GrayKey

It’s time to stop using that useless six-digit passcode on your iPhone. Now that cops around the United States are going crazy for the GrayKey, a little box that can crack your iPhone’s passcode in hours, it has become clear that the iPhone’s regular six-digit numerical code is no longer secure.

Plus, now that GrayKey is available, it won’t be long before they’re in the hands of the bad guys, too, if they’re not already. In fact, instructions on how GrayKey works surfaced online last month.

The good news is, it’s super-easy to change your iPhone passcode to something a lot better. The bad news? There actually isn’t any, unless you already have the cops trying to break into your iPhone — in which case you’ve got plenty of bad news already.

Revelations that the FBI has access to a tool that can unlock data on secure iPhones are raising questions as to why the agency is demanding Apple help to create a “backdoor” to recover data on the iPhones of a Florida shooting suspect.

Apple has apparently won a victory in preserving the privacy of iPhone users. Previously, even if an iOS device was secured with a password, police could use the GrayKey unlocking tool to access the contents. But that changed with iOS 12. 

This hacking tool reportedly became nearly useless with the release of Apple’s latest operating system.

Yesterday, Apple’s iOS 11.4.1 update secured the USB Lightning port on iPhones and iPads. And already there is a workaround, allowing cops and criminals to retain access to the port, and then use their hacking tools to extract your private data.

The iOS version debuting today partially deactivates the Lightning port after an iPhone hasn’t been used for an hour. This makes iPhone hacking more difficult, for both criminals and law enforcement.

Previously, this feature was available in iOS betas. iOS 11.4.1 is the first time it’s been in a public version.

Companies like Grayshift help police bypass the passcodes on locked iPhones. One might think that this requires some byzantine hacking skills. Apparently not.

A hacker reports that iOS has a soft spot when it comes to external keyboards, allowing someone to send as many passcode attempts as desired. The passcodes have to be submitted correctly, though.

Apple put a feature in the first iOS 12 beta designed specifically to thwart iPhone unlocking tools that use the Lightning port to get access to the device. But Grayshift, maker of a prominent unlocking tool, says it already has a workaround.

This is good news for the many law enforcement agencies around the U.S.  who’ve invested in Grayshift’s GrayKey unlocker. It’s not so good for anyone who wants to be sure their iPhone can’t be hacked.

The just-released beta of iOS 12 can be set to partially deactivate the Lightning port after an iPhone hasn’t been used for an hour. This is a clear attempt to make useless the unlocking tools employed by law enforcement.

Police across the country are purchasing a tool called GrayKey. When hooked to an iPhone’s Lightning  port, this swiftly enters thousands of passcodes until the correct one is reached. Deactivating the Lightning port would block its use.

Apple hasn’t found the security holes that iPhone unlocking tools use, but iOS 11.3 took a step that makes these cracking devices less useful. Police now have a limited amount of time to circumvent the user’s passcode before it becomes impossible.

This is part of an ongoing struggle between Apple and law enforcement agencies. The iPhone maker wants to protect the privacy of users, while police want access to information stored on devices used in crimes.

Police around the country are buying and using iPhone unlocking tools like GrayKey. These allow access to the contents of encrypted devices involved in crimes.

GrayKey is fairly expensive, and its maker can’t guarantee how long it will work. It depends on a iOS security flaw known only to its maker, and Apple could close this hole at any time. Nevertheless, law enforcement agencies are taking the risk.