iPhone spyware lets police log suspects' passcodes when cracking doesn't work
https://www.nbcnews.com/tech/security/iphone-spyware-lets-cops-log-suspects-passcodes-when-cracking-doesn-n1209296
@voltronic Okay now that I've actually read the article I'm even *more* baffled on how this could be effective against a reasonably-secured OS. This isn't just pulling data off of a cache, but also requires actually installing software on the phone without user authentication. That shouldn't be possible, period.
@john_b @voltronic Oh this kind of thing works. It's an ancient technique. It's just another way of brute-forcing a password. But, it will fail if your device is properly secured with 2-factor authentication or other methods. Fortunately for cops, most people haven't a clue when it comes to security.
Hold up: first, an iPhone will go into infinite lockout after a sufficient number of failed passcode attempts.
Second, you simply cannot install software onto an iPhone that you can't unlock.
Tell me how this "works" in light of these facts, because I can't see it.
Do you actually have evidence of that happening, aside from anecdotes that basically emanate from Graykey?
Me, I don't think most cops have a clue when it comes to computer security.
@mcfate @voltronic @john_b Cops usually don't have a clue, but security companies do. I've seen a Graykey box in operation. It's kludgy and it takes forever, but I've seen it eventually get there twice. I've also seen it fail as many times.
@mcfate @voltronic @john_b I don't know what it's selling for currently, but it was in kissing distance of five figures when they were showing it off at law enforcement security shows.
I feel confident it's at least 80% a scam.
@mcfate @voltronic @john_b NO bet. I know several police departments, usually the ones with someone who had a security clue, who declined to buy it.
@sjvn @voltronic @john_b
See, that's where I'm thinking this is at. I'd bet its overall success-to-failure ratio is minuscule, and certainly far out of proportion for what people pay for this thing.