Jump to content

GrayKey develops box to brute force iPhone unlock codes

ScratchCat
By ScratchCat
in Tech News
 Share
Posted

https://blog.malwarebytes.com/security-world/2018/03/graykey-iphone-unlocker-poses-serious-security-concerns/

https://www.forbes.com/sites/thomasbrewster/2018/03/05/apple-iphone-x-graykey-hack/#36a893d02950

 

A company named GrayKey has developed a device for brute forcing iPhone unlock credentials without incrementing the failed unlock attempts counter, allowing automated searching of the keyspace.

Quote

In late 2017, word of a new iPhone unlocker device started to circulate: a device called GrayKey, made by a company named Grayshift. Based in Atlanta, Georgia, Grayshift was founded in 2016, and is a privately-held company with fewer than 50 employees. Little was known publicly about this device—or even whether it was a device or a service—until recently, as the GrayKey website is protected by a portal that screens for law enforcement affiliation.

According to Forbes, the GrayKey iPhone unlocker device is marketed for in-house use at law enforcement offices or labs. This is drastically different from Cellebrite’s overall business model, in that it puts complete control of the process in the hands of law enforcement.

The device is not publicly available for good reason, resulting in little information being know about it. The company seems to use an approach similar to Cellebrite who supposedly unlocked the San Bernadino shooter's iPhone. However unlike Cellebrite GrayKey allow the cracking devices to leave the company resulting in the possibility for the devices to be stolen and sold on the black market.

 

Quote

Two iPhones can be connected at one time, and are connected for about two minutes. After that, they are disconnected from the device, but are not yet cracked. Some time later, the phones will display a black screen with the passcode, among other information. The exact length of time varies, taking about two hours in the observations of our source. It can take up to three days or longer for six-digit passcodes, according to Grayshift documents, and the time needed for longer passphrases is not mentioned. Even disabled phones can be unlocked, according to Grayshift.

image.png.1089ef920c20cf7f46d66cfe17374037.png

 

The system allows multiple iPhones to be attacked at the same time, the majority of the time being disconnected from the main box. This would suggest GrayKey have developed a way to allow the iPhone to effectively attack itself, being the host for the brute force attempt. As shown in the above picture the attack can use non brute force methods such as searching for repeated characters to improve the speed of the attack.

 

Quote

After the device is unlocked, the full contents of the filesystem are downloaded to the GrayKey device. From there, they can be accessed through a web-based interface on a connected computer, and downloaded for analysis. The full, unencrypted contents of the keychain are also available for download.

As can be seen in the screenshot above, the GrayKey works on the latest hardware, and at least on iOS up to 11.2.5 (which was likely the most current system at the time this image was captured).

The attack allows the entire file system to be extracted as well as the keychain, containing all stored logins including passwords unencrypted. Additionally the attack supports iOS 11, 10 and in the future iOS 9, placing the vast majority of iPhone users at risk if this system were to find its way into the wild.

 

 

Quote

The GrayKey device itself comes in two “flavors.” The first, a $15,000 option, requires Internet connectivity to work. It is strictly geofenced, meaning that once it is set up, it cannot be used on any other network.

However, there is also a $30,000 option. At this price, the device requires no Internet connection whatsoever and has no limit to the number of unlocks. It will work for as long as it works; presumably, until Apple fixes whatever vulnerabilities the device relies on, at which time updated phones would no longer be unlockable.

Only law enforcement bodies may purchase the product, at $15000 for the geofenced version it is not cheap however it wields immense power by placing almost every model of iPhone at risk (most likely also the iPad and iPod). The $30000 'unlocked' version is dangerous as it would be possible to sell the device on the black market for great profit, enabling almost any stolen iPhone to be unlocked, the credentials extracted and resold as a used model rather than for parts.

 

This device is interesting at the very least and has the potential to be a great threat. Hopefully Apple will patch the vulnerability soon though it is highly unlikely Apple will be able to obtain one to analyze the exploit. With the earlier release of the iBoot source code, the complete rewrite of iOS for 64 bit applications and the GrayKey box Apple will have to be vigilant about reviewing the security of their products

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Hopefully the 5th amendment and judges still protect our security and privacy. 

Cor Caeruleus Reborn v6

Spoiler

CPU: Intel - Core i7-8700K

CPU Cooler: be quiet! - PURE ROCK 
Thermal Compound: Arctic Silver - 5 High-Density Polysynthetic Silver 3.5g Thermal Paste 
Motherboard: ASRock Z370 Extreme4
Memory: G.Skill TridentZ RGB 2x8GB 3200/14
Storage: Samsung - 850 EVO-Series 500GB 2.5" Solid State Drive 
Storage: Samsung - 960 EVO 500GB M.2-2280 Solid State Drive
Storage: Western Digital - Blue 2TB 3.5" 5400RPM Internal Hard Drive
Storage: Western Digital - BLACK SERIES 3TB 3.5" 7200RPM Internal Hard Drive
Video Card: EVGA - 970 SSC ACX (1080 is in RMA)
Case: Fractal Design - Define R5 w/Window (Black) ATX Mid Tower Case
Power Supply: EVGA - SuperNOVA P2 750W with CableMod blue/black Pro Series
Optical Drive: LG - WH16NS40 Blu-Ray/DVD/CD Writer 
Operating System: Microsoft - Windows 10 Pro OEM 64-bit and Linux Mint Serena
Keyboard: Logitech - G910 Orion Spectrum RGB Wired Gaming Keyboard
Mouse: Logitech - G502 Wired Optical Mouse
Headphones: Logitech - G430 7.1 Channel  Headset
Speakers: Logitech - Z506 155W 5.1ch Speakers

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
21 minutes ago, ScratchCat said:

This device is interesting at the very least and has the potential to be a great threat. Hopefully Apple will patch the vulnerability soon though it is highly unlikely Apple will be able to obtain one to analyze the exploit. With the earlier release of the iBoot source code, the complete rewrite of iOS for 64 bit applications and the GrayKey box Apple will have to be vigilant about reviewing the security of their products

It would be quite foolish to underestimate Apple's sheer resources. Even if the company is unwilling to sell to Apple, even at millions of dollars, there isn't anything stopping Apple from borrowing such a unit from a police in exchange of a donation. Heck, if I had Apple's resources, I wouldn't be above having an insider at one of these police forces run some experimentation for me, if I wanted access badly enough.

My eyes see the past…

My camera lens sees the present…

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
15 minutes ago, ARikozuM said:

Hopefully the 5th amendment and judges still protect our security and privacy. 

I don't think the 5th amendment applies to evidence does it?

 

I wonder if the FBI will stop asking for a backdoor now or if there are other issues this box can;t bypass like fingerprint?

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
5 minutes ago, mr moose said:

I don't think the 5th amendment applies to evidence does it?

It protects against self-incrimination, I believe. I would hate to see this used, without proper protocol such as a warrant, without permission *by accident*. If they accidentally stumble upon evidence they can obtain it more easily when they know where to search. 

5 minutes ago, mr moose said:

I wonder if the FBI will stop asking for a backdoor now or if there are other issues this box can;t bypass like fingerprint?

 

Cor Caeruleus Reborn v6

Spoiler

CPU: Intel - Core i7-8700K

CPU Cooler: be quiet! - PURE ROCK 
Thermal Compound: Arctic Silver - 5 High-Density Polysynthetic Silver 3.5g Thermal Paste 
Motherboard: ASRock Z370 Extreme4
Memory: G.Skill TridentZ RGB 2x8GB 3200/14
Storage: Samsung - 850 EVO-Series 500GB 2.5" Solid State Drive 
Storage: Samsung - 960 EVO 500GB M.2-2280 Solid State Drive
Storage: Western Digital - Blue 2TB 3.5" 5400RPM Internal Hard Drive
Storage: Western Digital - BLACK SERIES 3TB 3.5" 7200RPM Internal Hard Drive
Video Card: EVGA - 970 SSC ACX (1080 is in RMA)
Case: Fractal Design - Define R5 w/Window (Black) ATX Mid Tower Case
Power Supply: EVGA - SuperNOVA P2 750W with CableMod blue/black Pro Series
Optical Drive: LG - WH16NS40 Blu-Ray/DVD/CD Writer 
Operating System: Microsoft - Windows 10 Pro OEM 64-bit and Linux Mint Serena
Keyboard: Logitech - G910 Orion Spectrum RGB Wired Gaming Keyboard
Mouse: Logitech - G502 Wired Optical Mouse
Headphones: Logitech - G430 7.1 Channel  Headset
Speakers: Logitech - Z506 155W 5.1ch Speakers

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
4 minutes ago, ARikozuM said:

It protects against self-incrimination, I believe. I would hate to see this used, without proper protocol such as a warrant, without permission *by accident*. If they accidentally stumble upon evidence they can obtain it more easily when they know where to search. 

 

 

I guess when you have police randomly taking phones from people and cracking them open you have bigger problems than just protocol issues.

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Haha, I find it hard to believe a thief would have $30,000k to drop on an iPhone unlocker :P

That'd be quite the organized group if they do.

CPU: Ryzen 9 5900 Cooler: EVGA CLC280 Motherboard: Gigabyte B550i Pro AX RAM: Kingston Hyper X 32GB 3200mhz

Storage: WD 750 SE 500GB, WD 730 SE 1TB GPU: EVGA RTX 3070 Ti PSU: Corsair SF750 Case: Streacom DA2

Monitor: LG 27GL83B Mouse: Razer Basilisk V2 Keyboard: G.Skill KM780 Cherry MX Red Speakers: Mackie CR5BT

 

MiniPC - Sold for $100 Profit

Spoiler

CPU: Intel i3 4160 Cooler: Integrated Motherboard: Integrated

RAM: G.Skill RipJaws 16GB DDR3 Storage: Transcend MSA370 128GB GPU: Intel 4400 Graphics

PSU: Integrated Case: Shuttle XPC Slim

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

Budget Rig 1 - Sold For $750 Profit

Spoiler

CPU: Intel i5 7600k Cooler: CryOrig H7 Motherboard: MSI Z270 M5

RAM: Crucial LPX 16GB DDR4 Storage: Intel S3510 800GB GPU: Nvidia GTX 980

PSU: Corsair CX650M Case: EVGA DG73

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

OG Gaming Rig - Gone

Spoiler

 

CPU: Intel i5 4690k Cooler: Corsair H100i V2 Motherboard: MSI Z97i AC ITX

RAM: Crucial Ballistix 16GB DDR3 Storage: Kingston Fury 240GB GPU: Asus Strix GTX 970

PSU: Thermaltake TR2 Case: Phanteks Enthoo Evolv ITX

Monitor: Dell P2214H x2 Mouse: Logitech MX Master Keyboard: G.Skill KM780 Cherry MX Red

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, dizmo said:

Haha, I find it hard to believe a thief would have $30,000k to drop on an iPhone unlocker :P

That'd be quite the organized group if they do.

They could loan it to the FBI in exchange for immunity. 

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, mr moose said:

They could loan it to the FBI in exchange for immunity. 

...quoted the wrong person?

That makes no sense in context with what I said.

CPU: Ryzen 9 5900 Cooler: EVGA CLC280 Motherboard: Gigabyte B550i Pro AX RAM: Kingston Hyper X 32GB 3200mhz

Storage: WD 750 SE 500GB, WD 730 SE 1TB GPU: EVGA RTX 3070 Ti PSU: Corsair SF750 Case: Streacom DA2

Monitor: LG 27GL83B Mouse: Razer Basilisk V2 Keyboard: G.Skill KM780 Cherry MX Red Speakers: Mackie CR5BT

 

MiniPC - Sold for $100 Profit

Spoiler

CPU: Intel i3 4160 Cooler: Integrated Motherboard: Integrated

RAM: G.Skill RipJaws 16GB DDR3 Storage: Transcend MSA370 128GB GPU: Intel 4400 Graphics

PSU: Integrated Case: Shuttle XPC Slim

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

Budget Rig 1 - Sold For $750 Profit

Spoiler

CPU: Intel i5 7600k Cooler: CryOrig H7 Motherboard: MSI Z270 M5

RAM: Crucial LPX 16GB DDR4 Storage: Intel S3510 800GB GPU: Nvidia GTX 980

PSU: Corsair CX650M Case: EVGA DG73

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

OG Gaming Rig - Gone

Spoiler

 

CPU: Intel i5 4690k Cooler: Corsair H100i V2 Motherboard: MSI Z97i AC ITX

RAM: Crucial Ballistix 16GB DDR3 Storage: Kingston Fury 240GB GPU: Asus Strix GTX 970

PSU: Thermaltake TR2 Case: Phanteks Enthoo Evolv ITX

Monitor: Dell P2214H x2 Mouse: Logitech MX Master Keyboard: G.Skill KM780 Cherry MX Red

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
6 minutes ago, dizmo said:

That makes no sense in context with what I said.

Maybe he's saying the FBI amount to thieves?

Cor Caeruleus Reborn v6

Spoiler

CPU: Intel - Core i7-8700K

CPU Cooler: be quiet! - PURE ROCK 
Thermal Compound: Arctic Silver - 5 High-Density Polysynthetic Silver 3.5g Thermal Paste 
Motherboard: ASRock Z370 Extreme4
Memory: G.Skill TridentZ RGB 2x8GB 3200/14
Storage: Samsung - 850 EVO-Series 500GB 2.5" Solid State Drive 
Storage: Samsung - 960 EVO 500GB M.2-2280 Solid State Drive
Storage: Western Digital - Blue 2TB 3.5" 5400RPM Internal Hard Drive
Storage: Western Digital - BLACK SERIES 3TB 3.5" 7200RPM Internal Hard Drive
Video Card: EVGA - 970 SSC ACX (1080 is in RMA)
Case: Fractal Design - Define R5 w/Window (Black) ATX Mid Tower Case
Power Supply: EVGA - SuperNOVA P2 750W with CableMod blue/black Pro Series
Optical Drive: LG - WH16NS40 Blu-Ray/DVD/CD Writer 
Operating System: Microsoft - Windows 10 Pro OEM 64-bit and Linux Mint Serena
Keyboard: Logitech - G910 Orion Spectrum RGB Wired Gaming Keyboard
Mouse: Logitech - G502 Wired Optical Mouse
Headphones: Logitech - G430 7.1 Channel  Headset
Speakers: Logitech - Z506 155W 5.1ch Speakers

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
5 minutes ago, dizmo said:

...quoted the wrong person?

That makes no sense in context with what I said.

I was just making a joke about a thief buying a phone unlocker. 

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Just now, ARikozuM said:

Maybe he's saying the FBI amount to thieves?

No, it just struck me as amusing the thought that a thief would buy one,  I couldn't think of any reason they would need one.

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
4 minutes ago, mr moose said:

No, it just struck me as amusing the thought that a thief would buy one,  I couldn't think of any reason they would need one.

See the source image

It flew right over me. 

Cor Caeruleus Reborn v6

Spoiler

CPU: Intel - Core i7-8700K

CPU Cooler: be quiet! - PURE ROCK 
Thermal Compound: Arctic Silver - 5 High-Density Polysynthetic Silver 3.5g Thermal Paste 
Motherboard: ASRock Z370 Extreme4
Memory: G.Skill TridentZ RGB 2x8GB 3200/14
Storage: Samsung - 850 EVO-Series 500GB 2.5" Solid State Drive 
Storage: Samsung - 960 EVO 500GB M.2-2280 Solid State Drive
Storage: Western Digital - Blue 2TB 3.5" 5400RPM Internal Hard Drive
Storage: Western Digital - BLACK SERIES 3TB 3.5" 7200RPM Internal Hard Drive
Video Card: EVGA - 970 SSC ACX (1080 is in RMA)
Case: Fractal Design - Define R5 w/Window (Black) ATX Mid Tower Case
Power Supply: EVGA - SuperNOVA P2 750W with CableMod blue/black Pro Series
Optical Drive: LG - WH16NS40 Blu-Ray/DVD/CD Writer 
Operating System: Microsoft - Windows 10 Pro OEM 64-bit and Linux Mint Serena
Keyboard: Logitech - G910 Orion Spectrum RGB Wired Gaming Keyboard
Mouse: Logitech - G502 Wired Optical Mouse
Headphones: Logitech - G430 7.1 Channel  Headset
Speakers: Logitech - Z506 155W 5.1ch Speakers

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, mr moose said:
1 hour ago, mr moose said:

No, it just struck me as amusing the thought that a thief would buy one,  I couldn't think of any reason they would need one.

 

buy this unlocker, steal iPhones from random people, unlock them, sell on eBay, ????????, Profit

One day I will be able to play Monster Hunter Frontier in French/Italian/English on my PC, it's just a matter of time... 4 5 6 7 8 9 years later: It's finally coming!!!

Phones: iPhone 4S/SE | LG V10 | Lumia 920 | Samsung S24 Ultra

Laptops: Macbook Pro 15" (mid-2012) | Compaq Presario V6000

Other: Steam Deck

<>EVs are bad, they kill the planet and remove freedoms too some/<>

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

 

1 hour ago, mr moose said:

I was just making a joke about a thief buying a phone unlocker. 

Hahaha. Ah. I blame being sick on missing that one.

1 hour ago, ARikozuM said:

 

It flew right over me. 

x2

CPU: Ryzen 9 5900 Cooler: EVGA CLC280 Motherboard: Gigabyte B550i Pro AX RAM: Kingston Hyper X 32GB 3200mhz

Storage: WD 750 SE 500GB, WD 730 SE 1TB GPU: EVGA RTX 3070 Ti PSU: Corsair SF750 Case: Streacom DA2

Monitor: LG 27GL83B Mouse: Razer Basilisk V2 Keyboard: G.Skill KM780 Cherry MX Red Speakers: Mackie CR5BT

 

MiniPC - Sold for $100 Profit

Spoiler

CPU: Intel i3 4160 Cooler: Integrated Motherboard: Integrated

RAM: G.Skill RipJaws 16GB DDR3 Storage: Transcend MSA370 128GB GPU: Intel 4400 Graphics

PSU: Integrated Case: Shuttle XPC Slim

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

Budget Rig 1 - Sold For $750 Profit

Spoiler

CPU: Intel i5 7600k Cooler: CryOrig H7 Motherboard: MSI Z270 M5

RAM: Crucial LPX 16GB DDR4 Storage: Intel S3510 800GB GPU: Nvidia GTX 980

PSU: Corsair CX650M Case: EVGA DG73

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

OG Gaming Rig - Gone

Spoiler

 

CPU: Intel i5 4690k Cooler: Corsair H100i V2 Motherboard: MSI Z97i AC ITX

RAM: Crucial Ballistix 16GB DDR3 Storage: Kingston Fury 240GB GPU: Asus Strix GTX 970

PSU: Thermaltake TR2 Case: Phanteks Enthoo Evolv ITX

Monitor: Dell P2214H x2 Mouse: Logitech MX Master Keyboard: G.Skill KM780 Cherry MX Red

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
4 minutes ago, suicidalfranco said:

buy this unlocker, steal iPhones from random people, unlock them, sell on eBay, ????????, Profit

And what...profit in how many years? People that steal for a living aren't the brightest, and are generally extremely poor with their money.

You're more likely to get caught long before you break even.

CPU: Ryzen 9 5900 Cooler: EVGA CLC280 Motherboard: Gigabyte B550i Pro AX RAM: Kingston Hyper X 32GB 3200mhz

Storage: WD 750 SE 500GB, WD 730 SE 1TB GPU: EVGA RTX 3070 Ti PSU: Corsair SF750 Case: Streacom DA2

Monitor: LG 27GL83B Mouse: Razer Basilisk V2 Keyboard: G.Skill KM780 Cherry MX Red Speakers: Mackie CR5BT

 

MiniPC - Sold for $100 Profit

Spoiler

CPU: Intel i3 4160 Cooler: Integrated Motherboard: Integrated

RAM: G.Skill RipJaws 16GB DDR3 Storage: Transcend MSA370 128GB GPU: Intel 4400 Graphics

PSU: Integrated Case: Shuttle XPC Slim

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

Budget Rig 1 - Sold For $750 Profit

Spoiler

CPU: Intel i5 7600k Cooler: CryOrig H7 Motherboard: MSI Z270 M5

RAM: Crucial LPX 16GB DDR4 Storage: Intel S3510 800GB GPU: Nvidia GTX 980

PSU: Corsair CX650M Case: EVGA DG73

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

OG Gaming Rig - Gone

Spoiler

 

CPU: Intel i5 4690k Cooler: Corsair H100i V2 Motherboard: MSI Z97i AC ITX

RAM: Crucial Ballistix 16GB DDR3 Storage: Kingston Fury 240GB GPU: Asus Strix GTX 970

PSU: Thermaltake TR2 Case: Phanteks Enthoo Evolv ITX

Monitor: Dell P2214H x2 Mouse: Logitech MX Master Keyboard: G.Skill KM780 Cherry MX Red

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I hope every law enforcement agency buys these so I can watch them cry when Apple changes how pass codes function. 

 

Also alpha numeric pass codes are not vulnerable to this apparently. 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites
Link to post
Share on other sites
Posted
45 minutes ago, suicidalfranco said:

buy this unlocker, steal iPhones from random people, unlock them, sell on eBay, ????????, Profit

Unlocking won't help when apple has the imei number on a stolen phone database and you can't reactivate the phone.

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I when people say "recently uncovered" we've had these since 2016. From one's like these that "take control" of the phone to one's with sensors that attach to the screen in boot modes. 

Corsair 4000D RGB

Asus B550 Tuf Gaming II

Asus 7700XT Tuf Gaming

AMD 5600x3d

32gb 3200mhz gskil 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
5 hours ago, DrMacintosh said:

I hope every law enforcement agency buys these so I can watch them cry when Apple changes how pass codes function. 

 

Also alpha numeric pass codes are not vulnerable to this apparently. 

They are vulnerable, just much harder to break unless a dictionary attack were to be used.

Quote

It can take up to three days or longer for six-digit passcodes, according to Grayshift documents, and the time needed for longer passphrases is not mentioned. Even disabled phones can be unlocked, according to Grayshift

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I'm just glad that "987987" is not my iPhone's passcode. xD

 

12 hours ago, dizmo said:

Haha, I find it hard to believe a thief would have $30,000k to drop on an iPhone unlocker :P

That'd be quite the organized group if they do.

That would be nothing for rich people and government intelligence organizations. But if it's just the typical run in the mill thief in the street, I think he's better off robbing a bank than trying to unlock someone's iPhone.

 

13 hours ago, ScratchCat said:

The attack allows the entire file system to be extracted as well as the keychain, containing all stored logins including passwords unencrypted. Additionally the attack supports iOS 11, 10 and in the future iOS 9, placing the vast majority of iPhone users at risk if this system were to find its way into the wild.

Uhm what? Since when did a mobile OS from 2015 became the future of iOS? ?

 

But it would be interesting how they manage to get around iOS's anti brute force feature "Erase Data" which will initiate a secure wipe after accumulating 10 failed passcode attempts. I wonder if "Erase Data" is enabled by default on all iPhones sold once passcode is added. Is this the case @DrMacintosh

There is more that meets the eye
I see the soul that is inside

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
23 minutes ago, hey_yo_ said:

Uhm what? Since when did a mobile OS from 2015 became the future of iOS? ?

They'll be adding support for iOS 9 in the future, not that it is the future.

My Classifieds Thread

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
12 hours ago, suicidalfranco said:

buy this unlocker, steal iPhones from random people, unlock them, sell on eBay, ????????, Profit

Activation Lock will still be in affect; so with device IMEI being black listed; and device Activation Locked through Apple ID, it’s just a fancy paper weight.

 

It’s mostly law in forcement that’ll use this to try and get evidence most likely .

5950X | NH D15S | 64GB 3200Mhz | RTX 3090 | ASUS PG348Q+MG278Q

 

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×