
Police believe Grayshift has a workaround for Apple’s new USB Restricted Mode - robin_reala
https://motherboard.vice.com/en_us/article/pavwzv/cops-are-confident-iphone-hackers-have-found-a-workaround-to-apples-new-security-feature
======
craftyguy
Why doesn't Apple dig deep into their warchest and either acquire Grayshift,
or pay off one of their engineers to spill the beans?

------
seorphates
I'm really curious how one goes about "future proofing" an external cable
connecting to a device via a usb port gated from inside of the device.
Voltage? Frequency? Fantasy?

------
Shank
For better or for worse, articles like this and the leaking of information
from Grayshift gives Apple a lot of smoke to follow. If you’re trying to
figure out how an attacker is getting into a system and you’ve cut off one
major vector, that’s good. But if the attacker then comes out and says that
they’re unaffected by that vector cutoff, it signals that was the wrong vector
to block off.

It’s an interesting cat and mouse game, but I have a feeling that the cat will
win. Apple can “go nuclear” and do something like remove wired data
connectivity all together, for example. Low level boot firmware doesn’t need
to change all that often — getting it “right” means that they won’t need to
worry about it for a long time.

Apple loves showing off their investment to privacy as of late. It’s very
tempting from Apple’s perspective to invest a lot of time and money in keeping
attackers out now, more than ever.

------
jay_kyburz
How is it not DMCA violation?

~~~
dsfyu404ed
Two reasons I see:

1) Nobody guards the guards

2) Being anywhere in the process of enforcing the DMCA on law enforcement will
end your career (well, maybe with the exception of the secretary and the
janitor). You can only cross the blue line once.

~~~
taakd
Grayshift isn't law enforcement though, they're a private company that is
creating DMCA violating products. Apple has every right to sue them, and
hopefully recover some compensation for how they have sullied Apple's brand.

~~~
joshka
As much as I hate the DMCA, I think this is the perfect suit with only upside:

1\. Apple loses. DMCA is weakened for legitimate security research. Yay

2\. Apple wins. My security in my person and belongings is strengthened
against unlawful interference. Yay

~~~
cynix
Wouldn't scenario 2 potentially strengthen DMCA and make it more difficult to
do legitimate security research in the future? That's quite a big downside.

~~~
joshka
Yes, but the obvious bounce back would be amendments called for by police to
the law. Which puts us back in scenario 1

