How many of you remember the time that Apple went head to head with the FBI over the security of their iPhones? Apple has long touted the security of their devices, and for a long time they were right. But, what you probably don’t realize is that the FBI eventually backed down from Apple after they found a third party solution to hacking the iPhone. What’s even more disturbing is that this hack, and a device known as GrayKey that performs the hack, seems to still exist and can even be used to hack modern iPhones such as the iPhone X.
GrayKey was first detailed in a post from Malwarebytes, and it looks a lot like an Apple TV, but with two lightning cables on the end. Two phones can be connected for about two minutes and then unplugged and in a matter of minutes, they can be unlocked. The hack itself is all done on the iPhone, so it seems that GrayKey loads something onto them to perform the hack.
In a way GrayKey jailbreaks the phone and then runs the hack. After a few minutes, the phone is unlocked and the entire contents of the phone is then dumped on the GrayKey device. Authorities or whoever else has one of these devices can then browse everything on your phone, including pictures, apps, emails, texts…everything.
According to Malwarebytes, GrayKey comes in two different versions. The first costs $15,000 and requires an Internet connection and is geofenced to a single location. The second, at a cost of $30,000, will let you use GrayKey without Internet and allow you to take the device anywhere you want. Currently, these devices are in use by law enforcement across the country, so you shouldn’t have to worry about hackers getting ahold of your phone and using the data against you. But, it could only be a matter of time and it does bring to light more questions about privacy and what rights law enforcement have to the data on your smartphones.
What isn’t clear is if GrayKey is using a backdoor that was built by Apple or simply exploiting a current security flaw in iOS that Apple has yet to patch. What’s more alarming, in my mind, is that someone found a way to crack Apple’s encryption, and that could spell trouble for us all, and not just from law enforcement. If one person did it, sooner or later someone else will, too. And they could use it for far more nefarious purposes.
If it is a legit backdoor built by Apple, we will never know about it. After all, that’s the whole point of backdoors, but regardless Apple’s boasting about security may have to come to an end. How secure is the iPhone really if a third party can hack it and then profit off that hack from government agencies?
What do you think about this latest security news? Does it make you worry about the security of Apple or do you believe that it doesn’t really apply to you and how you use your smartphone? Tell me your thoughts in the comments below.