A product made by Cellebrite competitor GrayKey is raising security concerns over a standalone device capable of unlocking iPhones.
While Cellebrite requires law enforcement agencies to submit the device for unlocking, the new product is sold directly to law enforcement and can be used at will in both in the form of a geolocked $15,000 device which requires an internet connection and an unlocked $30,000 device that can be used anywhere and offline.
GrayKey is a privately held company with fewer than 50 employees that was founded in 2016 and is based in Atlanta, according to a March 14 Malwarebytes blog post. The company’s website is protected by a portal that screens for law enforcement affiliation and the product is marketed for in-house use at law enforcement offices or labs.
The product itself is a gray box four inches deep by two inches tall, with two lightning cables sticking out of the front. Up to two phones can be plugged into the device at a time and are connected for about two minutes.
After which, the devices aren’t yet unlocked but sometime later the phone will display a black screen detailing the devices passcode in what could take as little as two hours or more than three days for six digit passcodes.
It’s unclear exactly what methods are used to crack the phones but Ryan Duff, director of cyber solutions at Point3 Security told Forbes the process most likely exploits a zero day vulnerability in Apple’s Secure Enclave, the isolated chip in iPhones that handles encryption keys.
“Without breaking the encryption, you will always be forced into a brute force situation,” Duff told the publication. “That doesn’t mean they are using the exact same exploit that Cellebrite is using. It’s possible they are different. But the process post-exploitation is almost certainly the same.”
Regardless of the methodology, Malwarebytes researchers said the device raises security concerns as the the standalone device itself could easily be pocketed, especially with the $30,000 model which could be used anywhere and without and internet connection.
Furthermore it is unclear if the exploitation techniques could be gleaned off cracked devices or if the methods could be accessed from law enforcement once information is downloaded from the locked devices.
While Apple didn’t specifically comment on the device, the company told SC Media that it’s important for customers to always download the latest copy of the iOS to make sure they have all of the latest protections and that security is an ongoing process.