“In 2017, a company by the name of ‘Grayshift’ created a device called ‘GrayKey’ that successfully unlocked iPhones without knowing the passcode,” Peter Cao reports for 9to5Mac. “Based in Atlanta, Georgia, the company employs less than 50 employees, and up until this point it was unknown whether ‘GrayKey’ was a service or product. However, MalwareBytes has been able to get their hands on some photos of the device, and notes that the ‘website is protected by a portal that screens for law enforcement affiliation.'”

“The site says GrayKey is a device used in-house at local law enforcement labs and offices, vastly different than Cellebrite, the company behind the unlocking of the iPhone 5c in the San Bernardino case,” Cao reports. “It can take anywhere between 2 hours and 3 days depending on the length and complexity of the passcode.”

“It comes in two options: $15,000 and $30,000, with the former will requiring an internet connection and will geofence to that location, meaning it will not work outside of the original network,” Cao reports. “The $30,000 option will not require an internet connection and will allow unlimited attempts on unlimited devices, presumably until the security hole is patched.”

Read more, and see the photos (hint: it’s a gray box), in the full article here.

MacDailyNews Take: Needless to say, if they haven’t already, Apple should get their hands on these boxes and patch whatever security hole(s) the boxes are exploiting.

Obviously, the very existence of this MalwareBytes report proves the folly of “backdoors” that are only for the good guys.

There have been people that suggest that we should have a back door. But the reality is if you put a back door in, that back door’s for everybody, for good guys and bad guys. — Apple CEO Tim Cook, December 2015

This is not about this phone. This is about the future. And so I do see it as a precedent that should not be done in this country or in any country. This is about civil liberties and is about people’s abilities to protect themselves. If we take encryption away… the only people that would be affected are the good people, not the bad people. Apple doesn’t own encryption. Encryption is readily available in every country in the world, as a matter of fact, the U.S. government sponsors and funs encryption in many cases. And so, if we limit it in some way, the people that we’ll hurt are the good people, not the bad people; they will find it anyway. — Apple CEO Tim Cook, February 2016

As we wrote back in March 2016: “Encryption is either on or off. This is a binary issue. There is no in-between. You either have encryption or you do not.”

Tim Cook’s refusal to create iPhone backdoor for FBI vindicated by ‘WannaCry’ ransomware attack on Windows PCs – May 15, 2017
The Microsoft Tax: Rapidly replicating Windows PC worm spreads as experts try to limit damage; Macintosh unaffected – May 15, 2017
The Microsoft Tax: Leaked NSA malware hijacks Windows PCs worldwide; Macintosh unaffected – May 13, 2017
Bungling Microsoft singlehandedly proves that ‘backdoors’ are a stupid idea – August 10, 2016
U.S. Congressman Ted Lieu says strong encryption without backdoors is a ‘national security priority’ – April 29, 2016
iPhone backdoors would pose a threat, French privacy chief warns – April 8, 2016
The U.S. government’s fight with Apple could backfire big time – March 14, 2016
Obama pushes for iPhone back door; Congressman Issa blasts Obama’s ‘fundamental lack of understanding’ – March 12, 2016
U.S. Attorney General Loretta Lynch backs U.S. government overreach on The Late Show with Stephen Colbert – March 11, 2016
Former CIA Director: FBI wants to dictate iPhone’s operating system – March 11, 2016
FBI warns it could demand Apple’s iPhone code and secret electronic signature – March 10, 2016
California Democrat Diane Feinstein backs U.S. government overreach over Apple – March 10, 2016
Snowden: U.S. government’s claim it can’t unlock San Bernardino iPhone is ‘bullshit’ – March 10, 2016
Apple could easily lock rights-trampling governments out of future iPhones – February 20, 2016
Apple CEO Tim Cook lashes out at Obama administration over encryption, bemoans White House lack of leadership – January 13, 2016
Obama administration demands master encryption keys from firms in order to conduct electronic surveillance against Internet users – July 24, 2013