iPhone spyware lets police log suspects' passcodes when cracking doesn't work
https://www.nbcnews.com/tech/security/iphone-spyware-lets-cops-log-suspects-passcodes-when-cracking-doesn-n1209296
^
"For example, a law enforcement official could tell the suspect they can call their lawyer or take some phone numbers off the device. Once the suspect has done this, even if they lock their phone again, Hide UI will have stored the passcode in a text file that can be extracted the next time the phone is plugged into the GrayKey device. Law enforcement can then use the passcode to unlock the phone and extract all the data stored on it."
One question I have for people familiar with iPhone hardware is how it is possible to transfer files or install an app of any sort while the phone is locked? Is the cache partition not protected by Secure Enclave?
@voltronic ^ I'm wondering that too.
@john_b
I can confirm, from my years of rooting and playing around with alternative OSes.
Interesting stuff here. The whole idea of the trusted/paired accessory thing seems a really odd choice in the context of increasing USB security.
https://blog.elcomsoft.com/2019/09/usb-restricted-mode-in-ios-13-apple-vs-graykey-round-two/
@voltronic @john_b Do you consult, my company Obsidian Intelligence is manufacturing a new encrypted phone, we are just getting our first test models with the custom Qualcomm chip we designed in a few weeks would be interesting to see what you could uncover to help us identify attack vectors and fix them before we go into production
@voltronic @john_b finding good people is so hard right now, the struggle is real appreciate you being honest though!
@killabit I'm always interested in new phones (particularly those which aim to prioritize encryption and security) but I'm afraid that I wouldn't really be qualified for probing at the hardware level.
@john_b @voltronic I'm gonn hit up MG when we get closer to production but man people are getting gobbled up so fast right now it's crazy, cyber security sector just added 750,000 jobs
@killabit
I'd be interesting in learning more about your company and the secure phone you are manufacturing if you can point me to some resources. I'm not finding any /active/ websites for your company or your phone, but I did find its name. I won't post it here if you're not ready to announce it.
@voltronic @john_b we are still in stealth mode but not for much longer building out the operations internally while dealing with manufacturing and making sure there is no interdiction from manufacturing to us is tiring and complex the site and public facing stuff can wait for now... there is the proof of concept site I can show you but the hardware has drastically changed since we connected with the right people to get a manufacturing contract, the velocity increase businesses wise was intense
@voltronic Yep, all my experience is with Android, and it's exactly as you describe.
Debugging connections also don't work until you unlock the phone and allow the host to connect.