Police Now Have Ability to Unlock Phones
A decryption device called GrayKey is being used by all manner of government agencies.
A new report says law enforcement agencies around the country have purchased a device that can access even the latest iPhones.
Vice’s Motherboard (“Cops Around the Country Can Now Unlock iPhones, Records Show“):
FBI Director Christopher Wray recently said that law enforcement agencies are “increasingly unable to access” evidence stored on encrypted devices.
Wray is not telling the whole truth.
Police forces and federal agencies around the country have bought relatively cheap tools to unlock up-to-date iPhones and bypass their encryption, according to a Motherboard investigation based on several caches of internal agency documents, online records, and conversations with law enforcement officials. Many of the documents were obtained by Motherboard using public records requests.
The news highlights the going dark debate, in which law enforcement officials say they cannot access evidence against criminals. But easy access to iPhone hacking tools also hamstrings the FBI’s argument for introducing backdoors into consumer devices so authorities can more readily access their contents.
“It demonstrates that even state and local police do have access to this data in many situations,” Matthew Green, an assistant professor and cryptographer at the Johns Hopkins Information Security Institute, told Motherboard in a Twitter message. “This seems to contradict what the FBI is saying about their inability to access these phones.”
As part of the investigation, Motherboard found:
- Regional police forces, such as the Maryland State Police and Indiana State Police, are procuring a technology called ‘GrayKey’ which can break into iPhones, including the iPhone X running the latest operating system iOS 11.
- Local police forces, including Miami-Dade County Police, have also indicated that they may have bought the equipment.
- Other forces, including the Indianapolis Metropolitan Police Department, have seemingly not bought GrayKey, but have received quotations from the company selling the technology, called Grayshift.
- Emails show the Secret Service is planning to buy at least half a dozen GrayKey boxes to unlock iPhones.
- The State Department has already bought the technology, and the Drug Enforcement Administration is interested in doing so.
The GrayKey itself is a small, 4×4 inches box with two lightning cables for connecting iPhones, according to photographs published by cybersecurity firm Malwarebytes. The device comes in two versions: a $15,000 one which requires online connectivity and allows 300 unlocks (or $50 per phone), and and an offline, $30,000 version which can crack as many iPhones as the customer wants. Marketing material seen by Forbes says GrayKey can unlock devices running iterations of Apple’s latest mobile operating system iOS 11, including on the iPhone X, Apple’s most recent phone.
The issue GrayKey overcomes is that iPhones encrypt user data by default. Those in physical possession normally cannot access the phone’s data, such as contact list, saved messages, or photos, without first unlocking the phone with a passcode or fingerprint. Malwarebytes’ post says GrayKey can unlock an iPhone in around two hours, or three days or longer for 6 digit passcodes.
And police forces are ready to use GrayKey. David R. Bursten, chief public information officer from the Indiana State Police, wrote in an email to Motherboard that the force had only recently obtained the GrayKey device, but that “this investigative tool will be used, when legally authorized to do so, in any investigation where it may help advance an investigation to identify criminal actors with the goal of making arrests and presenting prosecutable cases to the proper prosecuting authority.”
To be clear, the FBI already makes heavy use of technology similar to GrayKey, and spends millions of dollars on equipment that cracks phones without using mandated backdoors. Motherboard previously found that the FBI bought over $2 million worth of forensics tools from established vendor Cellebrite. Back in 2016, the Bureau’s General Counsel said the FBI could unlock most phones it seized.
In March, the New York Times reported that FBI and Justice Department officials have reignited the hunt for backdoors, and have been quietly meeting with security researchers. And earlier this month, Cyberscoop reported that staffers of the Senate Judiciary Committee have been contacting US tech companies regarding potential future legislation around encryption.
Adding an iPhone backdoor, by its nature, adds new vulnerabilities into a otherwise fairly secure phone that provides robust encryption by default. GrayKey’s existence and widespread availability “means that adding backdoors isn’t so much a question of adding a secure door to the walls of a stone castle. It’s like adding extra holes in the walls of a sandcastle,” Green, the Johns Hopkins cryptographer, said. “It seems totally reckless to add additional mandatory vulnerabilities.”
Instead of backdoors, some technologists say the current system of hacking is the best we can hope for: a phone is released; companies such as Grayshift look for ways to access the device; for a time their tools work; then the phone manufacturer issues a fix or a new operating system version, and the cycle repeats.
“The success of companies like Grayshift in finding and exploiting ways to gain access to even the latest, most secure smartphone models demonstrates that flaws will always exist despite manufacturers’ best efforts,” Pfefferkorn said.
While the theme of this report and others on tech-oriented sites is that the existence of devices like GrayKey and obviates the need for phone manufacturers to build in a “back door” for law enforcement. And I suppose it does.
My reaction, though, is that it’s rather shocking that Apple and others haven’t figured out how to defeat third-party decryption tools. After all, even if GrayKey and their competitors have business models that will have them selling only to law enforcement agencies—and I’m skeptical that they won’t expand their market—the technology is bound to get into the hands of criminals and others with nefarious aims.
Beyond that, while there’s no obvious reason police shouldn’t be able to access information on one’s phone in the same way they do other private information pursuant to a warrant, I’m highly skeptical that, having their hands on this technology, they won’t conduct illegal searches of phones in cases where they lack probable cause. While such evidence would presumably be inadmissible in court (although those protections have eroded considerably in recent decades) they wouldn’t have to admit that they’d hacked the phone and having access to its content would certainly give them all the clues they needed to find evidence—or even just probable cause to get a warrant to search the phone—through legal means.