A department of the United States State Department dedicated to diplomatic security has reportedly acquired a fifteen thousand dollar device its manufacturers claim as being able to break iPhone encryption in anywhere from three hours to three days.
Public federal procurement docs show that the State Department’s Bureau of Diplomatic Security purchased a GrayKey encryption-breaking (decryption) device from Grayshift, a firm which lists a former Apple engineer on staff.
The docs identify the purchase as for “computer as well as computer peripheral equipment,” but we at CryptoBuzz News confirmed “the phone number of the vendor in both the purchase order as well as documents CryptoBuzz News previously obtained detailing a GrayKey purchase by Indiana State Police is the same.”
GrayKey can apparently crack an iPhone simply by attaching it to one of the two Lightning cables sticking out and injecting a program that eventually causes the affected iPhone to display its PIN.
Time varies from tthree hours to three days or even longer for six-digit PIN’s, and upon completion the phone’s entire file system can be downloaded.
The GrayKey device works on iOS versions such as 11.2.5, which was released on January 23rd of this year; the only security fix publicly acknowledged by the company in the latest version 11.2.6 related to the infamous Telugu bug.
Grayshift is reportedly offering the device in a fifteen thousand dollar, thirty-use version that needs a geo-fenced internet connection to function, as well as a thirty thousand dollar unlocked version, so it would seem that the State Department purchased the limited version.