Apple’s extended battle to block an iPhone hacking technique used by law enforcement personnel is reportedly over — for now — as Forbes says that a “mystery fix” introduced in iOS 12 has locked hackers out. According to the report, Apple’s improved security has stumped both law enforcement officials and forensic tech providers, apparently including the ex-Apple security engineer who helped one hacking company build a business with government agencies.
The latest collection of iPhone passcode hacks was spotlighted back in March, as hacking firms Cellebrite and Grayshift publicly offered law enforcement officials expensive tools for extracting information from locked devices. Cellebrite charged $1,500 per device compared with Grayshift’s GrayKey tool, which offered 300 online unlocks for $15,000 or a standalone system with unlimited offline unlocks for $30,000. Police inside and outside the U.S. have used these tools to aid investigations.
Each of the companies promised to unlock iOS 11 devices, and GrayKey was able to hack even the then-new iPhone X. To keep its devices secure, Apple has continued to make changes to the security hardware in new devices, including tweaks to its “secure enclave” chips and the introduction of new biometric features such as Face ID. But the iOS software found on every iPhone and iPad is constantly being probed for potential security weaknesses. GrayKey was notably co-developed by a former Apple employee familiar with the company’s security protocols.
Today’s report suggests iOS 12 now prevents GrayKey from doing anything more than a “partial extraction,” revealing no more than unencrypted files and limited metadata. Previously, the company was able to use tricks to make effectively unlimited guesses of a device’s passcode, regardless of anti-guess protections, but iOS 12 enforces those protections more effectively. Forensic tech provider Elcomsoft said it had “no idea” how Apple fixed the issue, but said it could be anything from “better kernel protection to stronger configuration-profile installation restrictions.”
Apple took multiple steps to improve anti-hacking security on iOS devices prior to the release of iOS 12, most conspicuously adding a USB Restricted Mode to iOS 11.4 beta and iOS 11.4.1. But researchers quickly found a way around the feature — part of an ongoing cat and mouse game that most OS makers wind up playing with hackers.
Between the iOS 12 change and increasingly forceful public statements from CEO Tim Cook and his deputies, it’s clear that Apple is serious about its oft-cited commitment to user privacy. That means iPhone users will be able to rest a little easier until the hackers discover the next weak point in iOS.