How GrayShift Keeps its iPhone Unlocking Tech Secret

Unlocking iPhones

Image: Cathryn Virginia/Motherboard

Screen Shot 2021-02-24 at 3

Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.

Grayshift, the company that develops that iPhone unlocking device GrayKey that is widely used by law enforcement, tries to keep details of its technology out of the broader public’s hands.

But through public record requests, Motherboard has obtained multiple varying copies of non-disclosure agreements and other confidentiality agreements Grayshift requires police agencies to sign. These documents provide some insight into what exactly Grayshift tells police to keep secret about GrayKey.

Advertisement

One confidentiality acknowledgement signed by the Illinois State Police this year and obtained by Motherboard included sections that were apparently supposed to be redacted. They include a section about USB Restricted Mode, which is a feature Apple introduced in 2018 to try and make accessing locked devices harder.

Do you work at Grayshift? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.

“Without limiting and foregoing, you acknowledge and agree that you will not disclose the existence of any GrayKey features and solutions designed to circumvent USB Restricted Mode released in iOS 11.4.1 and updated throughout future iOS versions made available to you on or about the date hereof,” one section reads. The document adds that “If this feature is utilized on one or more iOS device(s), it is of critical importance that such iOS device(s) remain in your possession and control until after the software agent has been successfully installed on the iOS device(s), and you acknowledge and agree to maintain possession and control of such iOS device(s) until such time.” Generally speaking an agent is a piece of software installed on a device.

grayshift-confidential.png

A section of a Grayshift confidentiality acknowledgement. Image: Motherboard.

Some government agencies try to keep their purchases of GrayKeys hidden.

“I am requesting a public records exemption to disclosure for the purchase of the GrayKey system for the Digital Forensics Lab,” a City of Orlando law enforcement official wrote to the chief of police in 2018, according to a copy of the letter obtained by Motherboard. “This will prohibit Purchasing from posting notice of the purchase and disclosing acquisition of this system. This will assist in protecting our forensic examination techniques, and capabilities.”

David Miles, CEO of Grayshift, told Motherboard in an email that “Confidentiality agreements help to protect our customers and partners with how confidential information is disclosed, and we protect and maintain the integrity of our relationships. In addition, they are instrumental in preventing the public disclosure of our intellectual property to protect the integrity of our security research. Confidentiality agreements are not at all meant to prevent disclosure of evidentiary data or general information about GrayKey in court proceedings that may result from data extracted by GrayKey during our customers’ investigations.”

Subscribe to our cybersecurity podcast CYBER, here.