Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

iOS 12 defeats GrayKey

DrMacintosh
 Share

Quote

Apple has apparently won a victory in preserving the privacy of iPhone users. Previously, even if an iOS device was secured with a password, police could use the GrayKey unlocking tool to access the contents. But that changed with iOS 12. 

 

This hacking tool reportedly became nearly useless with the release of Apple’s latest operating system.

 

GrayKey works by getting around limits on the number of times a password can be entered into the iOS device, and how quickly. Once the passcode has been bypassed, the device can download the entire contents of the phone or tablet.

This is referring to iOS 12s "USB accessories feature" which locks out USB devices if the phone has not been unlocked for an hour

fullsizeoutput_1289.thumb.jpeg.8dfc123350970120680aeed4fb5bf289.jpeg

 

I personally keep this feature on as I don't see any reason to let USB devices connect to my device whenever they want to. If you have not enabled this feature in iOS 12 I suggest that you do, there is no reason not to. 

Quote

Once a device has been unlocked, GrayKey can only extract unencrypted files and metadata, according to Forbes. Because any passcode-lacked iPhone automatically encrypts the contents of the device, police aren’t able to access much.

Quote

Once a device has been unlocked, GrayKey can only extract unencrypted files and metadata, according to Forbes. Because any passcode-lacked iPhone automatically encrypts the contents of the device, police aren’t able to access much.

No one knows what changed in iOS 12 to make the unlocking tool useless.  “It could be everything from better kernel protection to stronger configuration-profile installation restrictions,” Vladimir Katalov, CEO of cybersecurity firm Elcomsoft, told Forbes.

It is very likely that Apple will never disclose exactly how they figured out how to disable these unlocked boxes. Doing so would only help the creators of GrayKey make a work around, if they can. Hopefully the creators of GrayKey will give up and move on with their careers, but they are in a lucrative position if they can find another method to get into locked iOS devices. 

 

Quote

This is all part of an ongoing fundamental difference in perspective between Apple and law enforcement agencies. The iPhone maker regards privacy as a fundamental human right, and does everything it can to secure its devices. Police want access to information stored on all types of computers used in crimes.

All in all, it is great to see this, combined with CEO Tim Cooks speech advocating for better US privacy laws

and now confirmation that this iOS 12 security feature has had the desired outcome of locking GrayKey out and protecting iOS device security and privacy. 

 

Sure, you could say its all just PR to give Apple favor in the public eye, but hey, that PR is giving users real benefits and I'll take those benefits thank you very much. 

 

Sources: https://www.cultofmac.com/585260/ios-12-defeats-graykey-iphone-unlocker-law-enforcement/

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | CPU: R5 2600 | Mobo: ASRock B450M Pro4 | RAM: 16GB 2666 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 10 | Storage: 480GB PNY SSD & 2TB WD Green HDD | PSU: Corsair CX600M | Display: Dell 27 Gaming Monitor S2719DGF 1440p @155Hz, Dell UZ2215H 21.5" 1080p, ViewSonic VX2450wm-LED 23.6" 1080p | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G303 | Audio: Audio Technica ATH-M50X & Blue Snowball
Link to comment
Share on other sites

Link to post
Share on other sites

I thought the grey key fix was what caused some iphones to not charge unless they were unlocked. Will this also cause the same thing ?

Or Is this something new?

🌲🌲🌲

Judge the product by its own merits, not by the Company that created it.

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, Arika S said:

I thought the grey key fix was what caused some iphones to not charge unless they were unlocked. Will this also cause the same thing ?

Or Is this something new?

That was unrelated apparently, at least according to Apple and it was patched with iOS 12.0.1. 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | CPU: R5 2600 | Mobo: ASRock B450M Pro4 | RAM: 16GB 2666 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 10 | Storage: 480GB PNY SSD & 2TB WD Green HDD | PSU: Corsair CX600M | Display: Dell 27 Gaming Monitor S2719DGF 1440p @155Hz, Dell UZ2215H 21.5" 1080p, ViewSonic VX2450wm-LED 23.6" 1080p | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G303 | Audio: Audio Technica ATH-M50X & Blue Snowball
Link to comment
Share on other sites

Link to post
Share on other sites

It's probably going to be a never ending cat and mouse battle at this point 

The Workhorse (AMD-powered custom desktop)

CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro

 

The Portable Station (Intel-powered Lenovo Yoga Slim 7i)

CPU: Intel Core i5 1135G7 | GPU: Intel Iris Xe 80CU | RAM: 16GB LPDDR4X-4267 | Storage: 512GB PCIe SSD | OS: Microsoft Windows 10 Home

 

The Communicator (Apple iPhone 13 Pro)

SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1

Link to comment
Share on other sites

Link to post
Share on other sites

16 minutes ago, D13H4RD2L1V3 said:

It's probably going to be a never ending cat and mouse battle at this point 

definitely better than the alternative 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | CPU: R5 2600 | Mobo: ASRock B450M Pro4 | RAM: 16GB 2666 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 10 | Storage: 480GB PNY SSD & 2TB WD Green HDD | PSU: Corsair CX600M | Display: Dell 27 Gaming Monitor S2719DGF 1440p @155Hz, Dell UZ2215H 21.5" 1080p, ViewSonic VX2450wm-LED 23.6" 1080p | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G303 | Audio: Audio Technica ATH-M50X & Blue Snowball
Link to comment
Share on other sites

Link to post
Share on other sites

2 hours ago, DrMacintosh said:

snip

I still would posit it has little to nothing to do with user rights, or Apple wouldn't be collecting all that same sort of data for themselves as well. But having their own control over everything and letting no one else touch their precious is well within all historic behavior for the company.

 

-I know cynicm etc... whatever. Either way, this part of things has good end-user results.

LINK-> Kurald Galain:  The Night Eternal 

Top 5820k, 980ti SLI Build in the World*

CPU: i7-5820k // GPU: SLI MSI 980ti Gaming 6G // Cooling: Full Custom WC //  Mobo: ASUS X99 Sabertooth // Ram: 32GB Crucial Ballistic Sport // Boot SSD: Samsung 850 EVO 500GB

Mass SSD: Crucial M500 960GB  // PSU: EVGA Supernova 850G2 // Case: Fractal Design Define S Windowed // OS: Windows 10 // Mouse: Razer Naga Chroma // Keyboard: Corsair k70 Cherry MX Reds

Headset: Senn RS185 // Monitor: ASUS PG348Q // Devices: Note 10+ - Surface Book 2 15"

LINK-> Ainulindale: Music of the Ainur 

Prosumer DYI FreeNAS

CPU: Xeon E3-1231v3  // Cooling: Noctua L9x65 //  Mobo: AsRock E3C224D2I // Ram: 16GB Kingston ECC DDR3-1333

HDDs: 4x HGST Deskstar NAS 3TB  // PSU: EVGA 650GQ // Case: Fractal Design Node 304 // OS: FreeNAS

 

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, D13H4RD2L1V3 said:

It's probably going to be a never ending cat and mouse battle at this point 

Has always been like this for years.

Specs: Motherboard: Asus X470-PLUS TUF gaming (Yes I know it's poor but I wasn't informed) RAM: Corsair VENGEANCE® LPX DDR4 3200Mhz CL16-18-18-36 2x8GB

            CPU: Ryzen 9 5900X          Case: Antec P8     PSU: Corsair RM850x                        Cooler: Antec K240 with two Noctura Industrial PPC 3000 PWM

            Drives: Samsung 970 EVO plus 250GB, Micron 1100 2TB, Seagate ST4000DM000/1F2168 GPU: EVGA RTX 2080 ti Black edition

Link to comment
Share on other sites

Link to post
Share on other sites

A step in the right direction but does not fix the "hey, look over here" method of unlocking using FaceID.

Link to comment
Share on other sites

Link to post
Share on other sites

*months later*

 

Greykey defeats iOS 12

 

*And the cycle continues*

One day I will be able to play Monster Hunter Frontier in French/Italian/English on my PC, it's just a matter of time... 4 5 6 7 8 9 years later: It's finally coming!!!

Phones: iPhone 4S/SE | LG V10 | Lumia 920

Laptops: Macbook Pro 15" (mid-2012) | Compaq Presario V6000

Link to comment
Share on other sites

Link to post
Share on other sites

6 hours ago, DrMacintosh said:

That was unrelated apparently, at least according to Apple and it was patched with iOS 12.0.1. 

Your OP is a little confusing. You suggest to “turn the feature on”

 

when in reality to turn it on, it involves turning a switch off, because it says “allow access when locked”

 

may want to rephrase that.

"There is nothing more difficult than fixing something that isn't all the way broken yet." - Author Unknown

"A redline a day keeps depression at bay" - Author Unknown

Spoiler

Intel Core i7-3960X @ 4.6 GHz - Asus P9X79WS/IPMI - 12GB DDR3-1600 quad-channel - EVGA GTX 1080ti SC - Fractal Design Define R5 - 500GB Crucial MX200 and 2 x Seagate ST2000DM006 (in RAID 0 for games!) - The good old Corsair GS700 - Yamakasi Catleap 2703 27" 1440p and ASUS VS239H-P 1080p 23" - NH-D15 - Logitech G710+ - Mionix Naos 7000 - Sennheiser PC350 w/Topping VX-1

 

Avid Miata autocrosser :D

Link to comment
Share on other sites

Link to post
Share on other sites

4 hours ago, ScratchCat said:

A step in the right direction but does not fix the "hey, look over here" method of unlocking using FaceID.

Sorry to break it to you, but any biometric lock has the same fault.

PSU Tier List | CoC

Gaming Build | FreeNAS Server

Spoiler

i5-4690k || Seidon 240m || GTX780 ACX || MSI Z97s SLI Plus || 8GB 2400mhz || 250GB 840 Evo || 1TB WD Blue || H440 (Black/Blue) || Windows 10 Pro || Dell P2414H & BenQ XL2411Z || Ducky Shine Mini || Logitech G502 Proteus Core

Spoiler

FreeNAS 9.3 - Stable || Xeon E3 1230v2 || Supermicro X9SCM-F || 32GB Crucial ECC DDR3 || 3x4TB WD Red (JBOD) || SYBA SI-PEX40064 sata controller || Corsair CX500m || NZXT Source 210.

Link to comment
Share on other sites

Link to post
Share on other sites

5 hours ago, ScratchCat said:

A step in the right direction but does not fix the "hey, look over here" method of unlocking using FaceID.

Just disable FaceID.

Link to comment
Share on other sites

Link to post
Share on other sites

3 hours ago, bcredeur97 said:

when in reality to turn it on, it involves turning a switch off, because it says “allow access when locked”

I think people can follow it :) 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | CPU: R5 2600 | Mobo: ASRock B450M Pro4 | RAM: 16GB 2666 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 10 | Storage: 480GB PNY SSD & 2TB WD Green HDD | PSU: Corsair CX600M | Display: Dell 27 Gaming Monitor S2719DGF 1440p @155Hz, Dell UZ2215H 21.5" 1080p, ViewSonic VX2450wm-LED 23.6" 1080p | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G303 | Audio: Audio Technica ATH-M50X & Blue Snowball
Link to comment
Share on other sites

Link to post
Share on other sites

Is this actually news?  Graykey has claimed in the past that they still work around that USB disable setting (although they were probably bluffing or their workaround was plugging in the camera dongle and battery pack as soon as you recover the device).  It sounds like *maybe* now you can't just download the entire device over lightning, even when it's unlocked, but doesn't iTunes do that already anyways?

Workstation:  12900KF @ 5.2Ghz || MSI Pro-A Z690 DDR4|| EVGA FTW3 3090 1000W || G.Skill 3866 4x8GB || Corsair AX1500i || whole-house loop.

LANRig/GuestGamingBox: 9900nonK || Gigabyte Z390 Master || ASUS TUF 3090 650W shunt || Corsair SF600 || CPU+GPU watercooled 280 rad pull only || whole-house loop.

Server Router (Untangle): 8350K @ 4.7Ghz || ASRock Z370 ITX || 2x8GB 3200 || PicoPSU 250W, running on AX1200i || whole-house loop.

Server Compute/Storage: 10850K @ 5.1Ghz || Gigabyte Z490 Ultra || LSI 9280i-24 port || 4TB Samsung 860 Evo, 5x10TB Seagate Enterprise Raid 6, 4x8TB Seagate Archive Backup ||  whole-house loop.

Laptop: HP Elitebook 840 G8 (Intel 1185G7) + 3060 Thunderbolt Dock, Razer Blade Stealth 13" 2017 (Intel 8550U)

Link to comment
Share on other sites

Link to post
Share on other sites

9 minutes ago, AnonymousGuy said:

Is this actually news?  Graykey has claimed in the past that they still work around that USB disable setting (although they were probably bluffing or their workaround was plugging in the camera dongle and battery pack as soon as you recover the device).  It sounds like *maybe* now you can't just download the entire device over lightning, even when it's unlocked, but doesn't iTunes do that already anyways?

Yes

They were bluffing to save themselves

iTunes can’t view and pick anything unless it’s granted permission on the phones end. The USB accessories feature means iTunes won’t even know an iOS device has been plugged in because the port will simply not communicate any data. 

 

The only data they can grab now is unencrypted data, which is essentially nothing on an iOS device. 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | CPU: R5 2600 | Mobo: ASRock B450M Pro4 | RAM: 16GB 2666 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 10 | Storage: 480GB PNY SSD & 2TB WD Green HDD | PSU: Corsair CX600M | Display: Dell 27 Gaming Monitor S2719DGF 1440p @155Hz, Dell UZ2215H 21.5" 1080p, ViewSonic VX2450wm-LED 23.6" 1080p | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G303 | Audio: Audio Technica ATH-M50X & Blue Snowball
Link to comment
Share on other sites

Link to post
Share on other sites

13 hours ago, ScratchCat said:

A step in the right direction but does not fix the "hey, look over here" method of unlocking using FaceID.

Enable emergency mode. Press the home key 5 (or 10? don't remember) times, and it forces you to enter the passcode to unlock - it disables both FaceID and TouchID.

 

If you're about to be arrested or something? Activate it.

9 hours ago, 79wjd said:

Sorry to break it to you, but any biometric lock has the same fault.

Yep - Law Enforcement can force someone to unlock any biometric device - because biometrics are not "information" that you hold in your mind, you're not protected by the right to remain silent (why they can't force you to give up a passcode).

 

This is obviously super simplified though.

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites

Link to post
Share on other sites

9 hours ago, 79wjd said:

Sorry to break it to you, but any biometric lock has the same fault.

Press the power button five times and voila, Touch/Face ID is now disabled and cops can’t do anything 

There is more that meets the eye
I see the soul that is inside

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, captain_to_fire said:

Press the power button five times and voila, Touch/Face ID is now disabled and cops can’t do anything 

Of course, you might not always get that 3 seconds needed to enable. So if someone is at high risk? Just use a passcode.

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites

Link to post
Share on other sites

11 hours ago, dalekphalm said:

Enable emergency mode. Press the home key 5 (or 10? don't remember) times, and it forces you to enter the passcode to unlock - it disables both FaceID and TouchID.

 

If you're about to be arrested or something? Activate it. 

 

11 hours ago, captain_to_fire said:

Press the power button five times and voila, Touch/Face ID is now disabled and cops can’t do anything 

Or the cops just wait until you are using your phone, take it out of your hand and then arrest you. Thieves could do a similar thing (minus the arresting part).

Link to comment
Share on other sites

Link to post
Share on other sites

16 minutes ago, ScratchCat said:

Or the cops just wait until you are using your phone, take it out of your hand and then arrest you. Thieves could do a similar thing (minus the arresting part).

In most countries like the US, unless there's probable cause cops can't arrest you without a warrant. https://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution#Text

There is more that meets the eye
I see the soul that is inside

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

7 hours ago, ScratchCat said:

Or the cops just wait until you are using your phone, take it out of your hand and then arrest you. Thieves could do a similar thing (minus the arresting part).

Sure but how often is that going to happen? Anyone who is likely to have that happen, probably knows they've committed some crime, and then they would be stupid to use FaceID/TouchID to begin with.

 

In terms of a thief stealing it out of your hand? If they do that, you're probably using the phone. Which means it's unlocked. Which means it literally doesn't matter what system you use, or even if you use Touch/FaceID at all.

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites

Link to post
Share on other sites

You know police normally just contact Apple and have them send over what they need.

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, NinJake said:

You know police normally just contact Apple and have them send over what they need.

Apple can only send over info from iCloud.

For Sale: Meraki Bundle

 

iPhone Xr 128 GB Product Red - HP Spectre x360 13" (i5 - 8 GB RAM - 256 GB SSD) - HP ZBook 15v G5 15" (i7-8850H - 16 GB RAM - 512 GB SSD - NVIDIA Quadro P600)

 

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×