Apple has managed to prevent the hottest iPhone hacking company in the world from doing its thing.
Uncloaked by Forbes in March, Atlanta-based Grayshift promised governments its GrayKey tech could crack the passcodes of the latest iOS models, right up to the iPhone X. From then on, Apple continued to invest in security in earnest, continually putting up barriers for Grayshift to jump over. Grayshift continued to grow, however, securing contracts with Immigration and Customs Enforcement, and the Secret Service.
Now, though, Apple has put up what may be an insurmountable wall. Multiple sources familiar with the GrayKey tech tell Forbes the device can no longer break the passcodes of any iPhone running iOS 12 or above. On those devices, GrayKey can only do what’s called a “partial extraction,” sources from the forensic community said. That means police using the tool can only draw out unencrypted files and some metadata, such as file sizes and folder structures.
Previously, GrayKey used “brute forcing” techniques to guess passcodes and had found a way to get around Apple’s protections preventing such repeat guesses. But no more. And if it’s impossible for GrayKey, which counts an ex-Apple security engineer among its founders, it’s a safe assumption few can break iPhone passcodes.
Police officer Captain John Sherwin of the Rochester Police Department in Minnesota said of the claim iOS 12 was preventing GrayKey from unlocking iPhones: “That’s a fairly accurate assessment as to what we have experienced.
“Give it time and I am sure a ‘workaround’ will be developed … and then the cycle will repeat. Someone is always building a better mousetrap, whether it’s Apple or someone trying to defeat device security.”
Neither Apple nor Grayshift had responded to requests for comment.
A mystery fix
Though it’s clear Apple has locked GrayShift out, no one actually knows just how the iPhone maker has done it. Vladimir Katalov, chief of forensic tech provider Elcomsoft, bas repeatedly uncovered weaknesses in Apple technology. But he was stumped too.
“No idea. It could be everything from better kernel protection to stronger configuration-profile installation restrictions,” he suggested. The kernel is the core part of the operating system, from which the rest of iOS launches. Configuration profiles typically allow individuals and companies to customize the ways in which iOS apps work.
Grayshift could do without any hiccups. It’s just gone global. Wired revealed last week that a number of U.K. police agencies are now using GrayKeys.
Meanwhile, Apple chief Tim Cook visited Europe this week, talking up the need for all tech companies to improve privacy for users.