Hide UI is sneaky spyware law enforcement can use to steal iPhone passcodes

By

iPhone passcode limit can be bypassed with a keyboard
Spyware could help law enforcement figure out passcodes.
Photo: Ed Hardy/Cult of Mac

Grayshift, a company which creates iPhone-cracking tech for use by law enforcement, has reportedly developed software that can be used to break into suspects’ iPhones.

Described in a recent article by NBC News, the Hide UI spyware works not by cracking the code needed to unlock an iPhone, but rather logging it when the user accesses their device. Here’s how it works.

Hide UI is, essentially, spyware that can be installed on a suspect’s handset. It is used as an alternative to cracking an iPhone if this is proving difficult. Instead, the software is installed covertly. A scenario is then set up in which a seized device is given back to the suspect. One law enforcement official who spoke with NBC News said that a suspect may be given the phone so they can ostensibly call their lawyer.

When they unlock their phones, the keycode is stored in a text file which can then be extracted. As a result, law enforcement can log into the phone on their own. Hide UI also disables airplane mode and stops anyone from wiping the device.

“It’s great technology for our cases, but as a citizen I don’t really like how it’s being used,” an anonymous law enforcement official said. “I feel like sometimes officers will engage in borderline and unethical behavior.”

Controversial tools

The use of tools that can break into suspects’ phones is controversial. Apple has previously refused to help unlock certain iPhones in criminal investigations if this means creating a backdoor for law enforcement to access users’ private data. Apple says that weakening encryption could create bigger problems. It would also open up the possibility of malicious attacks.

NBC News notes that tools like Hide UI present major ethical issues. For instance, they may be used without due process, such as warrants. The publication quotes Jennifer Granick, an attorney from the ACLU: “This is messed up. Public oversight of policing is a fundamental value of democracy. With these kinds of novel tools we see a real desire for secrecy on the part of the government.”

John Gruber of Daring Fireball fame noted Wednesday that, “anyone who trusts their device after they know it’s been in the hands of law enforcement is a fool. You’d have to be pretty stupid to fall for this, but there are a lot of stupid people out there.”