Olivia Solon, reporting for NBC News:
Software called Hide UI, created by Grayshift, a company that
makes iPhone-cracking devices for law enforcement, can track a
suspect’s passcode when it’s entered into a phone, according to
two people in law enforcement, who asked not to be named out of
fear of violating non-disclosure agreements. […]
The GrayKey device, first revealed by Forbes and detailed by
security blog Malwarebytes, is a small box with two iPhone
lightning cables sticking out of it that was launched in March
2018. Law enforcement officials can plug any recent model of
iPhone into the cables to install an “agent” (a piece of software)
on the device. The agent then attempts to crack the passcode,
offering an estimate for how much time it might take.
In order for this feature to work, law enforcement officials must
install the covert software and then set up a scenario to put a
seized device back into the hands of the suspect, said the people
familiar with the system. […] For example, a law enforcement
official could tell the suspect they can call their lawyer or take
some phone numbers off the device. Once the suspect has done this,
even if they lock their phone again, Hide UI will have stored the
passcode in a text file that can be extracted the next time the
phone is plugged into the GrayKey device. Law enforcement can then
use the passcode to unlock the phone and extract all the data
stored on it.
Anyone who trusts their device after they know it’s been in the hands of law enforcement is a fool. You’d have to be pretty stupid to fall for this, but there are a lot of stupid people out there.
Grayshift, you will recall, was cofounded by Braden Thomas, who spent six years at Apple as a security engineer, and who is, to say the least, not popular with his former colleagues. “What a fucking piece of shit,” one former Apple engineer told me of Thomas back in January.
★ Wednesday, 20 May 2020