Apple's making it harder for police to crack your iPhone
By disabling data transfer after an hour of inactivity 😴
Posted on June 14, 2018 9:27 PM.
The New York TimesJack Nicas
... that would effectively disable the phone’s charging and data port — the opening where users plug in headphones, power cables and adapters — an hour after the phone is locked. While a phone can still be charged, a person would first need to enter the phone’s password to transfer data to or from the device using the port. “If we go back to the situation where we again don’t have access, now we know directly all the evidence we’ve lost and all the kids we can’t put into a position of safety,” said Chuck Cohen, who leads an Indiana State Police task force on internet crimes against children. The Indiana State Police said it unlocked 96 iPhones for various cases this year, each time with a warrant, using a $15,000 device it bought in March from a company called Grayshift.
Apple's new setting effectively disables the techniques that law enforcement officials have been using to access locked iPhones over the past couple of years. Apple's new setting effectively disables the techniques that law enforcement officials have been using to access locked iPhones over the past couple of years. A current popular iPhone unlocking option, for example, is the GrayKey box, which has been sold to hundreds of law enforcement agencies across the United States. Apple is not aiming to thwart law enforcement efforts with its on-device security changes. The company regularly complies with requests for the data that it stores on its servers, and has a dedicated team of professionals to respond to these requests. Since 2013, Apple has responded to more than 55,000 U.S. government requests seeking information relating to over 208,000 devices, accounts, or financial identifiers.
[GrayKey] promises to unlock even new iPhone models, use the USB port to access a locked iPhone in order to crack its password using more attempts than would normally be allowed. That process can take anywhere from two hours to more than three days, depending on the length of the iPhone’s password.
MotherboardJoseph Cox and Lorenzo Franceschi-Bicchierai
“I believe [Apple] when they say it’s to make the device more secure,” Duff said. “The attack it is preventing is one where an attacker has physical access to your device and has some means of getting access to your data from there. That is limited to people who have access to a computer you have already authorized to communicate to your phone, and people who have the ability to exploit your phone. Those are the only ways you're going to get data off a phone by plugging it into something.”
As Apple moves to neutralize GrayKey and similar devices, anyone looking to crack into the company’s famously secure iPhone is going to need to try a new tack, and maybe figure out what to do with their now defunct $15,000 or $30,000 hacker toy in the process.
Interested in product and tech related news? Check out the Sip News app by Product Hunt. Every weekday, Sip surfaces the most exciting and essential tech stories of the day. You can download it now for iOS or Android.
Sip News Summaries
The most important tech stories, curated daily.