When it comes to access to iPhone data by state bodies, the last few months have been particularly important the Israeli company NSO in the foreground. However, their services are only available to secret services, while companies such as Grayshift apparently unlock and evaluate thousands of iPhones and iPads. More than 1,000 authorities in more than 30 countries are already using the solutions, according to the now quite transparent US company.

Like a post on Reddit highlights, one should not underestimate the capabilities of the company. The American company only works with authorities such as police authorities and prosecutors, and instead of a software solution, it provides its own unlocking hardware – a small box with Lightning and USB-C ports that unlocks Apple devices almost automatically.

Some recent promotional brochures shared via Reddit show that Grayshift charges quite high prices for it. According to the probably somewhat older brochures, the cheapest license package costs from US$ 9,995 and includes 30 unlocks. On the other hand, a solution that works offline without restrictions can cost up to 75,995 US dollars.

The different types of unlocking that Grayshift now offers are interesting. The company has expanded its range here: In contrast to a secret service, the aim is not to install spyware. A judicial authority intends to read the data, but this is apparently often only possible after the passcode has been found out using brute force. In principle, the device apparently tries out all possible PINs, which can take days. The duration of the search varies, according to the Malwarebytes source, a four-digit pin code is determined after a few hours, according to the manufacturer, a six-digit code should be found after a few days present.

As an alternative, Grayshift therefore offers various faster data exports that take place before the password is cracked. These should all be done within one day. However, it is apparently also possible to read passwords from the bunch of keys and examine the contents of the main memory. But that’s probably not all: some advanced functions only become known to customers after a non-disclosure agreement has been published.

What can be misleading: An outdated advertising brochure provided on Reddit only lists devices up to the iPhone 11 Pro and iOS 13. However, Grayshift advertises that it also supports the latest devices and systems. According to a longer post at Grayshift, the company employs its own researchers who look for vulnerabilities in smartphones. In this way, it is said that new systems have often been knocked out before they officially appear.

At the customer’s request, Android smartphones are now also being supported more and more extensively, especially the devices from Samsung, which are popular in the USA, are probably already largely compatible.

What might irritate many NGOs: Grayshift promises selects its customers carefully and, according to its own statements, takes into account rankings from NGOs such as Transparency International from Berlin.

Apple’s devices are very secure. However, Pegasus and Grayshift show that this only applies to a very limited extent when you are targeted by law enforcement agencies and secret services and they have full access to the hardware. (Macwelt)