Follow

@voltronic Okay now that I've actually read the article I'm even *more* baffled on how this could be effective against a reasonably-secured OS. This isn't just pulling data off of a cache, but also requires actually installing software on the phone without user authentication. That shouldn't be possible, period.

@john_b @voltronic Oh this kind of thing works. It's an ancient technique. It's just another way of brute-forcing a password. But, it will fail if your device is properly secured with 2-factor authentication or other methods. Fortunately for cops, most people haven't a clue when it comes to security.

@sjvn @john_b @voltronic

Hold up: first, an iPhone will go into infinite lockout after a sufficient number of failed passcode attempts.

Second, you simply cannot install software onto an iPhone that you can't unlock.

Tell me how this "works" in light of these facts, because I can't see it.

@mcfate
That matches with everything I've read, but somehow these Graykey boxes are getting keyloggers onto locked iPhones.

@sjvn @john_b

@voltronic @sjvn @john_b

Do you actually have evidence of that happening, aside from anecdotes that basically emanate from Graykey?

Me, I don't think most cops have a clue when it comes to computer security.

@mcfate
Personally? No. But just search "Hide UI" and iPhone and you'll get quite a few articles stating this is a thing. Then again, they could all be wrong.

@sjvn @john_b

@voltronic @sjvn @john_b

Well, if I just search for "sasquatch" or "adrenochrome vampires" or "antigravity", I can find "quite a few articles stating this is a thing".

@voltronic @sjvn @john_b

The fact is that either GreyKey seems to be full of shit, or Apple is full of shit, and I saw plenty of permanently-disabled devices when I was repairing them.

@mcfate @voltronic @john_b Cops usually don't have a clue, but security companies do. I've seen a Graykey box in operation. It's kludgy and it takes forever, but I've seen it eventually get there twice. I've also seen it fail as many times.

@sjvn @voltronic @john_b

See, that's where I'm thinking this is at. I'd bet its overall success-to-failure ratio is minuscule, and certainly far out of proportion for what people pay for this thing.

@mcfate @voltronic @john_b I don't know what it's selling for currently, but it was in kissing distance of five figures when they were showing it off at law enforcement security shows.

@mcfate @voltronic @john_b NO bet. I know several police departments, usually the ones with someone who had a security clue, who declined to buy it.

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.