Apple constantly fights against police and FBI iPhone spyware
A software called Hide UI, created by Grayshift, a company that makes iPhone jailbreak devices for law enforcement, can track a suspect's passcode as he enters it into a phone. According to NBC News, two people in law enforcement asked not to be named for fear of violating non-disclosure agreements. Due to the lack of public oversight and the secrecy of the software, lawyers, forensic experts and civil liberties advocates are concerned that Hide UI may be used. without providing the owners with due process, such as a warrant.
It is also the latest step in the cat-and-mouse game between law enforcement and Apple. The company is known to have refused to unlock an iPhone for the FBI in a San Bernardino terrorist case, arguing that it would make its phones less secure. In mid-May, the FBI said it had managed to access the iPhone of a gunman who shot and killed fellow students at Pensacola Air Force Base in Florida. A person familiar with the situation and not authorized to speak publicly said the phone was hacked through guessing a password, which is the most common way law enforcement agencies can get into an iPhone.
In the absence of help from Apple, law enforcement officials have relied on companies like Grayshift and Cellebrite to find vulnerabilities in Apple software and hardware and create tools that can bypass iPhone security features.
“Grayshift is developing technology that allows law enforcement agencies to access critical digital evidence in criminal investigations,” said David Miles, CEO of Grayshift. “We take every precaution to ensure that access to our technology is restricted and our customer agreements require it to be used lawfully. Our clients are top-level law enforcement professionals who only use our tool with the appropriate legal authority. "
Apple declined to comment.
Software
The GrayKey device is a small box with two iPhone lightning cables sticking out of it. The device was first released in March 2018. Law enforcement officers can connect any latest iPhone to cables to install an "agent" (piece of software) on the device. The agent then tries to crack the access code.
It can take several minutes to crack a four-digit pin code, and it can take less than a day to crack a six-digit PIN, according to the calculations of cryptographer Matthew Green, assistant professor of computer science at the Johns Hopkins Institute for Information Security. An eight-digit and ten-digit code will take weeks or years. It is in these conditions that Hide UI provides faster access to the device.
For this to work, law enforcement officials must install hidden software and then return the seized device to a suspect, said people familiar with the system and unwilling to be identified for fear of violating their nondisclosure agreement with Grayshift.
For example, a law enforcement officer may tell a suspect that he has the opportunity to call his lawyer. Once the suspect does so, even if he locks his phone again, Hide UI will save the passcode in a text file that will be available when the phone is connected to the GrayKey device.
Law enforcement agencies can then use the passcode to unlock the phone and retrieve all of the data stored on it.
“This is a great technology for our cases, but as a citizen I don't really like the way it is used. I feel that sometimes the behavior of officers will border on ethics, ”said a law enforcement official.
A second interviewee said the software was "buggy" and that it was often easier to get a suspect to hand over his password during interrogation than to use a trick to get the hidden software to work.
Legality and secrecy
Both law enforcement sources spoke to NBC News said they would only connect the phone to GrayKey if they had a search warrant.
However, forensic experts working with lawyers have raised concerns that the Hide UI could be used without a warrant by law enforcement officials, possibly under the pretext of "urgent circumstances," given some of the time constraints that Apple has imposed to retrieve data from its phones.
It is unclear how often this feature is used, but hundreds of state and local law enforcement agencies throughout the United States (some have been declassified by Motherboard and Forbes), as well as the FBI, Drug Enforcement Administration, Border Guard Service, Secret Service , and other agencies have access to GrayKey devices, according to official figures. They cost between $ 15,000 and $ 36,000 per device, depending on the model.
GrayKey's marketing materials refer to "advanced features" but don't publicly talk about Hide UI. This and other intelligence-gathering functions are only explained to potential clients if they sign a non-disclosure agreement, law enforcement officials said.
NBC News has not found any search warrants that describe Hide UI's capabilities, although GrayKey is occasionally referenced in court documents, including a search warrant for the iPhone 11 Pro Max, Apple's latest and most secure phone.
Some human rights activists, including the American Civil Liberties Union, are concerned that prosecutors may drop cases instead of revealing how the technology works or leaving it to public scrutiny. This has previously happened with StingRay devices, which mimic a cell tower to intercept phone calls and text messages made by nearby devices.
Even if there is a search warrant for the device, it is unclear whether the prosecutor or the judge will describe the trick required to obtain the secret code from the suspect.
“Law enforcement's use of an 'agent' can be legal if the search and seizure warrant of the device states that investigators are allowed to use it,” said Rhiana Pfefferkorn, deputy director of oversight and cybersecurity at Stanford Law School's Center for Internet and Society ...
NBC News asked the Justice Department if it had any recommendations for using Hide UI. Department officials declined to comment, as did representatives from the National Sheriffs Association and the International Association of Chiefs of Police.
Critics say the lack of transparency regarding GrayKey and Hide UI is another example of an increasingly unequal game in the digital forensics world, where the government has access to flamboyant tools that defendants cannot afford.
“I fight with one hand tied behind my back,” said Andrew Garrett, a digital forensics expert. "I don't get the same evidence because companies like Grayshift require nondisclosure agreements that make law enforcement opaque."
One GrayKey nondisclosure agreement, dated 2018 and reviewed by NBC News, requires law enforcement to notify Grayshift if technology details can be disclosed in court, such as through a subpoena, so that Grayshift has the ability to “obtain a protective order or otherwise prevent the disclosure of information ”.
One of the interlocutors of the publication said that this is "quite shocking" because it turns out that the private interests of a third party can interfere with due process.
“You cannot force the law enforcement agencies to say, 'we have this magic box, plug in your phone, we will get evidence; trust us, we will allow you to make excuses for this, ”he said. "Only not when the end product leads to the deprivation of freedom for people."
