For the last couple of years, a startup has been selling a device that can unlock iPhone to cops while shrouded in mystery.
Some details about how the device—called GrayKey—works, and what agencies use it, have slowly trickled out thanks to Freedom of Information requests made by Motherboard. But until today, only two pictures of the GrayKey device have ever circulated widely. One was included in a Wall Street Journal article in 2018, and another was published by security company MalwareBytes the same year.
Videos by VICE
Now, more pictures have come out after GrayShift, the makers of the device, filed a series of documents with the Federal Communications Commission as part of an application to get an FCC ID, a procedure that all tech products have to go through in the United States to make sure they comply with FCC standards.
Have you ever used GrayKey? Do you know anything else about GrayShift? We’d love to hear from you. Using a non-work phone or computer, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzofb@vice.com. You can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com
The documents include a teardown of the GrayKey, which reveal that it is built on an ARM processor made by Compulab.
Separately from the photos published by the FCC, Motherboard obtained a screenshot of the user interface of a GrayKey device via a public records request with the Providence Police Department. The screenshot was attached to an email to GrayKey as part of an error report.
GrayShift did not respond to a request for comment.
In March, Motherboard published a database of over 500 cases where authorities have attempted to access iPhones with varying degrees of success. In some of those cases, agencies used a GrayKey to search the phone. However authorities also repeatedly came across general issues such as a password being too long or an unlocking capability not being available for that particular model at that point in time, the database showed.
GrayShift and Apple are regularly one-upping each other, with GrayShift finding ways to exploit iPhone devices, and Apple introducing new mitigations to try and stop them. In 2018, Apple introduced USB Restricted Mode, which was mentioned in leaked GrayShift communications previously obtained by Motherboard. The feature essentially puts a more narrow time limit on when a law enforcement official may be able to unlock the device.
These new pictures are unlikely to mark a significant shift in this cat-and-mouse game, but at least finally give the public a good view of a device that’s usually tucked away in police forensics labs.