Yet another security company is pitching high-paying customers on the ability to possibly crack iPhones running a version of iOS 11, Forbes reports. US-based firm Grayshift is reportedly advertising access to a $15,00o tool called GrayKey that offers 300 attempts to access data on encrypted iPhones, while a pricier $30,000 version offers unlimited attempts.
In recent weeks, its marketing materials have been disseminated around private online police and forensics groups, offering a $15,000 iPhone unlock tool named GrayKey, which permits 300 uses. That’s for the online mode that requires constant connectivity at the customer end, whilst an offline version costs $30,000. The latter comes with unlimited uses.
As with Cellebrite’s claim last week, it’s unclear what specific version of iOS 11 may be vulnerable to the exploit possibly used by the security firm. For example, Grayshift could be targeting a vulnerability discovered in iOS 11.0 or iOS 11.1 that has been addressed in iOS 11.2 and later.
This is also an example of these types of firms competing against each other with such claims that do not have to be demonstrably proven.
Most customers shouldn’t be concerned with GrayKey as a security risk either. As Forbes notes, at this time the alleged exploit is quite costly so the run-of-the-mill attacker isn’t going to target just anyone without a large pay off on the other side, and the tool requires physical access to the device before the crack can be attempted.
The mention of limiting crack attempts at 300 for the $15,000 tier also implies that the method requires brute force to potentially work. According to marketing material reviewed by Forbes, that’s precisely what the firm is telling potential clients (like law enforcement) too:
The marketing doesn’t reveal just what iOS vulnerabilities GrayKey exploits to unlock iPhones. It claims GrayKey works on disabled iPhones and can extract the full file system from the Apple device, and indicates the tool would make repeated guesses at passcodes, a technique known as brute forcing, to first get into the device.
iOS includes a few basic features to protect data from basic brute force attacks: time between passcode attempts increases more and more after multiple failed passcodes, and Settings -> Passcode –> Erase Data gives your iPhone permission to erase your data after 10 failed passcode attempts.
As ever, the best method to protect yourself against such vulnerabilities is to always update to the latest version of iOS (and avoid criminal activity). You can check for the latest security update for iOS here.