Apple iPhone’s selling point for years has been security, above all else. Apple devices provided encryption that could not be bypassed even by the company, from what CEO Tim Cook had to say last year.
But all that is about to change because a security firm has developed a device that is apparently able to crack the security of any iPhone to get access to its contents. What probably prompted the creation of this device was the incident back in 2016 when the FBI was trying to get Apple to unlock the phones of the San Bernardino shooters. Apple declined and FBI discovered that there are third-party services that can break into the iPhones and used those. And we found out after that that there is a possible backdoor that can be used to break the encryption and access the password of locked iPhones.
What is surprising, is that it has been two years since that incident, and apparent a backdoor still exists through which even the iPhone X using the latest iOS 11.2.5 can be hacked.
This new device called GrayKey from the Atlanta-based company Grayshift, can hack and crack the iPhone password of locked devices. It is a gray colored device that looks similar to a Apple TV, and has two lightning cables outlets for two iPhones to be connected.
The iPhone needs to be connected for about two minutes, and then disconnected. But the cracking process does not stop here, and the iPhones will display a black screen after a while, which shows the passcode and other information. The time taken to crack passwords depends on how long and complex it, is and could take up to two days as well. Grayshift claims that even disabled phones can be cracked using this device. Once the device is unencrypted, all the device data will be downloaded to the GrayKey device.
Malwarebytes reports that the GrayKey device is available in two “flavors”. These include a $15,000 (approximately Rs 975,675) option that needs an internet connection, and is geofenced to work on a single network. There’s another $30,000 (approximately Rs 1,951,350) variant that does not require any internet connection, and can crack as many phones the owner wants. But the catch here is that it will work until Apple comes up with a patch for the backdoor this device uses.
The existence of such a device isn’t a big issue as long as its use is restricted to the law enforcement agencies. But even then, it raises the question that there is a backdoor to all Apple devices, and someone or some people already know how to use it. And until Apple recognizes these issues and comes up with a patch to fix these, there is always a shadow of doubt.