Instructions on how to brute force and then extract data from an iPhone – including the latest iPhone 12 – using a GrayKey device have been seen by Motherboard and it’s just as grim as you might think.
Procured via a freedom of information request and seemingly written by the San Diego Police Department, the document details what police can and cannot do with a GrayKey device – so long as they have a legal right to do so of course.
The instructions describe the various conditions it claims allow a GrayKey connection: the device being turned off (known as Before First Unlock, or BFU); the phone is turned on (After First Unlock, or AFU); the device having a damaged display, and when the phone has low battery.
The document goes on to state that the agent used to unlock an iPhone can be installed even when the device has “2 to 3% battery life” left.
The use of an alphanumeric passcode is thought to be one way to try and scupper GraKey’s ability to brute force a device, but that likely isn’t the case if real-world words are used. Instead, a mishmash of random letters and numbers generated by a password manager would be a better option.
One section of the instructions also describes how to brute force an alphanumeric passcode. Many iPhone users have purely numerical passcodes, only made up of numbers. An alphanumeric passcode also uses letters, so has more characters options, and can generally be more resilient to brute force attempts if it uses a random series of characters. If the device uses an alphanumeric passcode containing real words however, that may make cracking the passcode easier thanks to word lists; long lists of human readable words.
You can read more about what Motherboard saw in the original Vice piece and it’s interesting reading for anyone who is concerned about law enforcement’s potential access to their devices and data.
Apple is in a constant cat-and-mouse chase with devices like the GrayKey as it tries to ensure that data held on iPhones and iPads is as safe as possible. It’s something that has drawn the ire of law enforcement officials before, with Apple itself often unable to access the data living on encrypted iPhones.
A locked and turned-off iPhone is the best iPhone in terms of security, but even then it seems GrayKey might be able to find a way in.