The FBI reportedly extracted data from a locked iPhone 11 Pro last year

iPhone 11 Pro
iPhone 11 Pro (Image credit: Joseph Keller / iMore)

What you need to know

  • The FBI reportedly extracted data from an iPhone 11 Pro Max in 2019.
  • A Forbes report states that FBI investigators in Ohio used a GrayKey to extract data from the device.
  • The lawyer of the accused in question confirmed the device was locked, as did the search warrant obtained by Forbes.

A Forbes report claims that the FBI was able to extract data from an iPhone 11 Pro Max using a hacking tool called GrayKey.

According to the report:

Last year, FBI investigators in Ohio used a hacking device called a GrayKey to draw data from the latest Apple model, the iPhone 11 Pro Max. The phone belonged to Baris Ali Koch, who was accused of helping his convicted brother flee the country by providing him with his own ID documents and lying to the police. He has now entered a plea agreement and is awaiting sentencing.

Forbes has reportedly confirmed with Koch's lawyer, that the device in question was locked, and that he was "unaware of any way the investigators could've acquired the passcode."

Koch had not given it to them nor did they force the defendant to use his face to unlock the phone via Face ID, as far as the lawyer was aware. The search warrant document obtained by Forbes, dated October 16, 2019, also showed the phone in a locked state, giving the strongest indication yet that the FBI has access to a device that can acquire data from the latest iPhone.

GrayKey is a tool created by Grayshift that can reportedly be used to break iPhone encryption and passwords. It's a small gray box that can be connected to two iPhones at a time, it can be used to brute force passwords, but it can also download an iPhone's entire file system to be viewed through a web-based interface.

It was reported in 2018 that Apple had patched the Gray Key exploit, such that it could only be used for "partial extraction", drawing out unencrypted files and some metadata. It is unclear from the report whether GrayKey and maker Grayshift has reworked its capabilities, or whether they were only able to complete a "partial extraction."

If the FBI was indeed able to extract data or unlock an iPhone 11 Pro Max using the tool, it casts serious doubt over calls from the Bureau and the US government to create a backdoor to encryption. It may well be that both are trying to drum up political support in order to push through legislation that could undermine mobile security permanently, a deeply troubling prospect.

Stephen Warwick
News Editor

Stephen Warwick has written about Apple for five years at iMore and previously elsewhere. He covers all of iMore's latest breaking news regarding all of Apple's products and services, both hardware and software. Stephen has interviewed industry experts in a range of fields including finance, litigation, security, and more. He also specializes in curating and reviewing audio hardware and has experience beyond journalism in sound engineering, production, and design.

Before becoming a writer Stephen studied Ancient History at University and also worked at Apple for more than two years. Stephen is also a host on the iMore show, a weekly podcast recorded live that discusses the latest in breaking Apple news, as well as featuring fun trivia about all things Apple. Follow him on Twitter @stephenwarwick9