Unlocking iPhone’s security system without the help of Apple has been a big win for the FBI, but the agency is least interested in sharing with Apple how it managed to do so. This raised concerns with the tech giant of a possibility that could put millions of iPhone users in danger.
“One way or another, Apple needs to figure out the details,” the Los Angeles Times quoted Justin Olsson, product counsel at security software maker AVG Technologies, as saying. “The responsible thing for the government to do is privately disclose the vulnerability to Apple so they can continue hardening security on their devices.”
However, the developments underlined a process which is kept away from the public knowledge. The government purchases hacking techniques and software for the purpose of law enforcement and counterterrorism efforts, without the affected company knowing about it.
In this case, everything happened before the world as the government and Apple Inc. made the matter a legal issue. Following the San Bernardino attack in December that killed 14 people, investigators discovered the iPhone of Syed Rizwan Farook, one of the shooters.
The US Justice Department immediately sought a court order to compel Apple Inc. to help the FBI unlock the phone. It was feared that repeated entry of the wrong password can delete data from the device.
But Apple refused to help the government, citing security reasons which may affect millions of other iPhone users. But FBI on Monday announced it no longer requires Apple’s assistance in unlocking Farook’s iPhone, as it has managed to hack it with help from a “third party.” Following the announcement the US Justice Department also dropped the case against the company.
The New York Post reported that, according to a senior law enforcement official, the FBI managed to crack an Apple security software that deletes data if a user fails to provide the right password after 10 tries. This allowed the FBI to repeatedly enter different guesses for the passcode until one clicks.
However, it still not clear how the agency managed to deal with a related security feature that introduces increasing time delays between guesses.