Grayshift May Already Have iPhone Unlocking Solution for iOS 12's USB Restricted Mode

iOS 12 introduces USB restrictions that effectively put an end to law enforcement access to iPhones and iPads using devices like the GrayKey box, but Grayshift, the company that makes the box, may have already developed a workaround.

VICE's Motherboard shared an email from a forensic expert who planned to meet with Grayshift, which said the company had "gone to great lengths" to futureproof its technology and that USB Restricted Mode had been "already defeated."

Grayshift's GrayKey iPhone unlocking box, via MalwareBytes
"Grayshift has gone to great lengths to future proof their technology and stated that they have already defeated this security feature in the beta build. Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on," a June email from a forensic expert who planned to meet with Grayshift, and seen by Motherboard, reads, although it is unclear from the email itself how much of this may be marketing bluff. "They seem very confident in their staying power for the future right now," the email adds.
A second source that spoke to Motherboard said Grayshift addressed the topic of USB Restricted Mode in a webinar several weeks ago.

Coming in iOS 12, USB Restricted Mode prevents USB accessories from connecting to an iPhone or iPad if it's been more than an hour since the device was last unlocked.

The setting is enabled by default and it will not allow USB-based accessories like the GrayKey box to connect to an iOS device until a passcode is entered, effectively disabling the current techniques law enforcement officials across the United States are using to access locked iPhones.


Motherboard's sources did not share details on how Grayshift plans to avoid the new USB restrictions, so it's not clear if the GrayKey box will continue to function or if Grayshift has another iPhone access solution in the works.

Despite Grayshift's potential workaround, law enforcement officials are concerned about the changes Apple is implementing, and are said to be frustrated with the attention the GrayKey box has received in the media. "Some vendors are frustrated with GrayKey," one researcher told Motherboard. "They feel the media hype brought too much attention to the attack vector."

Apple yesterday confirmed its plans to implement new USB access restrictions in iOS 12 and clarified that it is aiming to defend customers against hackers, not frustrate law enforcement officials.

"At Apple, we put the customer at the center of everything we design. We're constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don't design our security improvements to frustrate their efforts to do their jobs," Apple said in a statement to MacRumors.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Related Roundup: iOS 12


Top Rated Comments

(View all)
Avatar
18 weeks ago

"Some vendors are frustrated with GrayKey," one researcher told Motherboard. "They feel the media hype brought too much attention to the attack vector."

Too bad. The media was doing their jobs by reporting on the fact that the government is paying huge chunks of money to some company to hack our phones. This is how you have accountability in a free and open society. They need to get over it. At the end of the day this is yet another security vulnerability that must be patched. If some kid was doing this the FBI would raid his home and he'd serve jail time.
Rating: 24 Votes
Avatar
18 weeks ago
If they were smart, they would've waited until iOS 12 was in the GM stage to announce this. Now Apple can look into fixing their bypass. :D
Rating: 21 Votes
Avatar
18 weeks ago
Workaround: hold iPhone in front of owner's face.
Rating: 12 Votes
Avatar
18 weeks ago
Surely if the port is disabled then there is nothing they could do? Disabled is disabled surely?
Rating: 12 Votes
Avatar
18 weeks ago
They could also be bluffing while they actually find another exploit. This way they don't lose any business from LE. What will they do if Apple eliminates the port? It's very possible that this will happen in the coming years.
Rating: 12 Votes
Avatar
18 weeks ago


VICE's Motherboard ('https://motherboard.vice.com/en_us/article/pavwzv/cops-are-confident-iphone-hackers-have-found-a-workaround-to-apples-new-security-feature') shared an email from a forensic expert who planned to meet with Grayshift, which said the company had "gone to great lengths" to futureproof its technology and that USB Restricted Mode had been "already defeated."

Sounds a bit like damage control, if you ask me. Hoping to make a few extra bucks before the well runs dry. Normally, I'm all for the little guys taking on the big-bad corporate baddies... but script-kiddies and crackers I can do without. (That means you, too, NSA!)

Remember CurrentC from a few years ago? No? That's because Apple Pay rendered it laughably dead-on-arrival. Grayshift is going to be DOA as well, easily outmaneuvered if Apple has their way.
Rating: 11 Votes
Avatar
18 weeks ago
I have to assume at this point Apple has one of these boxes they can test against...
Rating: 11 Votes
Avatar
18 weeks ago


Which will only work, of course, until they develop the trace buster buster buster.
Rating: 9 Votes
Avatar
18 weeks ago

Workaround: hold iPhone in front of owner's face.


Yeah no kidding, right?

Its nice that Grayshift can help Apple fix these security holes in their OS. The sooner Grayshift shows their approaches the sooner Apple can close them - which Apple is quite good about doing (and I really love that about the company).
Rating: 8 Votes
Avatar
18 weeks ago

Everything has a price? That same saying can be used against Apple. Someone can pay an apple employee to steal Apple's digital signing keys. Ultimate back door right there.


Pretty sure that's not how it works...there isn't a guy at Apple walking around with a big shiny key he can just give away if he gets pissed off.
Rating: 8 Votes
[ Read All Comments ]