You might already know that an iPhone is always under attack as a lot of people want to gain access to the contents and data it holds, whether or not it has the will to reveal them. To that end, a purposefully build device that can be used to gain access to a locked iPhone is out.
Meet GrayKey – Created by Grayshift
It’s a device that can be used to hack into an iPhone with a Lightning port. Hence, any iPad or iPhone that comes with the latest charging port can be hacked, although the cost of the Grayshift GrayKey is $15,000, and it will cost potentially more to get the job done.
However, the price isn’t coming in the way of demand, with outfits like DEA, FBI, and others placing orders for GrayKey in large numbers. The device brute-forces its way into the iOS ecosystem, with isn’t anything new in itself, and new devices are being prevented by Apple from functioning.
According to an ex-Apple employee (who works for Grayshift), a new security feature in iOS 11.3 betas prevented iOS Lightning port access if previously it wasn’t accessed via passcode or biometric security measures for a week or more. That could leave GrayKey devices out of luck, though they tend to presumably work fine If the hacking attack is conducted within a week’s time of the iDevice’s last successful unlock.
“Starting with iOS 11.3, iOS saves the last time a device has been unlocked (either with biometrics or passcode) or was connected to an accessory or computer. If a full seven days (168 hours) elapse [sic] since the last time iOS saved one of these events, the Lightning port is entirely disabled,” Braden Thomas wrote in a blog post that can only be seen by customers of the company that makes the boxes. Thankfully, the folks over at Motherboard were able to obtain a copy. “You cannot use it to sync or to connect to accessories. It is basically just a charging port at this point. This is termed USB Restricted Mode, and it affects all devices that support iOS 11.3.”
Oddly, the security feature was removed by Apple in iOS 11.3’s final version, although that doesn’t imply that it won’t be re-integrated in a later release. Hopefully that happens, because if Apple is aware of a security flaw, it should find a way to solve the problem, and quick.