Apple Might Have Made It Harder for the Police to Crack iPhones Passcodes
iOS 12 might have raised the cybersecurity ante.
Apple has reportedly upped iOS 12’s security measures even more than previously expected. The software update has been said to be immune to one of the iPhone’s biggest weaknesses, the GrayKey password cracker employed by United States law enforcement using the device’s lighting port.
It’s unclear what might have changed or when the security patch could have rolled out. However, a police captain from Minnesota and cybersecurity experts both told Forbes that GrayKey has failed to break into iPhones running iOS 12 or later.
This wouldn’t be the first time Apple releases an anti-hacking feature to its mobile devices. The July iOS 11.4.1 patch included USB Restricted Mode, which was designed to keep a USB connection from being able to download data through the Lightning port and use it to crack the iPhone or iPad’s passcode.
It’s possible that this alleged security patch addressed the USB Restricted Mode exploit. But keep in mind that cybersecurity is a never-ending cycle and people are likely already searching for another way to sidestep this reported update.
iOS 12 Security: What is GrayKey
GrayKey was developed by Grayshift, an Atlanta-based startup, and sold to the U.S. government as a means to sidestep iPhone passwords when part of police investigations. Originally, it would brute force its way into Apple phones, or randomly guess number combinations until it gained access but Forbes reports this is no longer the case.
The publication cited anonymous sources familiar with the tool that said it is now limited to “partial extraction” of data. This means it can only retrieve unencrypted information and certain metadata — for example file sizes and folder structure — which won’t likely be enough to gain full access to a given device.
iOS 12 Security: Privacy Is A Big Priority For Apple
This news comes days after Apple CEO Tim Cook attended the 40th International Conference of Data Protection and Privacy Commissioners in Brussels, Belgium. The executive’s keynote was primarily a call to action for the U.S. government to introduce privacy laws to protect American users against what he called a snowballing “data industrial complex.”
Cook later tweeted the four core ideas he believes such privacy legislation should be centered around. The final one specifically mentioned data security.
“And fourth, everyone has a right to the security of their data. Security is at the heart of all data privacy and privacy rights,” he wrote.
While Apple has not confirmed efforts to specifically make iPhones more resilient against GrayKey, a patch like that conspicuously aligns with Cook’s statements. For their part, Apple did not respond to a request for comment, but we will update if we hear back.