Two days ago, on June 13, Apple reported to The New York Times that it would bring a new security feature that’s to fix the technological hole of iPhones. This has angered law enforcement officials but has received the support of privacy advocates.
The new feature, called USB Restricted Mode manages the security of the said devices, where it can’t be unlocked after remaining locked with a password for one hour. But the company Grayshift may just have beaten the security measure in beta mode.
Grayshift USB Restricted Mode is a new technology named GrayKey, is an increasingly popular iPhone cracking tool. A recent email from a forensic expert who is supposed to meet the company soon reads: “Grayshift has gone to great lengths to future-proof their technology and stated that they have already defeated this security feature in the beta build. Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on. They seem very confident in their staying power for the future right now.”
Most interestingly, a second expert responding to the email added that Grayshift already addressed USB Restricted Mode several weeks ago in a webinar. Now, according to multiple sources, Grayshift is in good terms with local, state and even federal law enforcement agencies. This includes the US Secret Service, DEA, and the FBI. New emails indicate that the New York State Police is conversing with the company presently.
As for the technology, GrayKey is a small box with lighting cables to connect two iPhones simultaneously. Technical details are undisclosed, but it is expected that it uses techniques for exploring various passcode combinations.
As per company slides, there are two strategies GrayKey uses: Before First Unlock or BFU, and After First Unlock or AFU. BFU is a ‘slow brute force’ taking 10 minutes per try and opening access to limited data. AFU, on the other hand, is a ‘fast brute force’ that seemingly takes the phone to the point where it was unlocked by the owner. It enables 300,000 tries for ‘parallel extraction of pre-unlocked data.’ The slides say that 95% of user data becomes instantly available for access.
However, Apple’s USB Restricted Mode is coming to the users with the upcoming iOS 12 update that’s slated to release by the end of June. It is likely to severely limit the AFU, as the lighting port will go majorly useless once an hour passes without unlocking the iPhone.