Apple has rolled out a new security feature in its latest
iOS 11.4.1 and iOS 12 developer betas that will prevent people from using
GrayKey devices to gain access to locked iPhones. The feature will make it to
future stable releases as well.
GrayKey is a device that plugs into your iOS device over the
Lightning connector. Modern iOS devices use encryption to block access to data
unless the device is unlocked and GrayKey tries to brute force its way through
the encryption. Over the period of a few hours to days, the GrayKey can
eventually unlock the iOS device. These devices can cost about $15,000 for 300
unlocks or up to $30,000 for unlimited unlocks.
The way Apple's latest security update works is that it
locks the Lightning port when the device hasn't been unlocked for an hour. Once
an hour has passed since the last time the user has unlocked the device, the
Lightning port blocks data access and can only be used for charging the device
until it is unlocked by the user again. This gives someone trying to access the
data a small window of time, during which it is unlikely to decrypt the device,
making it largely useless.
GrayKey has been used by hackers but most popularly by law
enforcement agencies to gain access to locked iPhones. Although none of the law
enforcement organizations will admit to using these devices, investigation by
Motherboard has revealed that they often resort to it.
Apple, in its statement said that they are not doing this to
antagonize law enforcement and that it is meant to "help customers defend
against hackers, identity thieves, and intrusions into their personal
data". But this isn't the first time Apple has taken a stance against law
agencies to safeguard user data. And since agencies like the FBI won't even
admit to using GrayKey, they don't have anything to worry about, right? Right.
Comments
Post a Comment