In 2016, the FBI’s legal quest to force Apple to unlock the iPhone 5c of the San Bernadino shooter brought the issue of phone encryption fully into the public conciousness. Although people generally knew that smartphones were secure, it wasn’t until the highly public court case that people realized even the country’s top law-enforcement agency couldn’t easily crack basic consumer hardware.
Trying to break the encryption on the iPhone is a constantly-evolving cat-and-mouse game, and not many law enforcement agencies are capable of taking part. Rather than hiring their own cryptographers, law enforcement around the country instead buys “exploits” from hacking firms, who sell their technology to anyone who can pay tens of thousands of dollars. A new type of iPhone cracker, called the GrayKey, is a simple-to-use box that can reportedly crack the latest iPhone X running iOS 11, and as you’d expect, cops are lining up to buy it.
Motherboard has used public records requests to discover that police forces and federal agencies “around the country” have bought GrayKey boxes to unlock iPhones and bypass their encryption. According to Motherboard‘s reporting, regional police forces including Maryland State Police and Indiana state police have bought GrayKey boxes. A who’s who of federal agencies, including the Secret Service, FBI, State Department, and the DEA have reportedly either bought the box or are planning too.
The GrayKey device has been known about since March, and it’s unusually reliable and simple to use, according to what we know about it. The device comes in two flavors: The cheaper model costs $15,000, requires an internet connection, and is limited to 300 unlocks, while the $30,000 version will crack as many iPhones as you can throw at it. The exact exploit it uses isn’t known, but it seems to be some form of brute-force hacking. The device is plugged into the box via a built-in Lightning connector, and then the box methodically tries combinations to unlock it. A six-digit passcode can be thwarted in three days, but simpler four-number codes can be cracked in two hours. The device could be practically defeated by using a long alphanumeric passcode.