GrayKey: What is it and how can you pro­tect your­self?

Glenn Fleish­man re­veals ev­ery­thing you need to know about this iPhone hacker and how to pro­tect your­self

iPad&iPhone user - - FEATURE -

Po­lice now have ac­cess to an in­ex­pen­sive de­vice that can crack iPhone and iPad pass­words in a mat­ter of min­utes. First re­ported in early March by Forbes, GrayKey, from a com­pany called Grayshift, is de­signed for turn-key crack­ing of iOS pass­codes.

In mid-March, Mal­ware­bytes Labs ex­plored the de­vice in greater depth, not­ing that a four-digit PIN could be cracked in a cou­ple of hours and a six-digit

PIN would re­quire as many as a few days. Tech web­site Mother­board ex­tended this re­port­ing in April with more de­tails about how GrayKey has been used in the field. And se­cu­rity re­searcher Matthew Green posted a mes­sage on Twit­ter show­ing the the­o­ret­i­cally fastest crack­ing time pos­si­ble given the pa­ram­e­ters he knew, which brought the is­sue back to the fore given the po­ten­tial for even quicker break­ing of six-digit PINs.

GrayKey has two Light­ning plugs, and re­quires iOS de­vices to be con­nected for about two min­utes, af­ter which the crack­ing starts on the de­vice. It’s not cur­rently known what ex­ploits the com­pany uses to ac­com­plish this on-de­vice feat that also dis­ables a num­ber of pass­code-retry and re-en­try de­lay strate­gies Ap­ple started build­ing in years ago. You can ex­pect Ap­ple is work­ing all its an­gles to dis­cover the ex­ploit and patch it, as it’s done for any tech­niques for jail­break­ing iOS or by­pass­ing se­cu­rity in the past.

If you’re not in­volved in crim­i­nal be­hav­iour that might sub­ject you to scru­tiny by the law, then you might think that GrayKey is of no im­por­tance to you, as your de­vice would never be sub­ject to it.

But the mere ex­is­tence of GrayKey means it’s pos­si­ble, even likely, that there are other peo­ple who have dis­cov­ered sim­i­lar paths, and that un­less Ap­ple patches this vec­tor, less-pol­ished de­vices will wind up in the hands of crim­i­nals, even or­ga­nized gangs, who can then make use of stolen phones in a way they haven’t been able to be­fore.

What can you do to bet­ter se­cure your­self, if you haven’t taken these steps be­fore? Switch to a longer PIN or a suf­fi­ciently long and com­pli­cated pass­code and en­able Find My iPhone/iPad. Here’s how.

Pick a stronger pass­code

Ap­ple started push­ing six-digit PINs with iOS 9, likely be­cause it was aware of how rapidly the right hard­ware and phone-crack­ing soft­ware could pick a four-digit ‘lock’. How­ever, it didn’t force own­ers with older de­vices to up­grade to six dig­its, and you can down­grade to four dig­its af­ter set­ting up a longer PIN.

The ease with which GrayKey can crack a six-digit PIN means that they are no longer se­cure enough. A seven-digit PIN would ex­tend days to weeks of crack­ing, and an eight-digit PIN would ex­tend that to sev­eral weeks or a few months.

Se­cu­rity re­searcher Green rec­om­mends an even longer numeric PIN, be­cause, like a phone num­ber, it can ul­ti­mately be mem­o­rized. (Don’t pick any­thing that looks like a phone num­ber, though.) A 10-digit PIN would take over a decade on av­er­age to crack us­ing an on-de­vice tool on av­er­age, ac­cord­ing to his cal­cu­la­tions.

I rec­om­mend us­ing Dice­ware ( or sim­i­lar ap­proach, which in­volves rolling for or us­ing a

gen­er­a­tor to cre­ate a set of words un­likely to ap­pear to­gether and that add up to enough length to de­feat brute-force crack­ing, like this one I just gen­er­ated:

de­parted-re­fute-ar­mored-clock-stinky. (The time to crack on the site linked for Dice­ware is for generic off­line crack­ing of pass­words, not the GrayKey on­de­vice method, which is sub­stan­tially slower.)

Many se­cu­rity ex­perts rec­om­mend long passphrases com­pris­ing words be­cause they are more likely to be mem­o­rized, and dic­tio­nary-based crack­ing tools – even ones that use fre­quency anal­y­sis and other pre­dic­tors of words to oc­cur to­gether – won’t help for un­likely com­bi­na­tions.

These are more te­dious to en­ter – mine is over 20 char­ac­ters and has some punc­tu­a­tion sep­a­rat­ing the words – but they are eas­ier to re­tain and can be very strong. I rely on 1Pass­word’s ( pass­word gen­er­a­tor fea­ture to cre­ate these, but many pass­word safes and other tools can cre­ate word-based long pass­words. Do not use com­mon phrases or com­mon words with a few num­bers or punc­tu­a­tion marks added.

Based on how GrayKey works, more so­phis­ti­cated at­tacks that re­quire mas­sive dic­tio­nar­ies don’t ap­pear to be fea­si­ble, be­cause of how the tool runs on the iOS de­vice it­self. That could change, of course.

How to set your pass­code in iOS

1. Launch Set­tings and tap Pass­code or Touch ID & Pass­code or Face ID & Pass­code.

2. En­ter your cur­rent pass­code.

3. Tap Change Pass­code.

3. Tap Pass­code Op­tions. 5. For a longer numeric pass­code, tap Cus­tom Numeric Code. For ones with more than just num­bers, tap Cus­tom Al­phanu­meric Code. 6. En­ter the new code and ver­ify it.

Ap­ple in­sti­tuted an ad­di­tional Touch ID ex­pi­ra­tion pe­riod of six days on top of ex­ist­ing pass­code en­try re­quire­ments more than two years ago. If you haven’t en­tered your pass­code for any rea­son, in­clud­ing restart­ing your de­vice, for more than six days, you’ll be prompted for it af­ter eight hours of not un­lock­ing your phone with a Touch ID. For many peo­ple, that will hap­pen in the morn­ing.

En­able Find My iPhone/iPad

Ap­ple added an ac­ti­va­tion lock in iOS 7 that con­nects Find My iPhone (la­belled Find My iPad on those

de­vices) to your iCloud ac­count. Even if an iOS de­vice is erased, so long as Find My iPhone was ac­tive, it can’t be used again with­out ac­cess to the iCloud ac­count pass­word.

While you might think that hav­ing your phone’s pass­code cracked would be enough harm, be­cause some­one could then ob­tain ac­cess to ev­ery­thing on your de­vice, Find My iPhone can of­fer two bits of peace of mind.

First, you can use Find My iPhone to mark that you want your de­vice erased. This will hap­pen ei­ther im­me­di­ately if the iOS de­vice is con­nected to the In­ter­net, or the next time it comes on­line. I as­sume GrayKey has meth­ods to pre­vent the de­vice from ac­cess­ing the In­ter­net af­ter be­ing cracked, too, but that’s not use­ful for those whose in­tent is re­selling it. And they may make a mis­take.

Se­condly, the ac­ti­va­tion lock fea­ture means that even if the phone or tablet is erased, it can’t be re­set and resold. This may seem like a false vic­tory to you – your hard­ware is still in some­body else’s hands. But it de­ters theft in gen­eral, and any crim­i­nal or gang that uses tools like those in the GrayKey to crack phones will be re­minded quickly that there’s lit­tle util­ity in it for ex­tract­ing money.

Find My iPhone makes it pos­si­ble to erase a de­vice re­motely and re­duces the util­ity of re­sale, deter­ring crim­i­nals who might gain ac­cess to crack­ing hard­ware

Change Pass­code Op­tions lets you pick a longer numeric code or switch to one with any char­ac­ters in it

GrayKey iPhone un­locker

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.