GrayKey is all the rage in the law enforcement community because it makes cracking your iPhone’s passcode simple and fast. If police can get the pocket-size device, then eventually hackers will, too. That means if you aren’t using a strong passcode to protect your iPhone it’s time to rethink that strategy.
What is GrayKey
GrayKey is a little box from Grayshift that cracks the passcode on iPhones. You plug an iPhone into the device, and after a few minutes or hours depending on the length of your passcode, it spits out your code. With that in hand, anyone can log in to your iPhone and access all of its contents.
GrayKey is available only to law enforcement agencies, and it isn’t cheap. For US$15,000 you can get a version of the device that’s permanently locked to your network, or for $30,000 you can get one that works anywhere.
Security research company Malwarebytes described how the device works saying,
Two iPhones can be connected at one time, and are connected for about two minutes. After that, they are disconnected from the device, but are not yet cracked. Some time later, the phones will display a black screen with the passcode, among other information. The exact length of time varies, taking about two hours in the observations of our source. It can take up to three days or longer for six-digit passcodes, according to Grayshift documents, and the time needed for longer passphrases is not mentioned. Even disabled phones can be unlocked, according to Grayshift.
Grayshift doesn’t say how the device works, so it’s unclear if your iPhone is compromised in any other way after the passcode is retrieved.
iPhone Passcodes Explained
Four-digit passcodes seemed strong enough back in the iPhone’s early days. In recent years Apple has been pushing users into six-digit codes because they’re harder to hack. Six-digit codes are the default in iOS now, and you have to specifically choose to use a four-digit code. Hint: Don’t do that.
iOS also lets you set longer passcodes, and passcodes that include letters and punctuation symbols. The idea being it gets substantially harder to hack a passcode as it gets longer and more complicated.
Locking your iPhone with a passcode is smart because it helps protect personal information, plus without a passcode you can’t enable Apple Pay.
GrayKey and the Case for Strong Passcodes
GrayKey devices are sold only to law enforcement agencies, but that doesn’t mean they won’t eventually fall into the wrong hands. And if Grayshift figured out how to do this, it’s a safe bet other companies have, or are at least in the process.
Cellebrite, for example, has also been providing law enforcement with iPhone unlocking services. The company was in the spotlight in 2016 when the FBI used their services to gain access to an iPhone recovered from the San Bernardino mass shooting. The phone was used by Syed Farook, and the passcode was lost when he died in a shootout with police.
[FBI Turns to Cellebrite to Unlock Syed Farook’s iPhone]
[Cellebrite Hacked, Reaffirming Apple’s iOS No-backdoor Stance]
Cellebrite’s servers were hacked in 2017, showing that even when companies take measures to keep their iPhone hacking technology safe it isn’t always secure.
Matthew Green, a cryptography instructor at Johns Hopkins, says passcode cracking doesn’t take much time at all. He says in can take only 13 minutes to find a four-digit code, and less than a day for a six-digit code.
Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling):
4 digits: ~13min worst (~6.5avg)
6 digits: ~22.2hrs worst (~11.1avg)
8 digits: ~92.5days worst (~46avg)
10 digits: ~9259days worst (~4629avg)— Matthew Green (@matthew_d_green) April 16, 2018
Since we know companies are selling tools to crack our iPhone passcodes, and those tools may not always be under the control of law enforcement, anything we can do to make hacking into our devices harder sounds like a great idea. We can’t change the built-in security measures, but we can set longer and more complex passcodes.
[How to Set an Alphanumeric Passcode on Your iPhone or iPad]
Apple is no doubt working to eliminate possible passcode hacking vulnerabilities. Some may be fixable with software updates, but others may require hardware changes. We can use our passcodes to make the hacking process more difficult for now, and maybe it’ll be even harder when Apple finds new ways to beef up iPhone security.
Available only to Law Enforcement? Hardly.
I’m sure they try but it’s been out a month or so now. I am absolutely sure that one was bought by the “Bogus County Sheriff’s Office” or something like that and found its way into the bad guys hands. I suspect the Russians and Chinese have several. The Chinese ones are being copied and rip off versions will hit the streets any day now for $100. More importantly I am absolutely sure Apple has been able to get their hands on one ande is, as we speak using it to come up with a patch to close this hole. So yes the company may say that they only sell to law enforcement agencies, but if they get an order with a certified check from the Security Services of Lower KAOS they will sell it to them.
Good point about the passwords. I use a six digit number because it was a good compromise between convienience and security. I guess I will need a stronger one though. This week’s project.