Grayshift claim that GrayKey tool can crack all iphone devices

According to a report released last week by a well-known American business magazine Forbes, US law enforcement agencies have made significant technological breakthroughs in breaking iPhone. Its security contractor Cellebrite claims that it has found a new technology that can unlock almost all of the current iPhones on the market, including the latest iPhone X and iPhone 8.

On Monday, Forbes once again reported that another unknown American startup Grayshift has developed a tool called “GrayKey” that can extract complete system files from iOS devices and use brute force to crack them. The form of the password forcibly bypassed Apple’s security measures to unlock the iPhone. It is worth noting that the company was jointly funded by a U.S. intelligence agency contractor and a former Apple Security Engineer.

In the last few weeks, marketing information on the GrayKey tool has spread widely between private detective groups and some private forensics companies. According to the data, it will be sold in two forms: the online version is priced at $15,000 and the number of uses is limited to 300. In other words, you will spend $50 for each unlocked iPhone, and $30,000 for the offline version, without limiting the number of uses.

Another ad shows that Grayshift claims to unlock all iPhone running iOS 10 and 11, and that iOS 9 support is coming soon. In addition, it also claims that the tool can work on the latest Apple firmware, such as the iPhone X and iPhone 8 released last year.

An anonymous source posted an article to Forbes through a private Google group that the authors of the article confirmed to readers through screenshots that they did unlock the iPhone X by using GrayKey.

According to Ryan Duff, head of network solutions at Point3 Security, Grayshift took advantage of a similar loophole Cellebrite used to unlock the iPhone, which was to attack Apple’s Secure Enclave module.

This attack mainly relies on guessing passwords repeatedly. And we know that when the iPhone enters the wrong number of passwords more than 10 times, the iPhone will have a long inoperable time. This time is a random value, it is said that at least 141 minutes to re-enter the password, more people have to wait for more than 47 years to this end.

From this, we can see that GrayKey’s cracking efficiency is not as high as we think. It takes a long time to violently crack a password, and for this, it also has to set a special code to clear the password for the number of attempts.

In addition, because GrayKey does not need the user to send the equipment needing to unlock to their laboratory. This allows Apple to decompile GrayKey to understand how it works and to determine which exploits it exploits. Apple will certainly fix the vulnerabilities in later releases.

Source, Image: Forbes