Apple to publicize fix to FBI decryption method that is likely to leak
An Arkansas prosecutor’s office was the first local law enforcement agency to request the FBI’s help to decrypt a case-critical iPhone. It’s expected to be the first of many — we know of quite a few requests for Apple to decrypt iPhones that may be retracted and sent instead to the FBI.
“As has been our longstanding policy, the FBI will of course consider any tool that might be helpful to our partners,” the FBI said in a letter to local authorities. “Please know that we will continue to do everything we can to help you consistent with our legal and policy constraints.”
That help may prove to be short-lived if Apple’s engineers are on the money: they and others highly expect that the FBI’s decryption method will be leaked soon. As soon as the security flaw is patched, Apple is expected to publicly announce the patch.
Furthermore, even though the original San Bernardino case is over, an order for Apple to decrypt an iPhone in Brooklyn is still being contested and involves a device with a different version of iOS. The government could be compelled to disclose the method if the case continues on and if Apple’s attorney decides to call and cross-examine FBI engineers.
The “outside source” that provided the FBI with the decryption method may sell it out to other agencies potentially in other countries.
An Apple engineer speaking to Reuters on anonymity said that “flaws of this nature have a pretty short life cycle. Most of these things do come to light.” The company will likely publicize the fix to assuage customers’ privacy concerns, but also extend digital privacy’s viability as a public issue.