GrayKey is a device that has the capability of “crowbarring” its way through the passcode lock of an iPhone without triggering the “too many attempts” prompt. The device possesses the capability to unlock iPhone X and below running iOS 9 – iOS 11. It seems that with iOS 12 being on 50% of iOS devices, the box will soon be obsolete.
GrayKey’s parent company Grayshift is an Atlanta based start-up which looks to cater to an exclusive audience: US government and security agencies. Their expertise comes with the help of one of the founders who is an ex-Apple Security Engineer. The device was primarily contracted out to Immigration and Customs Enforcement (ICE) and the Secret Service.
GrayKey has 2 packages; for $30,000, clients can have unlimited unlocks for a year and the service is offered online. The $15,000 package gives 300 unlocks for the whole year, but device has to be sent to Grayshift.
It seems that Grayshift is having a hard time with bypassing the unlock restrictions featured in iOS 12.
The issue of protecting consumer data became a hot topic after the 2015 San Bernadino shooting. The perpetrator’s iPhone 5C was recovered but Apple refused to help FBI unlock the device. The company stayed firm on their stance of protecting data and was against creating a backdoor. It was later revealed that the FBI paid $900,000 to an unnamed security contractor to have the iPhone unlocked.
The revelation comes at a time when Tim Cook just delivered a talk in Brussels on how essential consumer data protection and privacy is. Specifically, how US companies need to learn to bridge that gap with consumers in light of EU’s GDPR legislation. Apple also recently expanded their privacy options to allow US consumers to download a copy of all their data linked to their Apple ID.
Apple and Grayshift offered no comment on the new security measure installed for protecting consumer data with iOS 12, but a police officer in the US gave his expert opinion. Captain John Sherwin of the Rochester Police Department in Minnesota stated “Give it time and I am sure a ‘workaround’ will be developed … and then the cycle will repeat. Someone is always building a better mousetrap, whether it’s Apple or someone trying to defeat device security.”