The American police would install spyware on suspects’ iPhones, in order to extract the access code. After that, agents could unlock the suspect’s phone and access the data. Critics call the spyware illegal.
According to NBC News, the American police work with the Hide UI software, which works as a kind of keylogger. The police would connect the suspect’s phone to the GrayKey device of developer Grayshift, who installs the software. Then the police would hand the phone back to the suspect and entice him to use it. For example, they would tell the suspects that he can call his lawyer, or that he can delete phone numbers from his iPhone. This causes the suspect to enter his passcode, which is picked up by Hide UI.
According to two insiders, the software would also disable airplane mode and make it impossible to delete all data. When the police reconnect the phone to the GrayKey, officers are shown the entered access codes in unsecured form. Authorities would only use the software if brute force attempts fail. For those brute-force attempts, they also use the GrayKey device, as the FBI used for an iPhone 11 Pro Max earlier this year. Codes that are eight characters or longer could take weeks to a year to bruteforce. In these circumstances, Hide UI would be a faster way to access the data on the phone.
Police would only use the software if they had a court order to investigate the phone. However, the use of the software is controversial. For example, a lawyer writes that not clearly describing their actions to extract information is contrary to the constitution. In addition, he doubts that services do not abuse the software.
According to the deputy director of surveillance and cybersecurity at Stanford Law School’s Center for Internet and Society, the court order should also specify exactly what the police may use. The judges issuing these orders probably wouldn’t expect the police to use them for malware, according to the deputy director. Therefore, the use of Hide UI may not be allowed by court order.
Civil rights movements are also said to fear that the use of this software will prevent prosecutors from taking cases to court. Then they would have to admit the use of the software, while they use non-disclosure agreements to keep Hide UI secret. It is not clear exactly how the software works and how many services use it. Neither Apple, the US government or Grayshift would confirm the existence of Hide UI.
GrayKey