Federal judge: FBI doesn’t have to reveal details of iPhone hacking tool
A little-known Atlanta, Ga.-based tech outfit appeared seemingly out of nowhere this month with a bold claim — that it can crack the passcodes on even the most recent iPhones, a feat managed by only a select few.
Grayshift wasn’t widely known until Forbes blew the lid on the company earlier this month — likely because the company’s main clientele are police departments and local law enforcement divisions.
The company is founded by Justin Fisher (whose LinkedIn profile currently only shows he works at a “private company”) and Braden Thomas, a former Apple security engineer, who spent six years at the technology giant from 2006.
But little is publicly known about the company, including its flagship product, GrayKey, a $15,000 unlock tool that promises in marketing materials to be able to obtain the passwords on iPhone 5s devices and newer. The box is said to be able to tap into even the latest iPhone 8 and iPhone X handsets, running the latest iOS 11 software.
That has to hurt the iPhone’s security reputation. Apple has long been seen as a champion of strong device security, including rolling out zero-knowledge device encryption so that even the company can’t be forced to unlock a person’s phone.
The box, small enough to fit in your hand, uses an unknown exploit to guess the device’s password again and again — known as brute-forcing — and to gain access to the iPhone’s encrypted contents.
Apple’s Secure Enclave makes it difficult to brute-force the password on an iPhone by limiting how many times a user can attempt a password unlock. Bypassing that rate limit can vastly speed up the unlocking process.
Security firm Malwarebytes also obtained information on the device and wrote-up a technical post on the technology. Once the box has determined the password, it displays the code on the iPhone screen. Four-digit passcodes can take minutes to a few hours, but six-digit passcodes — now the default on iPhones — can take three days or longer to crack. But that’s still a significantly shorter amount of time than other known phone-cracking techniques.
That password gives the GrayKey operator full access to the device’s file system (messages, photos, call logs, browsing history, keychain and user passwords — everything).
It’s a similar technique that rival firm Cellebrite, an Israeli phone-cracking company, uses to gain access to devices, when hired by law enforcement.
But the price of the box, which is significantly cheaper than Cellebrite’s technology, has police departments around the US scrambling to buy the technology.
According to marketing materials posted by Forbes, police can buy one of two devices. The $15,000-a-year license unlocks 300 devices and requires an internet connection to enforce that limit. That internet connection also locks the device to the network, preventing anyone from using the device on any other network.
By comparison, police usually spend about $1,500 on each device unlocked by Cellebrite. In one case last year, in the wake of the San Bernardino shooting, the FBI spent about $1 million on breaking into an iPhone used by one of the killers.
According to documents obtained by Motherboard, several local police departments in Indiana have already inquired and bought the technology. In our own findings, several local New York police departments have spent tens of thousands on GrayKey’s technology.
The company also offers a $30,000 standalone unit that has no phone-cracking limits. It’s that more expensive box that has security experts worried.
Law enforcement agencies have long argued that they need access to devices, when they have obtained a lawful search warrant, to help with their investigations. But security experts have also said in response that if there’s a way in that allows police access to encrypted data, hackers could also get that same access and use it for their own gain.
The exact nature of how the GrayBox exploit works isn’t known — or for that matter, if it even works. It’s also not known what protections are put into the device to stop unauthorized access of the technology.
“We don’t know whether sales are limited to US law enforcement, or if it is also selling in other parts of the world,” said Malwarebytes’ Thomas Reed in a blog post.
“Regardless of that, it’s highly likely that these devices will ultimately end up in the hands of agents of an oppressive regime, whether directly from GrayShift or indirectly through the black market.”
Video: How to check if your iPhone battery needs to be replaced
When Apple released iOS 11 in the fall, it included a feature called Emergency SOS on iPhone and Apple Watch. It enables users to automatically call for help and alert contacts in the event of an emergency. If you hold down the iPhone’s side button and volume button long enough, emergency services will be contacted.
When Auto Call is enabled on an iPhone and an emergency call is started, your device begins a countdown and sounds a loud alert. After the countdown ends, your iPhone automatically calls 911 in the US.
Even with Auto Call disabled, you can still use the Emergency SOS slider to make a call after holding the side button and volume button on iPhone X and iPhone 8.
To make a call on iPhone 7 or earlier, rapidly press the side button five times, and the Emergency SOS slider will appear.
To make a call on Apple Watch, press and hold the side button on your wearable until the Emergency SOS slider appears.
In February, our sister site CNET detailed an influx in recent months of false alarm 911 calls to Sacramento, Calf., emergency dispatchers from an Apple repair center in nearby Elk Grove, Calif. Dispatchers receive as many as 20 accidental emergency calls a day from Apple.
Jamie Hudson, a police dispatcher, told CBS Sacramento:
“We’re able to see quickly where the call is coming from, so when we get one from Apple, the address will come up with their location.
The times when it’s greatly impacting us is when we have other emergencies happening and we may have a dispatcher on another 911 call that may have to put that call on hold to triage the incoming call.”
Apple responded in a February statement: “We’re aware of 911 calls originating from our Elk Grove repair and refurbishment facility. We take this seriously and we are working closely with local law enforcement to investigate the cause and ensure this doesn’t continue.”
iOS 11 bugs are now so commonplace that they appear in Apple’s ads for the iPhone X.
CES and MWC are over and it’s time to clear the dust and see what smartphones are leading the pack this year.
Video: Apple beats Fitbit and Xiaomi to the top wearables spot
Fitbit, it appears, is no longer discounting the fact that wearable customers want the best of both worlds: A fitness band that is capable of tracking everything from sleep to workouts while providing access to an app store, notifications, and other smartwatch-like features.
At a private event on Monday, the wearable company announced two new hardware products and several new software initiatives.
First up is Fitbit Versa, a wearable Fitbit is tagging as a “smartwatch for everyone.”
Reminiscent of a watch one would have expected from Pebble (Fitbit acquired Pebble in late 2016), the Versa is the first smartwatch from Fitbit that looks like a modern smartwatch and not a fitness device trying too hard to look like a watch.
The Versa boasts Fitbit’s staple feature set: PurePulse heart-rate tracking, four-day battery life, smartphone notifications, auto activity and sleep tracking, waterproofing up to 50 meters, and on-screen workouts. As for GPS, the Versa will require a nearby smartphone to map runs.
Additionally, to add a smartwatch flair to the wearable, the Versa has access to the same selection of apps and clock faces as the Fitbit Ionic.
There are two different versions of the Versa. The core of the Versa lineup includes black, peach, or gray models. Special-edition models are available in charcoal or lavender, and those include the Fitbit Pay wireless payment platform.
As with the Ionic, the Versa will include support for storing music on the watch and connecting to any Bluetooth headphones for playback during a workout.
The Versa is available for preorder starting March 13 and will begin shipping to customers in April. The core Fitbit Versa line will retail for $199 each, while the special-edition models will cost $229 each.
In addition to new hardware, Fitbit is announcing an update to the operating system on its Ionic and Versa watches. Coming this spring, Fitbit OS 2.0 will add the ability to reply to message notifications directly from the watch as well as personalized fitness stats or graphs directly on the watch.
The company said it is working on bringing notification replies to iOS, but it stopped short of saying how or when. Pebble had figured out how to provide some reply functionality for iOS users with various workarounds, so I’d imagine Fitbit is exploring options such as linking the Fitbit app directly to a Gmail account and using it to send replies.
Later this year, Fitbit plans to begin proactively alerting users with personalized recommendations. For example, if a user has a particular day of the week that’s historically shown to be a day he or she isn’t all that active, the user would receive an alert with encouragement to move more on that specific day.
Another area of focus for Fitbit in 2018 is going to be women’s health. More specifically, Fitbit will add tools to the Fitbit app as well as its smartwatch lineup to help women track their menstrual cycle and overall health.
The cycle tracker will monitor days of a cycle, estimate fertile windows, and monitor additional aspects of a woman’s reproductive health.
According to Fitbit, cycle tracking has consistently been in the top five requested features by Fitbit users, with an estimated 24 percent of women currently using some sort of app to track their cycle.
The women’s health features as well as Fitbit OS 2.0 will be available this spring as a free update.
As someone with kids in elementary school, I often notice a large number of kids in their classes wearing some sort of activity trackers. From what I’ve gathered, most of the bands are Xiaomi’s Mi Band; it’s inexpensive and has up to 30 days of battery life.
Fitbit’s approach is a bit different from Xiaomi’s in that the Fitbit Ace will cost $99 and can go an estimated five days between charges — and, more importantly, it’s a device built specifically for kids ages eight and up.
Fitbit developed a new family feature, where parents can create their child’s Fitbit account and control what the child can see within the app, as well as monitor friend requests. The children’s version of the Fitbit app will detail active minutes, sleep stats, goals, challenges, and any unlocked badges.
Children can sync the Ace with an iOS or Android device, with caller ID support for those with a phone.
Ace has a lot of the same design characteristics as the Fitbit Alta, just with smaller wrist bands for a better fit. It will be available in blue and purple, and it’s available for preorder starting March 13. Fitbit Ace will begin shipping in the second quarter of 2018.
Along with Fitbit’s new smartwatch, it is launching an attractive complementary Bluetooth headset to help people enjoy music while exercising with the new Ionic watch.
Fitbit’s grand plan to pivot to software, data and services in the healthcare industry makes total sense. The big question is whether it’ll have the time to pull it off use its device business to fund a business model pivot.
A couple of years ago, I bought a Neato Botvac to help with the daily vacuuming required on our hardwood floors due to the dog hair from my chihuahua and pomeranian, not to mention the five people living at home. It was great, but also a bit of a pain, because long magnetic strips had to be laid down to prevent the vacuum from crossing into areas with thick carpets or fragile items that could break when bumped.
The new Neato Botvac D7 Connected improves significantly over my older model with laser mapping, smartphone controls, and smart home integration.
The Botvac D7 Connected brings Neato FloorPlanner that uses Neato’s LaserSmart technology to map your floor plan so you can establish No-Go lines in the floor plan to prevent the vacuum from entering those areas. I plan to use these No-Go lines for designating areas where I have a very thick floor rug, another area where we have dog pens, and an area in my dining room where chairs that don’t like to get bumped reside. These No-Go lines are also useful for areas where you setup a Christmas tree, areas that are being used as play areas with lots of toys, and more.
The new D7 Connected also has two different suction modes, an ultra-performance filter, and an improved brush system. The LaserSmart technology helps the robot vacuum navigate rooms successfully, even in low light environments.
The top informational LEDs on the vacuum provide glanceable status of the vacuum. The top dirt bin is easy to remove, clean, and reinsert. The bumpers are quite sensitive too so you won’t be trashing the legs on your furniture.
I am particularly interested in the iOS and Android support where you can setup, configure, and manage this vacuum. There are also Apple Watch and Android Wear apps so you can control the D7 Connected from your wrist.
You can also setup and control the Neato Botvac D7 Connected with your voice through Amazon Alexa and Google Home. As a Google Home household, this capability will be used by my family much more than the smartphone app.
The Neato Botvac D7 Connected is available now from Bed Bath & Beyond and Best Buy with a MSRP of $799.
A review unit arrived a few days ago, and after a couple weeks of testing, I will post a full review here on ZDNet. Please let me know if you have any questions on this new vacuum as I test it out.
The Ecovacs Deebot R95 is the most affordable high end robotic vacuum that gives you full control over your cleaning experience while also making sure the job is done well.
Video demonstrates the flexibility of robots that run on air
While most users seem oblivious to iOS annoyances, visual design changes quickly become one of those “love-it-or-hate-it” things. And no iPhone design feature has been as controversial as the “notch.”
But if a report by ETNews is correct, this feature could be gone by 2019.
According to the report, Apple will dump the “notch” used to house the 3D sensor and camera module at the top of the display and move to a full-screen design where the components are embedded into the display.
What’s interesting is the reported reason for this move. It’s not because of customer feedback.
“Apple is looking for another strategy that will differentiate itself when Chinese Smartphone manufacturers are imitating and applying notch design to their new Smartphones.”
So it seems that in a few months the iPhone X “notch” has become so iconic that it’s already being copied.
This report, although rather light on details, doesn’t surprise me.
The “notch” was always a design compromise, and there were plenty of credible rumors in the run-up to the unveiling of the iPhone X that suggested Apple was working on embedding sensors into the display in 2017. The timeline for the elimination of that “notch” doesn’t surprise me either. To eliminate it after a year would make it obvious that it was a mistake, so 2019 feels right. It also gives Apple a chance to refine the technology, both in terms of the hardware, display yield, and cost.
Although there are some who think that this “feature” is going to hang around for some time to come.
So if you fancy spending a thousand dollars on an iPhone, but don’t like that “notch,” you have a while to save your pennies.
Video: Samsung Galaxy S9: Checking out the specs
The Samsung Galaxy S9’s display has been given an A+ and ranked the best-performing OLED screen on the market, according to test outfit DisplayMate.
Apple’s first ever OLED smartphone, the iPhone X, earned that title from DisplayMate last year with its full HD 2.5K 2,436 x 1,125-pixel resolution display. The iPhone X set records for high absolute color accuracy, screen brightness and performance in ambient light.
But the Galaxy S9 is now the smartphone to beat, despite having the same 2,960 x 1,440-pixel resolution and 5.8-inch display as the Galaxy S8, thanks to Samsung using its manufacturing prowess to target display qualities that matter, such as color accuracy, brightness, outdoor visibility, and reflectivity.
The Galaxy S9 matched or surpassed DisplayMate’s records for absolute color accuracy, luminance shifts, peak display brightness, native color gamut, contrast ration, screen reflectance, contrast in ambient light, viewing-angle handling of brightness and color variation, and its 3K screen resolution.
Instead of packing more pixels into its OLED hardware, Samsung uses precision display calibration to optimize picture quality and color accuracy.
The result is that the Galaxy S9 is “almost certainly considerably better than your existing smartphone, living room 4K Ultra or HDTV, tablet, laptop, and computer monitor based on our detailed lab measurements,” wrote DisplayMate.
Unveiled at Mobile World Congress this week, the Galaxy S9’s Snapdragon 845 should make it an extremely fast phone, and it comes with improved cameras, speakers, and a fix for the S8’s awkwardly placed fingerprint reader.
The S9 and S9 Plus start at $720 and $860, respectively, in the US and will be available for preorder on March 2.
DisplayMate notes that Samsung needn’t deliver 4K 3,840 x 2,160 pixels on a smartphone, which would put a burden on memory and processors, yet wouldn’t improve what people see in reality.
OLED displays are taking over the high-end smartphone market due to several advantages they have has over LCDs, including being better suited to edge-to-edge designs, brighter, flexible and more power efficient.
Samsung’s launch of the Galaxy S9 and S9 Plus at Mobile World Congress just five months after the Galaxy Note 8’s release sets up a nice debate over how the company should approach its innovation cadence.
Qualcomm’s Snapdragon 845 chipset so far lives up to the claim it’s 25 percent faster than the Snapdragon 835.
Samsung is betting that camera improvements will spur an upgrade cycle to the Galaxy S9 and Galaxy S9 Plus. Here’s a look at the enterprise angle, specifications, deals, DeX, and competitive landscape to help you decide.
Video: How to check if your iPhone battery needs to be replaced
A Canadian law firm has filed another class action lawsuit against Apple for secretly throttling performance on iPhones with aged batteries.
The suit, filed by Ontario law firm Rochon Genova, argues Apple’s omission of details about performance management features in iOS 10.2.1, 10.3, and 11.2 violated sections of Canada’s Consumer Protection Act, and accuses the iPhone maker of breach of contract, deceit, neglect, fraudulent concealment, and unjust enrichment.
The class action’s lead plaintiff, Cherif Saleh, bought an iPhone 6 in 2015 and claims to have experienced slowdowns after installing two of the updates before iOS 11.2 “rendered his iPhone 6 unusable”.
Saleh argues that Apple Support advised him to buy an iPhone 7 or later model because only those models could properly support recent iOS updates. He then bought an iPhone X in October.
The class action is seeking $500m in damages or another sum determined by the court on behalf of every Canadian resident who bought an iPhone 6, 6 Plus 6s Plus, SE, 7, and 7 Plus. As the document notes, over half of smartphone users in Canada rely on an iPhone.
MacRumors reports that Apple now faces 59 class action suits in 16 courts in the US, which includes 30 filed in the Northern District of California. Since many of the lawsuits have overlapping claims it’s likely they’ll be merged.
The publication notes that the US Judicial Panel on Multidistrict Litigation will consider merging dozens of iPhone slowdown complaints at a hearing set for Thursday, March 29, in Atlanta, Georgia.
iPhone-throttling cases have been piling up on Apple since December when it admitted slowing down the performance of some iPhones with batteries that had deteriorated through the passage of time and recharging.
By January it was already facing 32 performance-related class action suits in the US and probes from regulators in multiple countries.
As the Canadian class action complaint stresses, Apple began slowing down iPhones in 2016 but only admitted to the practice after Geekbench developer John Poole analyzed the performance of iPhone 6s and iPhone 7 models with the relevant iOS updates and identified widespread slowdowns.
Apple apologized for the way it managed iPhone performance and batteries, and for the way it communicated its methods.
Apple CEO Tim Cook has since said that “maybe we should have been clearer” about what the updates did to iPhones. However, Apple denies intentionally shortening the life of Apple products or degrading the experience to spur new sales.
Apple has developed new battery-health monitoring features for iOS 11.3, which is currently in beta. The feature will allow users to disable power management but it can’t be re-enabled until after an unexpected shutdown occurs.
Apple’s response to being caught throttling older iPhones has been shockingly bad.
In a recent interview, Apple CEO Tim Cook acknowledged the company should have been clearer with iPhone owners.
More lawsuits land at Apple’s feet over its decision to slow down iPhones with older batteries.
Benchmarking firm Futuremark has released the results of 100,000 iPhone tests to settle the question of whether your iPhone really does get slower over time.
This year’s flagship phones like Samsung’s Galaxy S9 look set to be fast, based on preview benchmarking tests of Qualcomm’s new Snapdragon 845 chipset.
ZDNet’s sister site CNET got the chance to test the Snapdragon 845 on a Qualcomm reference phone to check if it met the chip maker’s claim of a 25 percent speed increase over the Snapdragon 835, the chipset that powered most of 2017’s Android flagships.
CNET ran a dozen benchmarking tests on the 845 reference phone multiple times and compared the results with the same tests carried out on the Galaxy Note 8, a Pixel 2 XL, which all run on the Snapdragon 835.
The 845 device indeed was “at least 25 percent faster than the best score on all but four tests out of the dozen”, according to CNET’s Jessica Dolcourt.
The tests included well-known benchmarks such as AnTutu, Geekbench 4.0, Kraken, Octane, Sunspider, and Jetstream. The tests measure computing power, graphics, and web performance, offering an indication of the performance potential of devices powered by the processor.
Qualcomm announced the Snapdragon 845 in December, revealing it will consist of a Kyro 385 CPU, Adreno 630 GPU, and the latest Qualcomm X20 LTE modem. The chipset will also record 4K Ultra HD premium video and offers the ability to capture more colors than before.
The chipset’s Spectra 280 image signal processor should improve photos, while its 3D face-mapping support will open the door for Android phone makers to compete with Apple’s Face ID facial-recognition system on the iPhone X.
Other improvements include the promise of a longer battery life, faster mobile and Wi-Fi speeds, more powerful AI, and Bluetooth 5 support for broadcasting to multiple speakers.
So far, only Xiaomi has confirmed it will use the Snapdragon 845 in its forthcoming flagship, the Mi 7. However, Samsung’s Galaxy S9 is expected to be one of the first available with the chipset.
Samsung in January confirmed it will unveil the Galaxy S9 at Mobile World Congress, which kicks off in Barcelona on February 26. It is expected to use the Snapdragon 845 in some markets and its own Exynos chipset for some regions.
Images of the purported Galaxy S9 and S9+ leaked by Evan Blass suggest the Galaxy S9+ will have dual rear cameras.
Qualcomm took the stage to introduce its next-generation mobile platform, the Snapdragon 845. Notably, the new chipset will feature 4k HDR video capture and improved AI processing.
Samsung will ship its flagship Galaxy S9 and Galaxy S9 Plus on March 16, according to a new report.
So, how does the latest iOS 11.3 public beta handle an iPhone crashing due to a worn battery? Well, I happen to have an iPhone in the lab that is awaiting a battery replacement, and after stress testing it for a few hours I managed to cause a crash.
On restarting, you will see a notification informing you that This iPhone has experienced an unexpected shutdown. Heading over to Settings > Battery will show you this screen:
Clicking on that Disable… link brings up the following:
Choosing to disable performance throttling cannot be undone, although the throttling will be re-enabled if the device crashes again.
What are the side-effects of disabling performance throttling? Put simply, it’s the risk that your device will crash again in the future. And if the battery is worn, it’s likely that it will happen again, with the probability increasing depending on how worn the battery is (the battery in the iPhone I crashed is at 82 percent of its maximum capacity and it didn’t take me a long time to make it crash).
If you want access to the public beta, you need to sign up. You can do that here. Before you go any further, you might want to take a look at my list of precautions and caveats related to running beta software on your iPhone. While you can easily roll back from running the beta, it’s possible for the beta to cause havoc in the meantime.
Note that this feature applies only to the iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, iPhone SE, iPhone 7, and iPhone 7 Plus.
Video: How to check if your iPhone battery needs to be replaced
Late last year it came to light that Apple has included code in the iOS operating system that throttles the performance of iPhones if the battery is showing signs of wear. The good news is that Apple will carry out a battery swap for $29, but how do you know if it will help?
Now, you could just throw $29 at Apple and hope that this will speed up your old iPhone, giving it a reprieve. Problem is, an iPhone that’s just slow might not be slow because iOS is throttling the performance, and won’t benefit from a battery swap (other than the fact that you get a fresh battery that’s likely to extend the lifespan of your device).
But there’s a way you can tell if your iPhone is being throttled.
Simple, all you need is an app called CPU DasherX. This $0.99 app will give you access to the CPU frequency of your iPhone’s processor. Here’s a report I pulled from an old iPhone 6 Plus I have in the lab. It’s running slow, but is it running slow because iOS is throttling it?
Compare the number that the app pulls up with what your iPhone’s CPU speed should be (you can get this information by doing a quick search online — I find Wikipedia to be a good resource), and if the numbers match up, your iPhone isn’t being throttled (as is the case with my old iPhone 6 Plus). But if the CPU frequency that the app shows you is half what it should be, then your iPhone is experiencing a throttling issue, and replacing the battery would restore performance.
There’s also a way to test how worn your iPhone’s battery is. Unfortunately, you need access to a Mac, and you need to use third-party software to do this. The third-party software you need is called coconut Battery, and you need a Mac because there’s no Windows/Linux version of the software available.
After you’ve downloaded and installed the software, you can take advantage of the 14-day free trial to test your iPhone’s battery. With your iPhone connected to the Mac running coconut Battery, you get access to metrics about your iPhone that can help you determine if it’s worth spending $29 on a new battery.
Here’s a report from my aging iPhone 6 Plus:
There are three metrics worth looking at:
According to Apple, the iPhone’s battery is designed to retain up to 80 percent of its original capacity at 500 complete charge cycles, so if the full charge capacity is less than 80 percent of the design capacity, or the recharge cycles exceed 500, then your battery is considered worn.
In my example, the full charge capacity is well above 80 percent of the design capacity, but I have three hundred additional recharge cycles, which means the battery is getting on a bit. However, the only benefit I’d get from a battery replacement right now is increased lifespan since the device isn’t being throttled.
Another way — albeit more cumbersome — is to install the latest iOS 11.3 public beta. First off, if you want access to the public beta, you need to sign up. You can do that here. Before you go any further, you might want to take a look at my list of precautions and caveats related to running beta software on your iPhone. While you can easily roll back from running the beta, it’s possible for the beta to cause havoc in the meantime.
After you’ve installed iOS 11.3 public beta, head over to Settings > Battery. There you will see a new option labeled Battery Health (Beta). Click on this to find out more about your battery.
Note that this feature applies only to the iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, iPhone SE, iPhone 7, and iPhone 7 Plus.
If your device is operating normally, this is what you’ll see:
If your battery is worn, you’ll see this:
If the battery is worn you will be offered the ability to disable performance throttling, as well as get information on how to get the battery replaced. Note that if the iPhone experiences an unexpected shutdown as a result of battery performance, power management will be turned back on.