iOS 12 defeats law enforcement’s GrayKey iPhone unlocker

By

GrayKey can bypass iPhone security
GrayKey can still unlock iPhones but can no longer unencrypted their contents.
Photo: Ed Hardy/Cult of Mac

Apple has apparently won a victory in preserving the privacy of iPhone users. Previously, even if an iOS device was secured with a password, police could use the GrayKey unlocking tool to access the contents. But that changed with iOS 12. 

This hacking tool reportedly became nearly useless with the release of Apple’s latest operating system.

GrayKey works by getting around limits on the number of times a password can be entered into the iOS device, and how quickly. Once the passcode has been bypassed, the device can download the entire contents of the phone or tablet.

Locking out GrayKey

It’s that latter function that iOS seems to have disabled. Once a device has been unlocked, GrayKey can only extract unencrypted files and metadata, according to Forbes. Because any passcode-lacked iPhone automatically encrypts the contents of the device, police aren’t able to access much.

No one knows what changed in iOS 12 to make the unlocking tool useless.  “It could be everything from better kernel protection to stronger configuration-profile installation restrictions,” Vladimir Katalov, CEO of cybersecurity firm Elcomsoft, told Forbes.

It’s possible Grayshift, maker of Greykey, will eventually find a workaround. It has plenty of reason to: it has sold this hacking tool to both local and national law enforcement agencies.

This is all part of an ongoing fundamental difference in perspective between Apple and law enforcement agencies. The iPhone maker regards privacy as a fundamental human right, and does everything it can to secure its devices. Police want access to information stored on all types of computers used in crimes.