Pixel Envy

Written by Nick Heer.

In Addition to Cellebrite, a Second Firm Offers Late-Model iPhone Unlocking Services

Thomas Fox-Brewster, Forbes:

Just a week after Forbes reported on the claim of Israeli U.S. government manufacturer Cellebrite that it could unlock the latest Apple iPhone models, another service has emerged promising much the same. Except this time it comes from an unkown entity, an obscure American startup named Grayshift, which appears to be run by long-time U.S. intelligence agency contractors and an ex-Apple security engineer.

In recent weeks, its marketing materials have been disseminated around private online police and forensics groups, offering a $15,000 iPhone unlock tool named GrayKey, which permits 300 uses. That’s for the online mode that requires constant connectivity at the customer end, whilst an offline version costs $30,000. The latter comes with unlimited uses.

I don’t imagine Apple’s legal department is particularly thrilled that one of their ex-employees is helping crack device security measures.

At any rate, that’s now two firms that have similar intrusion capabilities using methods that they won’t report to Apple because their business models depend on their not doing so. That means that all iPhone owners are walking around with serious — albeit perhaps hard-to-exploit — vulnerabilities in their device’s security architecture. At least Apple may be able to surreptitiously acquire a copy of GrayKey and patch the vulnerabilities it uses.