Aug 142019
 

Although the Alameda County Sheriff already had a Cellebrite cell phone extraction device it purchased in 2018 for more than $200,000, the Sheriff was recently awarded $30,000 to acquire GrayKey, which has similar functionality.

GrayKey box, from MalwareBytes

The Paul Coverdell Forensic Science Improvement Program grant is funded by the National Institute of Justice, the research, development and evaluation agency of the U.S. Department of Justice. The grant requires that the money be spent by December 31, 2019.

Acceptance of the grant was approved by the Alameda County Board of Supervisors on July 9, 2019.

The grant lists $30,000 for the “GrayKey Forensic Encryption Bypass Tool.” GrayKey is a tool for obtaining access to iPhones that are locked with a passcode or password. GrayKey is a product of GrayShift, a company cofounded by a former Apple engineer.

A May 14, 2019, quote from GrayShift lists the price of the Gray Key device as $500 plus $36,000 for an annual offline license for unlocking an unlimited number of phones. A first-year discount of $500 and a $75 domestic shipping and handling charge brought the total to $36,075.

Since the Cellebrite Universal Forensic Extraction Device (UFED) can access locked iPhones running up to iOS 12.3, it’s not clear why the Alameda County Sheriff felt the need to buy an additional tool to access locked phones. One advantage of the GrayKey is that it’s substantially cheaper than the Cellebrite device.

According to logs provided by the Alameda County Sheriff, its Cellebrite UFED has been used 30 times to attempt to gain access to locked cell phones. Information about whether the attempts were successful was redacted from the logs. The logs also show that Alameda County used its Cellebrite to attempt to unlock phones for the Piedmont Police Department, the Albany Policy Department, the Pleasanton Police Department and the UC Berkeley Police Department.

The Alameda County Sheriff received a grant in 2016 for $219,000 under the California State Homeland Security Grant Program to update its existing Cellebrite device. In its sole source documentation, the Sheriff stated, ” The upgrade is essential to allow the Crime Lab to unlock cell phones for investigative and evidentiary purposes and to extract information used in planning and/or execution of criminal and/or terrorist activities.” The sole source request was approved by the California Office of Emergency Services in a letter dated August 24, 2018.

Cellebrite devices are commonly used by law enforcement agencies to extract data from cell phones and are known to be used by the Alameda County District Attorney, California Department of Justice, Oakland Police Department, and San Leandro Police Department.