Leaked Graykey documents reveal its limitations in the face of iOS 18 and highlight the ongoing battle between Apple and digital forensics companies. This news provides a rare insight into the current capabilities of investigative tools used by law enforcement.

Graykey’s limited capabilities on iOS 18

According to confidential documents obtained by 404 Mediathe Graykey tool, developed by Magnet Forensics (formerly Grayshift), can only provide “partial” access to iPhone data under iOS 18 and 18.0.1. This limitation affects all recent models, from the iPhone 12 to the iPhone 16 series. Only the iPhone 11 seems to be able to be fully unlocked.

Although the notion of “partial” access is not precisely defined, it could be limited to the extraction of unencrypted files, metadata and folder structure. The documents do not mention the tool’s capabilities on iOS 18.1, released at the end of October, but reveal that beta versions of iOS 18.1 are completely inaccessible.

Graykey tool can partially unlock iPhones running iOS 18

The arms race continues between Apple and forensic experts

This situation perfectly illustrates the cat and mouse game that is being played between Apple and companies specializing in unlocking devices. Apple recently introduced a new security measure in iOS 18 that forces iPhones to restart after a period of inactivity, putting them into “Before First Unlock” (BFU) mode. In this state, all user data is encrypted, which considerably complicates the work of investigators who only have a four-day window to act.

This development is reminiscent of the 2018 episode where Apple countered Graykey by introducing “Restricted USB Mode”, limiting the functionality of the Lightning port after a period without unlocking. However, as leaked documents from Graykey and its competitor Cellebrite show, forensic companies usually end up finding new solutions.

For iPhone users concerned about their security, the best protection is to keep their device up to date with the latest version of iOS available. It’s also reassuring to note that these tools require physical access to the device and are theoretically reserved for law enforcement.

Shares:

Leave a Reply

Your email address will not be published. Required fields are marked *