{"id":5994,"date":"2019-01-22T22:47:17","date_gmt":"2019-01-23T02:47:17","guid":{"rendered":"http:\/\/ncjolt.org\/?p=5994"},"modified":"2020-06-04T20:52:28","modified_gmt":"2020-06-04T20:52:28","slug":"ios-12-blocking-graykey","status":"publish","type":"post","link":"https:\/\/journals.law.unc.edu\/ncjolt\/blogs\/ios-12-blocking-graykey\/","title":{"rendered":"iOS 12: Blocking GrayKey"},"content":{"rendered":"\n<p>On September 17, Apple publicly released\ntheir iOS 12 update for the iPhone, iPad, and iPod touch. The updates most\nnotable features include: improved device performance;\nFacetime with up to 32 people at once; and augmented reality capabilities. As usual,\nApple also updated the iPhones\nsecurity. However, iOS 12\u2019s product page gives little detail on specifics along\nwith the following policy statement, <a href=\"https:\/\/www.apple.com\/ios\/ios-12\/\">\u201cApple believes privacy\nis a fundamental human right, which is why iOS has always been designed with\nbuilt-in encryption, on-device intelligence, and other tools that let you share\nwhat you want on your terms.\u201d<\/a> <\/p>\n\n\n<p>On October 24, just six weeks after\nthe release of iOS 12, Apple\u2019s security improvements became apparent as several\nnews outlets reported that <a href=\"https:\/\/gizmodo.com\/apple-reportedly-blocked-police-iphone-hacking-tool-and-1829974710\">GrayKey\nno longer functioned on updated iOS 12 iPhones<\/a>. In early 2018,\nGrayshift, an Atlanta based company created GrayKey, a program that uses\nexploits in the iPhone\u2019s software in order to circumvent the iPhone\u2019s passcode.\n<\/p>\n\n\n<p>GrayKey is sold exclusively to law enforcement agencies and is available in two configurations priced at $15,000 and $30,000. <a href=\"https:\/\/www.forbes.com\/sites\/thomasbrewster\/2018\/03\/05\/apple-iphone-x-graykey-hack\/#1ae701332950\">The main differences between the two configurations is that the $15,000 model requires a constant internet connection and has a limit on the number of iPhones it unlocks. While, the $30,000 configuration has neither restriction.<\/a> In comparison historic cost in hacking the iPhone passcode, GrayKey is a complete bargain for law enforcement agencies.  <\/p>\n\n\n<p>In 2016, law enforcement created\nthe market for bypassing the iPhone\u2019s security following the mass shooting in\nthe 2015 San Bernardino, California terrorist attack. The FBI attempted to\nforce Apple to create a tool for law enforcement to bypass the iPhone\u2019s passcode.\nTim\nCook, Apple\u2019s CEO, refused to comply with the request due to concerns of the\npotential misuse of such a tool on the public. <a href=\"http:\/\/time.com\/4262480\/tim-cook-apple-fbi-2\/\">Cook stated, \u201cTo invent what they want me to invent\u2026 puts millions of\npeople at risk.&#8221;<\/a> The FBI ultimately sued Apple to\nforce the company\u2019s compliance, but later dropped the lawsuit after finding a\nthird-party that was capable of hacking the iPhone\u2019s passcode. In the end, <a href=\"https:\/\/www.theguardian.com\/technology\/2016\/apr\/21\/fbi-apple-iphone-hack-san-bernardino-price-paid?CMP=twt_a-technology_b-gdntech\">the\nFBI paid $1.3 million dollars to access the San Bernardino terrorist\u2019s iPhone.<\/a> <\/p>\n\n\n<p>Currently, GrayKey is popular product\nacross various law enforcement agencies across the country. An investigation\ninto GrayShift revealed that among the company\u2019s list of clients include <a href=\"https:\/\/www.popularmechanics.com\/technology\/security\/a24219241\/apple-greykey-ios12-police-hacking\/\">the\nState Department, Drug Enforcement Agency<\/a>,\nImmigration and Customs Enforcement, U.S. Secret Service, several regional and\nstate police forces, and <a href=\"https:\/\/www.wired.co.uk\/article\/police-iphone-hacking-grayshift-graykey-uk\">police\nforces in the UK<\/a>.<\/p>\n\n\n<p>With so many government agencies\ninvested in GrayKey, iOS 12 likely represent only a temporary halt in accessing\nlocked iPhones. Although passcode cracks are relatively recent in the iPhone\u2019s\nhistory, general hacks to the platform date back to the iPhone\u2019s first\ngeneration and still continue today. Add the massive economic incentive and\ngovernment support, it is only a matter of time before GrayShift or some other\nthird-party succeeds in defeating iOS 12\u2019s passcode security. Despite\nthe benefit hacking tools provides law enforcement, their existence alone\nundermines the privacy and security of not just the American public.\nToday, cellphones are arguably an individual\u2019s\nmost intimate possessions, given that it contains so much personal information,\nthrough access to ones: messages, locations visited, online browsing history,\npictures, and social network and finance accounts. With tens of millions of\niPhone owners around the world, many depend on the iPhone\u2019s security to keep\nthis information protected.\n<\/p>\n\n\n<p>Christopher Yarnell, 12 November 2018<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On September 17, Apple publicly released their iOS 12 update for the iPhone, iPad, and iPod touch. The updates most notable features include: improved device performance; Facetime with up to 32 people at once; and augmented reality capabilities. As usual, Apple also updated the iPhones security. However, iOS 12\u2019s product page gives little detail on <a href=\"https:\/\/journals.law.unc.edu\/ncjolt\/blogs\/ios-12-blocking-graykey\/\" class=\"more-link\">&#8230;<\/a><\/p>\n","protected":false},"author":1,"featured_media":5995,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[51],"tags":[],"_links":{"self":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts\/5994"}],"collection":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/comments?post=5994"}],"version-history":[{"count":1,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts\/5994\/revisions"}],"predecessor-version":[{"id":6878,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts\/5994\/revisions\/6878"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/media\/5995"}],"wp:attachment":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/media?parent=5994"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/categories?post=5994"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/tags?post=5994"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}