A motherboard investigation found that law enforcement agencies across the country purchased GrayKey, a relatively inexpensive tool to bypass encryption on the iPhone, and the FBI backed up the encryption backdoor.
This is part of the ongoing series on the rise of the technology of cracking the phone, the people behind it, and who is buying it. Follow this.
FBI director Christopher Wray recently said law enforcement agencies are "increasingly inaccessible" to the evidence stored on encrypted devices.
Wray does not tell the truth.
According to a survey of the motherboard based on some archives of internal documents, online records, and conversations with law enforcement officials, police forces and related agencies. states across the country have bought relatively cheap tools to unlock the latest iPhone and ignore the coding. Many documents were obtained using the motherboard using public profile requests.
Breaking News is a dark debate in which law enforcement officials say they can not access evidence against criminals. However, easy access to the hacking tools of the iPhone also prompted the FBI to argue about putting backdoors on consumer devices so authorities could easily access their content.
Matthew Green, assistant professor and cryptographer at the Johns Hopkins Institute for Information Security, told the motherboard in a Twitter message: "It shows that even state and local police can access data. This is in many situations. "This seems to contradict what the FBI is saying about their inability to access these phones."
As part of the survey, the motherboard found:
Regional police forces, such as the Maryland State Police and the Indiana State Police, are buying a technology called 'GreyKey' that can penetrate the iPhone, including the new iPhone OS X. most iOS 11.
• Local police forces, including Miami-Dade County Police, have also indicated that they may have purchased the equipment.
• Other forces, including the Indianapolis Metropolitan Police Department, did not seem to purchase GrayKey, but received a quote from a technology company called Grayshift.
• Email reveals secret services are planning to purchase at least half a dozen GrayKey boxes to unlock the iPhone.
• The State Department has purchased the technology, and the Drug Enforcement Administration is interested in doing so.
• The FBI is also looking to buy GrayKey, according to online shopping records.
KEY
Grayshift bought the iPhone cracking technology for the police force. The company, including a former Apple security engineer, has provided demonstrations to potential customers, according to an email.
"I attended your recent presentation show at the Montgomery County Police Department and was delighted with the potential of the product," said an Assistant Chief of Staff of the Maryland State Police Technical Division. wrote in an email to Grayshift in March.
GrayKey itself is a small 4x4 inch box with two lightning strings attached to the iPhone, according to photos posted by the network security technology firm Malwarebytes. The device comes in two versions: a $ 15,000 US online request that allows up to 300 openings (or $ 50 per phone) and an offline version, $ 30,000, Can crack many iPhones according to the requirements of the customer. GrayKey marketing materials can unlock devices that replicate Apple's latest mobile operating system, iOS 11, including the iPhone X, Apple's latest phone.
GrayKey fixes that the iPhone encrypts user data by default. Property owners often can not access your phone's data, such as your contacts list, saved messages, or photos, without unlocking your phone with passwords or fingerprints. The Malwarebytes article said GrayKey could unlock the iPhone within two hours, or three days or longer, for 6-digit passwords.
And police forces are ready to use GrayKey. David R. Bursten, director of public information for the Indiana State Police, wrote in an email to the motherboard that the force had just received a GreyKey device, but "this investigative tool will be used, when It is permitted to do so, in any investigation that may assist in the conduct of an investigation aimed at identifying offenders for the purpose of arresting persons arrested and bringing prosecutions to the prosecution office. suitable ".
Hình ảnh: Một bức ảnh của thiết bị GreyKey. Tín dụng: Malwarebytes
Greg Shipley, a Maryland State Police spokesman, told the motherboard that "the connection of electronic devices to a variety of criminals continues to increase, so the need to collect investigative information From these devices in the process of criminal investigation continue to rise. Tell the motherboard that the force is in the early stages of the GrayKey acquisition; one of the documents obtained includes a quote from GrayKey. March 22nd.
Many Grayshift employees did not respond to a request for comment. To meet the requirements of the Freedom of Information Act, the FBI declined to say whether it had acquired GreyKey.
But the FBI is seeking to purchase the technology, according to a record of purchases on March 8. A request attached to the cited material request said the FBI wanted 6 of the GreyKey units offline.
"Only the GreyShift / GreyKey solution can meet the FBI's technical requirements," another document said. It adds that GrayKey can "provide a more economical solution for handling iOS mobile devices" and the device "meets essential needs."
KICKING THE BACKDOOR
In 2016, the Justice Department tried to force Apple to create a new operating system that would allow investigators to break into the iPhone 5C of one of the San Bernardino terrorists. Tweaking, it has been suggested, will allow the FBI to quickly pass potential ciphertext to open the device without causing the device's delay or wiping its contents. (After a few false-coding guesses, the iPhone has disabled any subsequent attempts for an increasing period of time. Some iPhones may delete user data after too many predictions fail. ). The Justice Department has tried a similar legal approach in other cases involving the iPhone.
Encryptionists and technologists generally view this as a backdoor; that is, a new way to break the protection on a device. But the existence, purchase and price of GrayKey pose serious doubts about law enforcement requiring any kind of backdoor of the iPhone.
"The availability and affordability of these tools undermine the constant assertion of law enforcement officials that, They need smartphone vendors to build special access to their devices, a Twitter message.
Obviously, the FBI has used a lot of technology similar to GrayKey, and spent millions of dollars on devices that cracked phones without using the backdoor. The motherboard has previously discovered that the FBI has purchased over $ 2 million of forensic tools from Cellebrite. Back in 2016, the General Counsel of the Department said the FBI could unlock most of its phones.
"Adding a backdoor is not a question of adding a secure door to the walls of a stone castle, like adding holes to the walls of a sand."
In March, the New York Times reported that FBI officials and the Justice Department had declared search for backdoors and quietly met with security researchers. Earlier this month, Cyberscoop reported that staff members of the Senate Judiciary Committee had contacted US technology companies about potential encoding rules in the future.
Adding an iPhone backdoor, by its nature, adds new vulnerabilities to a fairly secure phone, providing strong encryption by default. The existence of GrayKey and its widespread availability means that adding backdoors is not a question of adding a secure door to the walls of a stone castle. wall of a sand castle, "said Green, cipherist Johns Hopkins. "It seems completely reckless to supplement the additional mandatory loopholes."
Instead of backdoor, some tech experts say that the current hacker system is the best we can hope: the phone is released; Companies like Grayshift looking to access equipment; for a while their tools worked; then the phone manufacturer issues a fix or a new operating system version, and the cycle repeats.
"The success of companies like Grayshift in finding and exploiting ways to access the latest and most secure smartphone models shows that the flaws will always exist. Accept the efforts of the manufacturer "
But to be clear, GrayKey is not the end of this debate. Regardless of which exploit GrayKey is taking advantage of, it may stop working at some point. The FBI wants to force Apple to adjust the San Bernardino iPhone running in February 2016; Cellebrite claims it can circumvent devices running iOS 9 - the specific iOS version that the device is using - in July 2016. Even if the phones of personal computers finally can catch Keep in mind, there may still be a time when the authorities may actually be dark on electricity
st
Sort: Trending