Date:29/10/18
Apple’s iPhones running the latest iOS 12 operating system or above can no longer be hacked by a tool that was provided by a company called GrayShift, according to a new report from Forbes. The tool called GrayKey was a popular choice used by law enforcement authorities in the US in order to access iPhone, iPad data on devices of suspected criminals.
In June, it was reported by Reuters that Apple would be updating iOS to ensure that its devices could no longer be accessed if the passcode was not known.
With iOS 12 update, the GrayKey tool was unable to unlock iPhones, which was previously possible. The report in Forbes quotes sources from the company as saying that GrayKey “can no longer break the passcodes of any iPhone running iOS 12 or above.”
The company had earlier claimed it could hack all iPhones up to iPhone X with the tool, without the need for a passcode.
The report notes that at best the tool can do a “partial extraction,” of some “unencrypted files and some metadata.”
Forbes also quotes police authorities as confirming the same that tool is no longer working. It also adds that other security researchers are stumped as to how Apple fixed this issue, and ensured that its iPhones can no longer be hacked.
In June this year, when the reports first came out of Apple’s plan to block such hacking tools, the company had said, “We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs.”
At the time, it was reported that a feature called USB restricted mode was in the works, and would block tools, which tried to bypass the passcode via the charging port. The new feature blocked techniques, which allowed these tools to bypass Apple’s default disk encryption.
It was reported that hackers or even law enforcement agencies would be unable to access the iPhone’s encrypted disk via the charging port, if the phone had not been unlocked in the last one hour with the USB restricted mode.
However, it is unclear from the Forbes report, if it is this USB restricted mode feature that has thwarted the GrayKey tool. Exactly how the tool was hacking into iPhones is also unclear, and how Apple fixed this problem remains unknown. It remains unlikely that Apple will reveal how it fixed this particular problem.
The report comes even as Apple CEO Tim Cook called for more privacy and data protection for customers at the International Conference of Data Protection and Privacy Commissioners (ICDPPC) conference in Brussels.
Cook also tweeted saying, “GDPR has shown us all that good policy and political will can come together to protect the rights of everyone…We believe that privacy is a fundamental human right.” He said, “Companies should challenge themselves to de-identify customer data or not collect that data in the first place,” adding that users should always know what data is being collected from them and what it’s being collected for.
The Apple CEO called “anything less a sham,” noting that companies need to understand that “data belongs to users”, and that it should be “easy for people to get a copy of their personal data, as well as correct and delete it.”
Apple’s latest iOS 12 has blocked ‘GrayKey’ iPhone hacking tool
Apple’s iPhones running the latest iOS 12 operating system or above can no longer be hacked by a tool that was provided by a company called GrayShift, according to a new report from Forbes. The tool called GrayKey was a popular choice used by law enforcement authorities in the US in order to access iPhone, iPad data on devices of suspected criminals.In June, it was reported by Reuters that Apple would be updating iOS to ensure that its devices could no longer be accessed if the passcode was not known.
With iOS 12 update, the GrayKey tool was unable to unlock iPhones, which was previously possible. The report in Forbes quotes sources from the company as saying that GrayKey “can no longer break the passcodes of any iPhone running iOS 12 or above.”
The company had earlier claimed it could hack all iPhones up to iPhone X with the tool, without the need for a passcode.
The report notes that at best the tool can do a “partial extraction,” of some “unencrypted files and some metadata.”
Forbes also quotes police authorities as confirming the same that tool is no longer working. It also adds that other security researchers are stumped as to how Apple fixed this issue, and ensured that its iPhones can no longer be hacked.
In June this year, when the reports first came out of Apple’s plan to block such hacking tools, the company had said, “We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs.”
At the time, it was reported that a feature called USB restricted mode was in the works, and would block tools, which tried to bypass the passcode via the charging port. The new feature blocked techniques, which allowed these tools to bypass Apple’s default disk encryption.
It was reported that hackers or even law enforcement agencies would be unable to access the iPhone’s encrypted disk via the charging port, if the phone had not been unlocked in the last one hour with the USB restricted mode.
However, it is unclear from the Forbes report, if it is this USB restricted mode feature that has thwarted the GrayKey tool. Exactly how the tool was hacking into iPhones is also unclear, and how Apple fixed this problem remains unknown. It remains unlikely that Apple will reveal how it fixed this particular problem.
The report comes even as Apple CEO Tim Cook called for more privacy and data protection for customers at the International Conference of Data Protection and Privacy Commissioners (ICDPPC) conference in Brussels.
Cook also tweeted saying, “GDPR has shown us all that good policy and political will can come together to protect the rights of everyone…We believe that privacy is a fundamental human right.” He said, “Companies should challenge themselves to de-identify customer data or not collect that data in the first place,” adding that users should always know what data is being collected from them and what it’s being collected for.
The Apple CEO called “anything less a sham,” noting that companies need to understand that “data belongs to users”, and that it should be “easy for people to get a copy of their personal data, as well as correct and delete it.”
Views: 405
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
