By Robert McMillan
At a conference of law-enforcement forensics officials last
week, someone asked David Miles what would happen if Apple Inc.
tried to ruin his business.
Mr. Miles heads an Atlanta startup called Grayshift LLC that
sells a $15,000 iPhone-unlocking box to police and other
authorities in the U.S. The device's popularity has contributed to
what some forensics investigators say is a golden age of iPhone
investigations and led the conference attendee to ask what
Grayshift could do if Apple tried to block it.
"That's the question everyone's asking," Mr. Miles said to muted
laughter, before returning to a demonstration of how his device,
called a GrayKey, could break into an iPhone and download nearly
all of the data available on the device.
Now Apple is indeed firing back, saying Wednesday it is testing
a change to its iOS mobile software that, according to people
familiar with the company's plans, could stop the GrayKey from
getting into iPhones. It's a blow in the cat-and-mouse game between
the world's most valuable publicly traded company and a handful of
forensic-tools makers, including Grayshift, that have found ways to
penetrate the iPhone's much-touted privacy defenses.
Behind that skirmish is the larger debate over how to balance
user privacy against the desire of law-enforcement officials to
access information on devices they say could aid investigations
and, in some cases, potentially save lives.
Apple fought an epic battle in 2016 over that issue with the
Federal Bureau of Investigation, which asked a federal court to
force the tech giant to unlock an iPhone used by one of the
shooters in the 2015 San Bernardino, Calif., terrorist attacks.
Apple at the time said helping the FBI would risk creating a
tool that could compromise the security of all its customers. The
legal clash ended only after the FBI paid more than $1 million for
a hacking tool to unlock the device.
Grayshift -- with fewer than 20 employees and a router-sized
gray box that even many local governments can afford -- has made
that 2016 fight and its resolution look antiquated.
The company, which started selling GrayKey earlier this year,
won't discuss the Apple flaws it leverages to get onto the iPhone.
But at last week's demonstration, it was an easy process. Mr. Miles
plugged an iPhone X into the GrayKey's Lightning cable, clicked a
handful of options on a management screen and the device went to
work.
Apple's new software feature is designed to limit the window of
opportunity for police to use the GrayKey to 60 minutes. The
software feature prevents devices from accessing data on the iPhone
via the Lightning port starting an hour after a phone was last
unlocked. The company has also likely included software patches
that will otherwise block the GrayKey's effectiveness, security
researchers say.
"There's a punch-counterpunch narrative here that's unfolding,"
said Dan Guido, chief executive at the security consultancy Trail
of Bits Inc. "Grayshift scored a really nice hook."
Mr. Miles told attendees of the Myrtle Beach, S.C., conference
that Grayshift plans more punches ahead. The company has invested
heavily in research and development in its two years of existence,
expecting that some techniques will be rendered obsolete over time.
"It is an arms race, " Mr. Miles said.
Grayshift plans to deliver new iPhone-cracking methods to
GrayKey users via software updates, Mr. Miles said. The GrayKey
works only on Apple devices, which overall present a much greater
level of challenge to law enforcement than Android phones do,
forensics investigators say.
The company is doing this developing the new methods with the
assistance of accomplished iPhone hackers, including at least one
former member of Apple's security team who left the company in
2012, according to people familiar with the company.
Apple declined to comment on GrayKey specifically, or to discuss
its further plans for combating such efforts. "We have the greatest
respect for law enforcement, and we don't design our security
improvements to frustrate their efforts to do their jobs," Apple
said Wednesday.
Apple has taken steps to work more closely with law enforcement.
In March, an Apple executive took the unusual step of providing a
presentation on digital forensics during an invitation-only
international law-enforcement conference in the U.K. this past
March.
While other companies offer ways to break into iPhones,
Grayshift has become popular with U.S. law enforcement because of
its low cost, effectiveness and ease of use, forensics experts
say.
In Georgia's Gwinnett County, local prosecutors have used
GrayKey 30 times in the past month to extract emails, texts,
contact lists and other data that previously had been
near-impossible to collect from iPhones, according to Chris Ford,
an investigator with the district attorney's office. He credits it
with helping crack homicide, armed-robbery, rape and other criminal
cases.
"FBI agents from Atlanta were driving up to use this device
because they didn't have one yet," Mr. Ford said.
The FBI declined to say whether it uses GrayKey.
Grayshift has kept a low profile, declining press requests for
interviews and maintaining a bare-bones website with no details of
its products. It lists an Atlanta-based UPS Store as its business
address.
A rare public demonstration of Grayshift's tech at a Myrtle
Beach hotel was packed with dozens of investigators and other
officials, who watched Mr. Miles plug the iPhone X into his
box.
The GrayKey quickly went to work installing its
passcode-guessing software onto the iPhone, which can circumvent
the Apple password-guessing protections that can lock the phone
permanently after too many failed attempts.
Guessing hundreds of passcode combinations a minute, the GrayKey
in the demonstration took about 30 minutes to crack the iPhone's
easy-to-guess passcode of 967967 and download data. Extracting a
more complex passcode could take days, Mr. Miles said.
Mr. Ford estimates the GrayKey correctly guesses the passwords
of between 50% and 60% of the iPhones he tries it on. Some phones
have passcodes too complex to be cracked in a reasonable amount of
time.
At the conference, Grayshift's booth was shadowed by an armed
guard. "We're very careful to make sure that the product only goes
to those who are authorized to use it," Mr. Miles said
Write to Robert McMillan at Robert.Mcmillan@wsj.com
(END) Dow Jones Newswires
June 14, 2018 13:36 ET (17:36 GMT)
Copyright (c) 2018 Dow Jones & Company, Inc.
Apple (NASDAQ:AAPL)
Historical Stock Chart
From Mar 2024 to Apr 2024
Apple (NASDAQ:AAPL)
Historical Stock Chart
From Apr 2023 to Apr 2024