"Grayshift, the company that makes the GrayKey iPhone unlocking boxes that have been sold to multiple law enforcement agencies across the United States, recently suffered a data breach that allowed hackers to access a small portion of the GrayKey code,... Last week, unknown hackers leaked portions of the GrayKey code and demanded two bitcoin from Grayshift with the threat of additional data being leaked. According to Motherboard, the code in question "does not appear to be particularly sensitive," but Grayshift did confirm that a "brief" data leak had occurred... Grayshift says that "changes" have been made to help customers prevent unauthorized access to GrayKey boxes in the future, but Motherboard discovered another exposed GrayKey device broadcasting similar code..." https://www.macrumors.com/2018/04/24/grayshift-graykey-iphone-unlocking-box-data-breach/ https://motherboard.vice.com/en_us/...ckers-grayshift-graykey-leaked-code-extortion
I don't see why anyone would care what the code is, but I guess it distracts from the real bad guy here which is Apple. Everyone has known for so many years that a 6 char passcode is too short for any semblance of security, it can now be considered common knowledge. Therefore any manufacturer that has not been living on another planet for the last 20 years and limits the security code on their devices to 6 chars is obviously making sure it is brute forcable. The grey box is just a device to do it.
Default iPhone/iOS passcode is 6 characters, but can be as long as 10 characters. "...According to cryptographer Matthew Green of Johns Hopkins (via Motherboard), here’s how long it presumably takes GrayKey to crack iOS passcodes of varying lengths. As evidenced below, a 6-digit passcode can be cracked in about 11 hours on average. Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling): 4 digits: ~13min worst (~6.5avg) 6 digits: ~22.2hrs worst (~11.1avg) 8 digits: ~92.5days worst (~46avg) 10 digits: ~9259days worst (~4629avg)..." BTW: Price of a GrayKey Unit is $15,000 http://bgr.com/2018/04/18/iphone-security-hacking-6-digit-passcode-not-good-enough/
