Graykey, which is one of the tools used by law enforcement to access data on locked iPhones, has had only limited success in cracking iPhones running iOS 18 and iOS 18.0.1, according to a recent report by 404 Media.
The publication obtained secured documents that offer a close look at Graykey’s ability to access locked devices. The information is valuable, as Graykey parent company Magnet Forensics plays it close to the vest when it comes to information about the tool, and we haven’t seen this much information about Graykey until now.
According to the document, most iPhone models capable of running iOS 18 or iOS 18.0.1 are listed as being vulnerable to a “partial” unlock. However, iPhone 11 models can allegedly fully unlocked. While the document doesn’t mention the device’s iOS 18.1 device unlocking abilities, although the iOS 18.1 betas are listed under the “inaccessible” column.
While the document doesn’t specify the amount of access law enforcement would have for devices in the partial column, but they may be able to access unencrypted files, folder structure and other limited information.
Fully unlockable iPhones using a four digit passcode can be unlocked a device locked in just a few minutes, while it can take several hours to unlock devices with longer passcodes.
Devices like Graykey and the unlocking devices from Cellebrite use vulnerabilities in the iOS operating system to unlock locked iPhones, the toolmakers have to scramble every time Apple releases an iOS update, which usually includes security fixes.
Apple stays on its toes when it comes to the security of its devices and operating systems. This helps prevent tools like those offered by Graykey and Cellebrite devices from accessing the encrypted data stored on the devices. As soon as a security flaw is discovered, Apple gets to work on a fix.
Recently, Apple quietly made a change in iOS 18.1 that reboots a locked iPhone if it hasn’t been unlocked for an extended period of time.
