The Kern County Sheriff’s Office will soon have the capability to unlock iPhones without knowing the passcode, likely granting investigators access to any Apple product that comes across their path.
The department recently received permission to purchase a device from Grayshift, a company that claims to be able to get past Apple security features to gain access to an iPhone’s data.
The secretive company does not appear to make statements to the media, and did not immediately respond to an email form soliciting information.
Law enforcement agencies around the country have reportedly been purchasing the iPhone-unlocking product, GrayKey, since at least early 2018.
The devices are reportedly used by federal agencies such as the U.S. Immigration and Customs Enforcement Agency and the Federal Bureau of Investigations.
The Sheriff’s Office will pay $15,030 for use of the GrayKey software. The department will use unanticipated revenue from asset forfeiture to purchase the technology, limiting the financial impact on the county’s general fund.
The county says investigators will be able to use the new technology to uncover new evidence in cases that range from human trafficking to child pornography.
“We have phones in our property room currently, that we’re unable to get into, that we believe have physical evidence on them that we may be able to link to a criminal act,” said Kern County Sheriff’s Commander Adam Plugge.
To be used, a GrayKey device must be plugged into an iPhone, Plugge said.
The Sheriff’s Office will need to receive a court order before it can search an unlocked phone, similar to the warrants required for the searching a vehicle or a house.
Once access has been granted, the department will be able to download photos, videos and other data from the phone to be used as evidence.
But unconfirmed media reports have claimed that Apple patched the security vulnerability that allowed access to the phones when it released iOS 12 in late 2018.
Forbes reported in October of last year that multiple sources familiar with the technology had said that Apple’s latest update had fixed the security flaw, and a police chief in Minnesota even admitted his department’s GrayKey device wasn’t working well at the time.
However, it is unclear if the company has indeed blocked Grayshift from accessing iPhones.
A software update from Grayshift could have patched the device to allow it access to iPhones.
Apple did not immediately respond to a request for comment.
Plugge said he expected that GrayKey would work when it arrived in Kern County.
“It’s going to be a cat-and-mouse game with technology these days,” he said. “People are going to continue making better mousetraps and other people are going to be able to figure out ways around that.”
He said the Sheriff’s Office needed the new device to keep up with changes in technology.
“We do the best we can with all technological advances,” he said. “We try to give our investigators the best tools available to them to be able to solve cases.”
Grayshift went on the offensive and has been actively working to crack Apple's new USB Restricted Mode, and the company is now claiming victory. If you haven’t been following USB Restricted Mode, the feature locks out USB accessories from communicating with an iPhone if the device hasn't been unlocked within the past hour.
That effectively blocks any data transfer to or from a USB accessory, such as GrayKey, if the iPhone hasn't been recently unlocked. This would mean that law enforcement trying to access the phone as part of a legal investigation would have to tap into an iPhone almost immediately. What they need to do in the case of the GrayKey device is brute force the password in an hour, something that is unlikely to happen.