There Is No Going Dark: Another Vendor Selling Tool That Cracks All iPhones

(Mis)Uses of Technology

from the FBI's-dystopian-fiction-develops-another-plot-hole dept

The FBI continues to push its “going dark” theory. It’s not interested in the truth. It would rather have a legislative mandate or a string of favorable court decisions than utilize options vendors have made available. These are the candles the FBI will forgo to publicly curse the darkness. A recent Inspector General’s report made it crystal clear: those charged with finding a way to crack open the San Bernardino shooter’s cell phone slow-walked their search in hopes of ending up with a judicial mandate forcing Apple to crack its own encryption.

The complaints about the darkness continue, even as vendors like Cellebrite have shown they can crack any iPhone given enough money and time. There are solutions out there, but the FBI doesn’t want them. Cellebrite isn’t the only company with an iPhone crack for sale. As Joseph Cox reports for Motherboard, another device has surfaced that can brute force its way past iPhone lock screens. The FBI may continue its disingenuous push for weakened encryption, but law enforcement agencies around the nation are more than willing to pay for a solution that doesn’t involve Congressional reps or federal judges.

Grayshift has been shopping its iPhone cracking technology to police forces. The firm, which includes an ex-Apple security engineer on its staff, provided demonstrations to potential customers, according to one email.

“I attended your demo presentation recently held at the Montgomery County Police Headquarters and was pleased by your product’s potential,” an Assistant Commander from the Technical Investigations Section at the Maryland State Police wrote in an email to Grayshift in March.

The GrayKey itself is a small, 4×4 inches box with two lightning cables for connecting iPhones, according to photographs published by cybersecurity firm Malwarebytes. The device comes in two versions: a $15,000 one which requires online connectivity and allows 300 unlocks (or $50 per phone), and and an offline, $30,000 version which can crack as many iPhones as the customer wants. Marketing material seen byForbes says GrayKey can unlock devices running iterations of Apple’s latest mobile operating system iOS 11, including on the iPhone X, Apple’s most recent phone.

According to documents obtained by Motherboard, multiple state and local law enforcement agencies have purchased Grayshift’s device. The documents also show many agencies expressing an interest in picking up a GrayKey, including some at the federal level, like the DEA and, oddly enough, the FBI. The FBI doesn’t appear to have acquired one yet, but if that’s the case, it’s lagging behind local PDs with less funding and tech expertise. It’s also trailing the State Department, which has already acquired at least one of the devices.

The device comes in two flavors: an online version with a fixed number of unlocks or an offline version that retails for twice as much ($30,000) but can be used as often as the purchaser wants (or until Apple fixes the vulnerability, whichever comes first). The brute force method deployed takes anywhere from 2 hours to several days, depending on passcode complexity.

“Going dark” is a convenient lie. The FBI has been deliberately misconstruing reality for a couple of years now, beginning with then-director James Comey’s coining of the phrase. Even while Comey was peddling his “going dark” theory to security researchers, Congressional reps, and federal judges, the FBI was rarely having trouble accessing device contents. In 2016, the FBI admitted it could access the contents of passcode-protected devices 87% of the time. Somehow, despite only incremental changes in encryption offerings, the small number of locked devices has grown from ~880 to over 7,000 in two years. This suggests FBI officials are more interested in generating a “going dark” narrative than actually deploying available tech to access contents of seized devices.

The existence of another device capable of cracking iPhone encryption should be good news for the FBI. Other law enforcement agencies apparently view this as a plus. The downside for those not employed by the government is that there’s a vulnerability in iPhones Apple hasn’t fixed yet. And, given the intense secrecy surrounding vendors of exploits, we have no idea how many governments have purchased iPhone-cracking devices. It’s unlikely Hacking Team is the only exploit vendor selling to authoritarian governments and UN-blacklisted countries. It’s just the only one to have been caught doing it. An exploit is an exploit and it will be used by the good and the bad.

Not that relegating it to “good” law enforcement agencies is necessarily a huge improvement. Authoritarian regimes may use tools like this to go after critics and stifle dissent, but let’s not forget the FBI has a long history of doing exactly the same thing under the guise of protecting public safety. And, at this point, the FBI isn’t being honest about its weapons stockpiles during this Crypto Cold War. Sure, it needs to retain some sort of tactical advantage — whether it’s pursuing bad guys or legislation — but it should never be granted full credibility when it talks about thousands of unlocked phones, the coming darkness, and how much security we should be forced to give up in the name of public safety.

Filed Under: doj, encryption, fbi, going dark, hacking, iphones, smartphones
Companies: apple, cellebrite, grayshift