By the Power of Graykey!


Well, that power was short lived. If you haven’t heard, the latest iOS 12 update has defeated the Graykey device, and your data is safe once again.

Here is a quick history lesson if you are still lost:

  1. Remember the San Bernadino debacle that pitted the FBI against Apple? If not, read about it here. (Basically, the FBI retrieved the shooters iPhone afterwards, but was unable to access it. They asked for Apple’s help for a backdoor, they refused on the grounds of Privacy, but eventually the FBI found a way in by paying an Israeli company a cool 1.3 Million USD.)
  2. Later, in 2017 a company named Grayshift (sounds ominous) created a device that defeated Apple’s USB restricted mode and sold it for 15k (internet backend) or 30K for the fancy offline model to Law Enforcement and Government agencies.
  3. Rights activists (like myself) saw this as another way for Law Enforcement to encroach on our Privacy.
  4. As of October 24th, 2018, with the latest iOS update, Graykey has been rendered useless (for now).

The device can still gain access, but all of the data is basically useless.

Hardy (2018) writes: Once a device has been unlocked, GrayKey can only extract unencrypted files and metadata

So, for now the wolves are being held off but I am sure this won’t last long. With that said, here is some advice for keeping your Mobile Data safe (iPhone or Android)

  1. Encrypt Everything! (Here is an article to help you out)
  2. Use a complex Passcode
  3. Don’t write down your passcode
  4. Never Plug your phone into a “free or paid” Public charger or Hotel wall USB Charger (If you must, disable auto-sync, and use a Power only USB Cable)
  5. Use that (find my phone) utility to remotely erase your phone if you lose it.
  6. Use the (erase my phone after X amount of attempts feature)

Stay private my fellow coders! #dontcodealone