Grayshift May Already Have iPhone Unlocking Solution for iOS 12's USB Restricted Mode

by

iOS 12 introduces USB restrictions that effectively put an end to law enforcement access to iPhones and iPads using devices like the GrayKey box, but Grayshift, the company that makes the box, may have already developed a workaround.

VICE's Motherboard shared an email from a forensic expert who planned to meet with Grayshift, which said the company had "gone to great lengths" to futureproof its technology and that USB Restricted Mode had been "already defeated."

Grayshift's GrayKey iPhone unlocking box, via MalwareBytes

"Grayshift has gone to great lengths to future proof their technology and stated that they have already defeated this security feature in the beta build. Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on," a June email from a forensic expert who planned to meet with Grayshift, and seen by Motherboard, reads, although it is unclear from the email itself how much of this may be marketing bluff. "They seem very confident in their staying power for the future right now," the email adds.

A second source that spoke to Motherboard said Grayshift addressed the topic of USB Restricted Mode in a webinar several weeks ago.

Coming in iOS 12, USB Restricted Mode prevents USB accessories from connecting to an iPhone or iPad if it's been more than an hour since the device was last unlocked.

The setting is enabled by default and it will not allow USB-based accessories like the GrayKey box to connect to an iOS device until a passcode is entered, effectively disabling the current techniques law enforcement officials across the United States are using to access locked iPhones.


Motherboard's sources did not share details on how Grayshift plans to avoid the new USB restrictions, so it's not clear if the GrayKey box will continue to function or if Grayshift has another iPhone access solution in the works.

Despite Grayshift's potential workaround, law enforcement officials are concerned about the changes Apple is implementing, and are said to be frustrated with the attention the GrayKey box has received in the media. "Some vendors are frustrated with GrayKey," one researcher told Motherboard. "They feel the media hype brought too much attention to the attack vector."

Apple yesterday confirmed its plans to implement new USB access restrictions in iOS 12 and clarified that it is aiming to defend customers against hackers, not frustrate law enforcement officials.

"At Apple, we put the customer at the center of everything we design. We're constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don't design our security improvements to frustrate their efforts to do their jobs," Apple said in a statement to MacRumors.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

(View all)
Avatar
26 months ago

"Some vendors are frustrated with GrayKey," one researcher told Motherboard. "They feel the media hype brought too much attention to the attack vector."

Too bad. The media was doing their jobs by reporting on the fact that the government is paying huge chunks of money to some company to hack our phones. This is how you have accountability in a free and open society. They need to get over it. At the end of the day this is yet another security vulnerability that must be patched. If some kid was doing this the FBI would raid his home and he'd serve jail time.
Score: 24 Votes (Like | Disagree)
Avatar
26 months ago
If they were smart, they would've waited until iOS 12 was in the GM stage to announce this. Now Apple can look into fixing their bypass. :D
Score: 21 Votes (Like | Disagree)
Avatar
26 months ago
They could also be bluffing while they actually find another exploit. This way they don't lose any business from LE. What will they do if Apple eliminates the port? It's very possible that this will happen in the coming years.
Score: 12 Votes (Like | Disagree)
Avatar
26 months ago
Workaround: hold iPhone in front of owner's face.
Score: 12 Votes (Like | Disagree)
Avatar
26 months ago
Surely if the port is disabled then there is nothing they could do? Disabled is disabled surely?
Score: 12 Votes (Like | Disagree)
Avatar
26 months ago
I have to assume at this point Apple has one of these boxes they can test against...
Score: 11 Votes (Like | Disagree)

Top Stories

Apple Doubles the Price of RAM Upgrade on Entry-Level 13-Inch MacBook Pro

Saturday May 30, 2020 4:00 pm PDT by
Apple today doubled the price for upgrading the RAM on the entry-level 13-inch MacBook Pro, with customers in the United States now being charged $200 to move from 8GB to 16GB compared to the previous $100 upgrade price. Similar increases are seen in other countries, such as moving from €125 to €250 in Germany and from £100 to £200 in the United Kingdom. Current pricing on RAM upgrade for ...

Tim Cook Addresses George Floyd's Death and Ensuing Protests and Riots as Apple Temporarily Closes Some U.S. Stores

Sunday May 31, 2020 8:04 pm PDT by
Amid unrest in numerous U.S. cities following last week's killing of George Floyd by police in Minneapolis, Apple CEO Tim Cook has shared an internal memo with employees (via Bloomberg) addressing the pain that many are feeling and urging others to commit "to creating a better, more just world for everyone." Cook also announced that Apple is making donations to several groups challenging...

Apple's First MacBook Pro With a Retina Display Will Become 'Obsolete' in 30 Days

Monday June 1, 2020 7:50 am PDT by
If you are still hanging on to a Mid 2012 model of the 15-inch MacBook Pro with a Retina display, and require a new battery or other repairs, be sure to book an appointment with a service provider as soon as possible. In an internal memo today, obtained by MacRumors, Apple has indicated that this particular MacBook Pro model will be marked as "obsolete" worldwide on June 30, 2020, just over...

Top Stories: macOS 10.15.5, New Powerbeats Pro Colors, iPhone 12 and 13 Rumors, and More

Saturday May 30, 2020 6:00 am PDT by
This week saw an interesting mix of news and rumors on the Apple front, led by the release of macOS 10.15.5, which brings a new battery health feature to newer Mac notebooks, while we also saw the official announcement of new colors for the Powerbeats Pro earphones. On the rumor front, we heard a few tidbits about not just this year's iPhone 12 but also next year's iPhone, while we saw...

8 Mac Tips and Tricks You Might Not Know

Friday May 29, 2020 12:36 pm PDT by
There are tons of hidden features and shortcuts for Macs that Apple has built into macOS over the years, ranging from shortcuts to keyboard commands to other little hacks to make Mac usage just a bit simpler. In our latest YouTube video, we highlighted several of these tips and tricks, and some of them might just be new to you. Subscribe to the MacRumors YouTube channel for more videos. Tr...

6.1-inch 'iPhone 12' Production to Begin in July Ahead of Other 2020 Models

Monday June 1, 2020 2:36 am PDT by
Volume production of Apple's forthcoming 6.1-inch "iPhone 12" models will start in July-August ahead of the rest of the company's flagship iPhone lineup this year, according to a new report by DigiTimes. Apple is widely rumored to be launching four new ‌iPhone‌ models in the usual September or October timeframe, although supply constraints and delays in production ramp-up could cause a...

Apple Releases iOS and iPadOS 13.5.1 With Fixes for Recent 'unc0ver' Jailbreak Vulnerability

Monday June 1, 2020 9:58 am PDT by
Apple today released iOS and iPadOS 13.5.1, minor updates that come a little over a week after the release of iOS and iPadOS 13.5, major updates that brought the Exposure Notification API, FaceTime changes, mask-related unlocking updates and more. The iOS and iPadOS 13.5.1 updates are available on all eligible devices over-the-air in the Settings app. To access the updates, go to Settings >...

Apple Introducing New Internal USB-C Diagnostic Tool

Sunday May 31, 2020 7:26 pm PDT by
Apple is introducing a new internal USB-C Diagnostic Tool as a successor to its existing Serial Number Reader, which can be used to both collect a device's serial number directly from its logic board and test power on a device itself. Image via Giulio Zompetti With only a Lightning version previously available, images have surfaced of a new USB-C Diagnostic Tool (UDT) that appears to be known ...

Powerbeats Pro Debut in Four New Colors: Spring Yellow, Cloud Pink, Lava Red, and Glacier Blue

Friday May 29, 2020 10:00 am PDT by
Following a couple of leaks in recent weeks, Beats today is officially announcing four new colors for its Powerbeats Pro wireless earphones: Spring Yellow, Cloud Pink, Lava Red, and Glacier Blue. The new earphones will go on sale June 9 and sell for the same $249.95 price as the existing color options. Aside from the colors, the new Powerbeats Pro models are otherwise identical to the...

Apple Releases macOS Catalina 10.15.5 Supplemental Update With Security Fix

Monday June 1, 2020 10:56 am PDT by
Apple today released a supplemental update for macOS Catalina 10.15.5, the fifth update to the macOS Catalina operating system that was released in October 2019. The supplemental update comes a week after the release of the macOS Catalina 10.15.5 update. ‌macOS Catalina‌ 10.15.5 is a free update that can be downloaded from the Mac App Store using the Update feature in the System...