‘Graykey’ Tool Used by Law Enforcement Can Only Partially Unlock iOS 18 Devices
Graykey, a forensics tool used by law enforcement officials to break into locked iPhones, has limited access to iOS 18 and iOS 18.0.1, 404 Media recently learned. The site secured documents that describe Graykey’s functionality in-depth, giving us a look at what the device is capable of.
Graykey parent company Magnet Forensics does not share information about the tool, and complete details about the devices that Graykey can unlock have not surfaced before.
Most iPhones that run iOS 18 or iOS 18.0.1 are listed as eligible for a “partial” unlock, though the iPhone 11 models can seemingly be unlocked in full. Data on iOS 18.1, a newer version of iOS, isn’t included in the document, but iOS 18.1 betas were listed as inaccessible.
It’s not clear what “partial” access means or what data can be garnered from iPhones with that access listing, but it might mean that law enforcement are limited to unencrypted files, file size information, and folder structure. On more vulnerable devices, Graykey can unlock an iPhone with a 4-digit passcode in mere minutes, while longer passcodes can take hours.
Graykey takes advantage of iPhone vulnerabilities to unlock devices, and its capabilities can change as Apple patches security flaws. In 2018, for example, Apple disabled Graykey with an update to iOS 12, but new vulnerabilities were found that restored functionality. Eventually, Magnet Forensics may be able to find a flaw that will allow Graykey to get into iOS 18 devices as well.
Earlier this year, a leak from Israel-based mobile forensics company Cellebrite suggested that its tools are unable to unlock iPhones that are running iOS 17.4 or later, but it is now able to access devices running iOS 17.5.1.This article, “‘Graykey’ Tool Used by Law Enforcement Can Only Partially Unlock iOS 18 Devices” first appeared on MacRumors.comDiscuss this article in our forums
Graykey, a forensics tool used by law enforcement officials to break into locked iPhones, has limited access to iOS 18 and iOS 18.0.1, 404 Media recently learned. The site secured documents that describe Graykey’s functionality in-depth, giving us a look at what the device is capable of.
Graykey parent company Magnet Forensics does not share information about the tool, and complete details about the devices that Graykey can unlock have not surfaced before.
Most iPhones that run iOS 18 or iOS 18.0.1 are listed as eligible for a “partial” unlock, though the iPhone 11 models can seemingly be unlocked in full. Data on iOS 18.1, a newer version of iOS, isn’t included in the document, but iOS 18.1 betas were listed as inaccessible.
It’s not clear what “partial” access means or what data can be garnered from iPhones with that access listing, but it might mean that law enforcement are limited to unencrypted files, file size information, and folder structure. On more vulnerable devices, Graykey can unlock an iPhone with a 4-digit passcode in mere minutes, while longer passcodes can take hours.
Graykey takes advantage of iPhone vulnerabilities to unlock devices, and its capabilities can change as Apple patches security flaws. In 2018, for example, Apple disabled Graykey with an update to iOS 12, but new vulnerabilities were found that restored functionality. Eventually, Magnet Forensics may be able to find a flaw that will allow Graykey to get into iOS 18 devices as well.
Earlier this year, a leak from Israel-based mobile forensics company Cellebrite suggested that its tools are unable to unlock iPhones that are running iOS 17.4 or later, but it is now able to access devices running iOS 17.5.1.
This article, “‘Graykey’ Tool Used by Law Enforcement Can Only Partially Unlock iOS 18 Devices” first appeared on MacRumors.com
Discuss this article in our forums