
Grayshift's Hide UI Spyware Can Secretly Log Passcode of Locked iPhones - colinprince
http://www.iphonehacks.com/2020/05/grayshifts-hide-ui-spyware-secretly-log-passcode-locked-iphones.html
======
pixxel
“ The process requires Hide UI to be installed on the iPhone and then set up
such a scenario that the suspect ends up unlocking their iPhone. The passcode
is then logged and stored in a text file that can be extracted by plugging the
device into GrayKey. After this, law enforcement agencies can unlock the
device and extract all data from it.”

How is it installed on a locked iPhone?

~~~
danappelxx
By adding it to the Facebook SDK, of course.

~~~
jklm
I’m not a moderator by any means, but off-topic, low effort comments like
these make HN a more annoying place to read through. You likely have seen some
of this noise on reddit, please don’t bring it here.

~~~
danappelxx
I understand what you are saying, but seriously, the best way to get an
exploit like this onto an end-users phone en-masse is through a third-party
sdk. If a government pressured one of the companies behind the major SDK's to
include this spyware as a form of backdoor, perhaps they would be forced to
oblige.

