Just a month after security researchers warned the public about GrayKey iPhone cracking tool and its security risks, Motherboard, a tech and science publication site, comes with a troubling report: More and more law enforcement agencies are buying the device.
GrayKey is a device that can crack iPhones after connecting with them for just 2 minutes. It only takes 3 hours for a short passcode and three days for a 6 digit passcode to appear on the screen of the cracked iPhone. These passcodes allow GrayKey owners to access the data on them via a simple web-based interface. GrayKeys are currently so powerful they can unlock any iPhone, including the iPhoneX.
While Apple has fought long and hard to protect its users’ data and refused to unlock iPhones for the authorities, GrayShift, the company responsible for creating GrayKey, was founded in response to Apple’s refusal. According to Forbes, the company was formed by a former Apple security engineer alongside US intelligence agency contractors. Right now, the Motherboard report states that the State Department owns an iPhone cracking device like this, and other agencies are lining up to follow in its footsteps. The Secret Service wants to buy at least a half dozen GrayKeys. The Drug Enforcement Administration and the FBI are interested in purchasing GrayKeys as well.
Even with GrayKeys, the government will not stop pressuring Apple to include backdoors methods into their devices to allow for easier access. One reason for Apple’s continued stance against these backdoor measures is that Apple could make GrayKeys obsolete by identifying and patching the existing vulnerabilities GrayKey preys on.
Until that happens, the authorities have the means to access any iPhone at their disposal. Additionally, as it now stands, only law enforcement agencies can purchase GrayKeys from GrayShift’s website. If a GrayKey ends up on the black market or is replicated, this could spell trouble for all iPhone users, not just those currently under investigation.