iOS 12 defeats GrayKey

[DrMacintosh]

Quote

Apple has apparently won a victory in preserving the privacy of iPhone users. Previously, even if an iOS device was secured with a password, police could use the GrayKey unlocking tool to access the contents. But that changed with iOS 12. 

 

This hacking tool reportedly became nearly useless with the release of Apple’s latest operating system.

 

GrayKey works by getting around limits on the number of times a password can be entered into the iOS device, and how quickly. Once the passcode has been bypassed, the device can download the entire contents of the phone or tablet.

This is referring to iOS 12s "USB accessories feature" which locks out USB devices if the phone has not been unlocked for an hour

 

I personally keep this feature on as I don't see any reason to let USB devices connect to my device whenever they want to. If you have not enabled this feature in iOS 12 I suggest that you do, there is no reason not to. 

Quote

Once a device has been unlocked, GrayKey can only extract unencrypted files and metadata, according to Forbes. Because any passcode-lacked iPhone automatically encrypts the contents of the device, police aren’t able to access much.

Quote

Once a device has been unlocked, GrayKey can only extract unencrypted files and metadata, according to Forbes. Because any passcode-lacked iPhone automatically encrypts the contents of the device, police aren’t able to access much.

No one knows what changed in iOS 12 to make the unlocking tool useless.  “It could be everything from better kernel protection to stronger configuration-profile installation restrictions,” Vladimir Katalov, CEO of cybersecurity firm Elcomsoft, told Forbes.

It is very likely that Apple will never disclose exactly how they figured out how to disable these unlocked boxes. Doing so would only help the creators of GrayKey make a work around, if they can. Hopefully the creators of GrayKey will give up and move on with their careers, but they are in a lucrative position if they can find another method to get into locked iOS devices. 

 

Quote

This is all part of an ongoing fundamental difference in perspective between Apple and law enforcement agencies. The iPhone maker regards privacy as a fundamental human right, and does everything it can to secure its devices. Police want access to information stored on all types of computers used in crimes.

All in all, it is great to see this, combined with CEO Tim Cooks speech advocating for better US privacy laws

and now confirmation that this iOS 12 security feature has had the desired outcome of locking GrayKey out and protecting iOS device security and privacy. 

 

Sure, you could say its all just PR to give Apple favor in the public eye, but hey, that PR is giving users real benefits and I'll take those benefits thank you very much. 

 

Sources: https://www.cultofmac.com/585260/ios-12-defeats-graykey-iphone-unlocker-law-enforcement/

[Arika]

I thought the grey key fix was what caused some iphones to not charge unless they were unlocked. Will this also cause the same thing ?

Or Is this something new?

[DrMacintosh]

Just now, Arika S said:

I thought the grey key fix was what caused some iphones to not charge unless they were unlocked. Will this also cause the same thing ?

Or Is this something new?

That was unrelated apparently, at least according to Apple and it was patched with iOS 12.0.1. 

[D13H4RD]

It's probably going to be a never ending cat and mouse battle at this point 

[DrMacintosh]

16 minutes ago, D13H4RD2L1V3 said:

It's probably going to be a never ending cat and mouse battle at this point 

definitely better than the alternative 

[Curufinwe_wins]

2 hours ago, DrMacintosh said:

snip

I still would posit it has little to nothing to do with user rights, or Apple wouldn't be collecting all that same sort of data for themselves as well. But having their own control over everything and letting no one else touch their precious is well within all historic behavior for the company.

 

-I know cynicm etc... whatever. Either way, this part of things has good end-user results.

[williamcll]

1 hour ago, D13H4RD2L1V3 said:

It's probably going to be a never ending cat and mouse battle at this point 

Has always been like this for years.

[ScratchCat]

A step in the right direction but does not fix the "hey, look over here" method of unlocking using FaceID.

[suicidalfranco]

*months later*

 

Greykey defeats iOS 12

 

*And the cycle continues*

[captain_to_fire]

Just you wait until they piss off the US government once again 

[Arika]

government departments that bought a greykey after hearing this news

 

[bcredeur97]

6 hours ago, DrMacintosh said:

That was unrelated apparently, at least according to Apple and it was patched with iOS 12.0.1. 

Your OP is a little confusing. You suggest to “turn the feature on”

 

when in reality to turn it on, it involves turning a switch off, because it says “allow access when locked”

 

may want to rephrase that.

[79wjd]

4 hours ago, ScratchCat said:

A step in the right direction but does not fix the "hey, look over here" method of unlocking using FaceID.

Sorry to break it to you, but any biometric lock has the same fault.

[Brooksie359]

5 hours ago, ScratchCat said:

A step in the right direction but does not fix the "hey, look over here" method of unlocking using FaceID.

Just disable FaceID.

[DrMacintosh]

3 hours ago, bcredeur97 said:

when in reality to turn it on, it involves turning a switch off, because it says “allow access when locked”

I think people can follow it  

[AnonymousGuy]

Is this actually news?  Graykey has claimed in the past that they still work around that USB disable setting (although they were probably bluffing or their workaround was plugging in the camera dongle and battery pack as soon as you recover the device).  It sounds like *maybe* now you can't just download the entire device over lightning, even when it's unlocked, but doesn't iTunes do that already anyways?

[DrMacintosh]

9 minutes ago, AnonymousGuy said:

Is this actually news?  Graykey has claimed in the past that they still work around that USB disable setting (although they were probably bluffing or their workaround was plugging in the camera dongle and battery pack as soon as you recover the device).  It sounds like *maybe* now you can't just download the entire device over lightning, even when it's unlocked, but doesn't iTunes do that already anyways?

Yes

They were bluffing to save themselves

iTunes can’t view and pick anything unless it’s granted permission on the phones end. The USB accessories feature means iTunes won’t even know an iOS device has been plugged in because the port will simply not communicate any data. 

 

The only data they can grab now is unencrypted data, which is essentially nothing on an iOS device. 

[dalekphalm]

13 hours ago, ScratchCat said:

A step in the right direction but does not fix the "hey, look over here" method of unlocking using FaceID.

Enable emergency mode. Press the home key 5 (or 10? don't remember) times, and it forces you to enter the passcode to unlock - it disables both FaceID and TouchID.

 

If you're about to be arrested or something? Activate it.

9 hours ago, 79wjd said:

Sorry to break it to you, but any biometric lock has the same fault.

Yep - Law Enforcement can force someone to unlock any biometric device - because biometrics are not "information" that you hold in your mind, you're not protected by the right to remain silent (why they can't force you to give up a passcode).

 

This is obviously super simplified though.

[captain_to_fire]

9 hours ago, 79wjd said:

Sorry to break it to you, but any biometric lock has the same fault.

Press the power button five times and voila, Touch/Face ID is now disabled and cops can’t do anything 

[dalekphalm]

1 minute ago, captain_to_fire said:

Press the power button five times and voila, Touch/Face ID is now disabled and cops can’t do anything 

Of course, you might not always get that 3 seconds needed to enable. So if someone is at high risk? Just use a passcode.

[ScratchCat]

11 hours ago, dalekphalm said:

Enable emergency mode. Press the home key 5 (or 10? don't remember) times, and it forces you to enter the passcode to unlock - it disables both FaceID and TouchID.

 

If you're about to be arrested or something? Activate it. 

 

11 hours ago, captain_to_fire said:

Press the power button five times and voila, Touch/Face ID is now disabled and cops can’t do anything 

Or the cops just wait until you are using your phone, take it out of your hand and then arrest you. Thieves could do a similar thing (minus the arresting part).

[captain_to_fire]

16 minutes ago, ScratchCat said:

Or the cops just wait until you are using your phone, take it out of your hand and then arrest you. Thieves could do a similar thing (minus the arresting part).

In most countries like the US, unless there's probable cause cops can't arrest you without a warrant. https://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution#Text

[dalekphalm]

7 hours ago, ScratchCat said:

Or the cops just wait until you are using your phone, take it out of your hand and then arrest you. Thieves could do a similar thing (minus the arresting part).

Sure but how often is that going to happen? Anyone who is likely to have that happen, probably knows they've committed some crime, and then they would be stupid to use FaceID/TouchID to begin with.

 

In terms of a thief stealing it out of your hand? If they do that, you're probably using the phone. Which means it's unlocked. Which means it literally doesn't matter what system you use, or even if you use Touch/FaceID at all.

[NinJake]

You know police normally just contact Apple and have them send over what they need.

[dalekphalm]

Just now, NinJake said:

You know police normally just contact Apple and have them send over what they need.

Apple can only send over info from iCloud.