHING if we're OK with letting everyone skirt our privacy rights. The government doesn't need to know how much I drink an when I drink it if I'm not driving. They don't need to store my blood pressure 24/7 (to use it against me with insurance or some crap at some point). They don't need my fingerprints if I haven't broken the law. They'd LOVE to have everyone's! It would solve more crimes! It would also put you at almost every location you've EVER gone. Someone murders someone 2 years later and your fingerprint is against some wall you were leaning against when the room was laid out differently. People have been put to death with LESS evidence in the past. DNA is starting to reveal how fracked up some of these past convictions are. COINCIDENCE (also known as being in the wrong place at the wrong time) kills people every single day. Am I being completely paranoid? Maybe, but I'd rather be paranoid and not wind up on trial for something I didn't do or didn't know I was doing than "don't worry" and find myself staring at Big Bubba in my cell looking at me like I'm a piece of pie. The government convicts people for LYING yet that's all the government does to us every single day. It's not a crime for the government to lie to its own citizens, but it's a crime for us to lie to the government. Go figure. These are not people to put your "trust" in (just like the police that regularly shoot people they're supposed to be protecting because all too many are trigger happy cowards that shoot at the first "noise" they hear (like that woman that knocked on a police car window that she called to talk to them and the passenger cop shot her when he heard the knocking sound!!!) and ask questions while they're rigging the site to cover their butts).

Yes, you can TRUST law enforcement. They NEVER lie, never falsify reports, never plant evidence and never shoot anyone that didn't have it coming! Right. Why would anyone not want these guys going through their phones? They wouldn't plant evidence to win a case! They wouldn't LIE about it! They wouldn't shoot you if you're not a criminal! They'd never convict you and block evidence showing your innocence because prosecutors don't care if they win or lose, only if they get true justice!!! It doesn't hurt their careers to lose, after all! NOT!
Score: 18 Votes (Like | Disagree)
dmx Avatar
86 months ago
Apple should sue them for infringement if they don’t have MFi certification.
Score: 17 Votes (Like | Disagree)
RedKite Avatar
86 months ago
Surprised that Apple haven’t stepped up and announced a new security process doohickey that renders these boxes useless!
Score: 16 Votes (Like | Disagree)