Last week there were multiple reports that Petah Tekvah, Israel based Cellebrite could unlock any iPhone up to and including the iPhone X running the most current version of the Apple OS, but you had to send the phone to them along with a check for $1,500, per phone.
This week there is a report that Grayshift, an American startup, is reporting that it too can unlock your iPhone for the cops.
Wait, I just got a phone call. My grandmother says that she can unlock any iPhone and she will do it for free. Just kidding about that one, but two different companies, one week apart are saying they can hack any iPhone. This seems really strange.
Grayshift was apparently founded by some U.S. intelligence community contractors and a former Apple security engineer.
They are privately circulating a data sheet that says that if you buy their software you can unlock 300 phones for $15,000 or an unlimited number of phones for $30,000. The cheap version (a relative term) must be used online (so, I assume, that you cannot cheat them); the expensive version can be used offline since it doesn’t need to keep track of how many phones you have unlocked.
The software itself is called GrayKey.
Apparently, right now, GrayKey will only unlock phones running iOS 10 and 11 – which is likely the majority of iPhones, but a version that will unlock iOS 9 is coming soon.
One guess is that these firms have figured out how to hack into Apple’s Secure Enclave, the heart of the security of the iPhone. *IF* that is true, that is a real problem. Of course Apple could figure out what both of these firms are doing and make them start over. In the case of GrayKey, since the system is delivered to a paying customer, if Apple engineers can, somehow, get access to the system they can probably figure out what the software exploits.
It is also speculated that the attack might be a brute force attack, meaning that it starts with “A” and goes to “B” and then “C” and so on until it unlocks the phone. Again, *IF* this is true, the longer the password is, the harder it is to use this technique. For example, if the password is 8 characters and only uses letters and numbers, then there are ONLY 218,340,105,584,896 or 218 trillion possible guesses. On the other hand, a 12 character password raises that number to 3,226,266,762,397,899,821,056 or 3 sextillion possibilities. Passwords longer than 12 characters would require even more guesses.
The moral of this story is that long passwords, even with just upper and lower case letters plus numbers and no special characters will take a long time to crack. One article said that a 12 character password would take 200 years to crack at a billion guesses per second. If it does take that long, even if they do succeed, you won’t care. Using that same billion guesses a second, an 8 character password would only take 60 hours.
I think this story is not over; stay tuned for updates.
Information for this post came from Forbes.