14 DAY TRIAL // The FBI did manage to unlock the San Bernardino iPhone with help from a group of hackers, but it appears that the bureau doesn’t actually know how they managed to break into the device and access the information stored on it.
Apple requested the FBI to share information on the hack in order to help the company patch the flaw exploited by the hackers, but according to a new report by Reuters, the agency actually has no idea about the unlocking method that was developed by the hackers it hired to do the job.
Citing Obama administration sources, Reuters reveals that so-called Vulnerabilities Equities Process might not be triggered in this case because the FBI has nothing to share. VEP is an internal process that reviews every single found technology flaw to try to determine whether it should be shared with companies whose products might be impacted or keep it secret for the US government in order to be used at a later date.
But since the FBI can’t specifically tell how the iPhone was hacked, there’s no need for such a review, sources explained, which in turn raises more concerns.
Apple expected the flaw to leak
According to recent reports, the FBI actually paid a group of hackers to break into the iPhone, and not Israeli firm Cellebrite. These hackers used an undisclosed vulnerability in iOS along with specially built hardware to unlock the phone.
Apple previously said that, despite the fact that FBI didn’t want to disclose the way it hacked the phone, the method was expected to leak and allow the company to develop a patch, especially because the bureau wanted to use it on other phones too.
But since the FBI has no idea how the hackers broke into the device, such information might never leak, as the group behind the unlock method clearly wants to keep everything secret for its own advantage.
This means that Apple not only can’t develop a patch, but its users also remain vulnerable to such exploits, although it’s very unlikely for the hack to ever become public and target a bigger number of devices.