‘GrayKey’ iPhone Unlocking Box Used by Law Enforcement Shown Off in Photos

Last week, news of a previously-unknown iPhone unlocking device called GrayKey surfaced, and today, MalwareBytes shared photos and additional information about the product, which is designed for law enforcement officials.

Created by a company named Grayshift, GrayKey is a small, portable gray box equipped with dual Lightning cables.

Two iPhones can be connected to the GrayKey at once, and need to be connected for about two minutes to install proprietary software that’s designed to guess the passcode for an iPhone. Once the software is installed, it will work to crack the passcode, a process that can take as little as a few hours for a short passcode or several days for a longer six-digit passcode.

Once the GrayKey software has cracked the passcode, it’ll be displayed right on the screen of the iPhone. The iPhone can then be plugged back into the GrayKey to download all of the data on the iPhone, including the unencrypted contents of the Keychain, which can then be accessed using a computer.

Based on screenshots, the GrayKey can crack modern iPhones running modern versions of iOS. It works with the iPhone X and iOS 11.2.5, the version of iOS that was likely available when the screenshots were captured. It probably also works with iOS 11.2.6, unless Apple has managed to block it in the latest operating system update.

Grayshift presumably designed the GrayKey for law enforcement professionals, and it’s relatively expensive. A $15,000 option requires internet connectivity and is geofenced to a specific location once set up, while a $30,000 option requires no internet connection and can be used anywhere.

MalwareBytes worries that the portable version of the GrayKey could easily fall into the wrong hands. It uses two-factor authentication, but given that people “often write passwords on stickies and put them on their monitors,” it’s possible the token could be kept in the same location as the device.

What happens if the GrayKey becomes commonplace in law enforcement? The cheaper model isn’t much of a danger if stolen–unless it’s stolen prior to setup–but at 4″x 4″x 2″, the unlimited model could be pocketed fairly easily, along with its token, if stored nearby. Once off-site, it would continue to work. Such a device could fetch a high price on the black market, giving thieves the ability to unlock and resell stolen phones, as well as access to the high-value data on those phones.

How the GrayKey works is not known, but it’s believed to be using some sort of jailbreaking process that could damage iPhones in some way. It’s also not known how the GrayKey device itself is protecting data that’s stored on it, and whether or not the data could be remotely accessed by hackers.

It’s also unknown who Grayshift is selling the devices to. It’s possible that sales are limited to law enforcement officials in the United States, but it’s also possible that it’s being offered abroad. Other devices of this type have slipped out of the hands of law enforcement and have become widely available, so the same could happen with the GrayKey.

Apple is continually working to fix the kinds of exploits used by devices like the GrayKey, so it’s possible whatever mechanism the box uses will be fixed in a future update. The average iPhone owner likely doesn’t need to worry about the GrayKey, but as MalwareBytes points out, it is troublesome knowing such a device could fall into the hands of malicious entities.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Discuss this article in our forums

Apple Adds New ‘Families’ Section to its Website With Tips for Parents

In the wake of urging from investors to do more about smartphone addiction among children, Apple has added a new “Families” section to its website that outlines parental control tools and information that parents should be aware of.

The mini site is broken into several sections that highlight a range of kid-friendly features that Apple has put into place like app recommendations, in-app purchase controls, restrictions on apps that can be downloaded, internet limiting tools, Find My Friends, and more.

Apple highlights the Kids section of the App Store, for example, which the company says parents can use to find carefully curated content that’s appropriate for children. The site provides links to tutorials for enabling Ask to Buy so parents can approve app downloads, and it lets parents know how to turn on restrictions to limit in-app purchases and which websites are available to children.

Another section of the site points out tools like Find My Friends for keeping track of a child’s location, and recommends setting up group chat for the whole family in Messages.

Apple also provides details on Family Sharing, which is designed to let members of the same family share apps, music, books, iCloud storage, and more, and there’s a section on tips for the whole family, with feature recommendations like Do Not Disturb While Driving, Bedtime, Medical ID, Night Shift, and Emergency SOS.

Apple also recommends products like the Apple Watch with LTE connectivity to “reach kids in an emergency” and to help the whole family stay fit, and there’s a dedicated section on privacy controls. Parents who have children that use iOS devices will likely want to give the new site a look.

Apple has promised to introduce more robust parental control tools, and rumors have suggested the company will introduce the features in iOS 12. Apple is said to be planning to debut a Digital Health tool that will let parents know how much time their children have spent using iOS devices.
Discuss this article in our forums

How to Set a Custom Lock Screen Message on Your Mac in Case It’s Lost

You can set a custom message to appear on the lock screen of your Mac, which is super useful if you ever misplace or lose your Mac. It lets people see who the Mac belongs to as soon as it’s opened up, and there’s no question about ownership.

You will need an administrator account to create a lock screen message on your Mac, but it’s super easy to do.

  1. Click on the “” icon in the menu bar.
  2. Select System Preferences.
  3. Choose Security & Privacy.
  4. Select the “General” tab.
  5. Click on the lock icon at the bottom of the window.
  6. Enter your admin name and password.
  7. Choose “Set Lock Message…”
  8. Enter your desired message.

It’s useful to add contact details here, like your email address and phone number or the email address and phone number of someone who can easily get in touch with you in an emergency situation.

What the lock screen message looks like when your Mac is locked.

If you misplace or Mac or have it stolen, this puts your contact information front and center as soon as your Mac is opened up, so whoever has it can see who it belongs to even before you activate Lost Mode using iCloud. It’s also potentially useful in an emergency if someone needs to know who you are and how to get in contact with a loved one.

I’m personally always paranoid about losing my MacBook or having it taken at some location like an airport security lane, so this is a nice way to have instantly identifiable info readily available.
Discuss this article in our forums

Apple Drops Over Twenty Spots in Latest Company Reputation Survey

In a new survey that looks at the reputation of corporate brands, called the Harris Poll Reputation Quotient survey, Apple dropped from its previous position at #5 on the list and now sits at the #29 spot. As reported by Reuters, Apple has been sliding down the rankings over the last two years, falling from #2 in 2016.

To determine the results, the poll surveyed 25,800 adults in the United States from December 11, 2017 to January 12, 2018 on the reputations of the “most visible” corporate brands. Similarly to Apple, Google fell this year as well, from #8 in 2017 to #28 in 2018.

Harris Poll CEO John Gerzema theorized that the reason behind Apple’s and Google’s dips on the list was because of a lack of major, “attention-grabbing” device launches in the last few years.

John Gerzema, CEO of the Harris Poll, told Reuters in an interview that the likely reason Apple and Google fell was that they have not introduced as many attention-grabbing products as they did in past years, such as when Google rolled out free offerings like its Google Docs word processor or Google Maps and Apple’s then-CEO Steve Jobs introduced the iPod, iPhone and iPad.

“Google and Apple, at this moment, are sort of in valleys,” Gerzema said. “We’re not quite to self-driving cars yet. We’re not yet seeing all the things in artificial intelligence they’re going to do.”

In the #1 spot was Amazon, which the company has held every year for the past five years except in 2015 when it was at #2. Tesla climbed the rankings from #9 to earn the #3 spot and Facebook was #51, which was an improvement for the social media company. In total the top 10 companies on the reputation list were:

  1. Amazon.com

  2. Wegmans Food Markets Inc

  3. Tesla Motors

  4. Chick-fil-A

  5. The Walt Disney Co

  6. HEB Grocery Company LP

  7. United Parcel Service Inc

  8. Publix Super Markets

  9. Patagonia Inc

  10. Aldi Inc

In another recent ranking, Apple earned the top spot as the “most intimate brand” for millennials in the United States. Fast Company also named Apple as the world’s most innovative company for “delivering the future today,” and specifically for its approach to hardware and software engineering that creates the overall user experience surrounding its products.
Discuss this article in our forums

Telltale’s second ‘Batman’ season ends March 27th

Telltale's games are defined by in-the-moment choices that have far-reaching consequences, and that's never been truer than it is now. It's releasing the final episode of Batman: The Enemy Within ("Same Stitch") on March 27th, and your decisions from…

Apple Releases 2018 Supplier Responsibility Progress Report

Apple today released its 2018 Supplier Responsibility Report, which provides a look into Code of Conduct violations in the Apple supply chain and outlines progress made with new programs promoting health and education awareness.

Apple provides supplier responsibility progress reports on an annual basis in an effort to be transparent about the steps it takes to improve the lives of the employees who manufacture the wide range of Apple products available to consumers.

Apple conducted 756 audits across 30 countries in 2017 (up from 705 last year), and it says that its efforts to raise standards are having a “dramatic impact.” The number of low-performing facilities (judged on a point system based on compliance with Apple’s Code of Conduct) decreased to one percent during the year, and Apple saw a 35 percent increase in the number of high performers. Overall, Apple suppliers earned an average Labor and Human rights score of 86 out of 100.

Apple did, however, uncover 44 core violations at its supplier facilities, including three bonded-labor violations, 38 working hours falsifications violations, one access restriction violation, and two cases of underage labor. In one incident, Apple says 700 workers in the Philippines paid out a total of $1 million in recruitment fees for factory jobs, which Apple made the supplier pay back. These violations have increased from last year, and Apple says this is because it brought on several new suppliers during the year.

Last year, Apple launched a health awareness program for women at supplier facilities in India and China, which offers access to services and education on self-examination for early cancer detection, nutrition, personal care, and maternal health. Apple says that this program, along with others promoting education and worker rights, has been highly successful.

“We believe that everyone making Apple products deserves to be treated with dignity and respect and we’re proud that almost 15 million people understand their workplace rights as a result of the work we’ve done over the years. We’re going further with health education programs and new opportunities for advancement at our suppliers,” said Jeff Williams, Apple’s COO. “A new preventive health care curriculum is encouraging women to focus on their personal health, and hopefully share that knowledge with their families and communities. Our goal is to reach 1 million women by 2020. We know our work is never done and we’re committed to raising the bar every year across our supply chain.”

Apple also worked with Beijing Normal University and some of its larger suppliers to introduce a Factory Line Leader Program that offers practical vocational skills, guaranteed internships, and long-term full-time employment opportunities to workers in an effort to recruit more factory line leaders.

Apple says that over the course of the last 10 years, more than 2.5 million supplier employees have taken education classes under its Supplier Employee Education and Development program, and over 12,000 have enrolled for a degree.

As of 2017, all of Apple’s final assembly sites around the world have been certified as zero waste to landfill, and suppliers working with Apple introduced energy efficiency improvements that reduced more than on 320,000 annualized metric tons of greenhouse gas emissions during the year.

Additional details about Apple’s supply chain and environmental efforts can be read in the full 2018 Supplier Responsibility Report.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Discuss this article in our forums

Apple might offer lower-cost MacBook Air in spring

Apple has left the MacBook Air mostly untouched for years, including its price. Ever since the 11-inch model disappeared in 2016, you've been looking at $999 or more for Apple's 'starter' laptop — a tough sell given the aging design. It might beco…

You can finally stream Xbox One games to your Mac

Before now, if you fancied playing console games on your Mac, you'd need to use PlayStation 4's Remote Play to do so. Windows 10 users have been able to stream Xbox One titles to their PCs since 2015, but macOS users have been out of luck. A new $10…