New report claims gray hat hackers, not Cellebrite, helped crack San Bernardino iPhone
Apple might never get to find out exactly how law enforcement managed to elude its “impenetrable” iOS encryption on an iPhone 5c owned by a San Bernardino shooter at the time of the heinous 2015 attack, but another important piece of the unlocking puzzle may have just been uncovered.
Forget everything you thought you knew about the nature and authors of the cyber-intrusion, as “people familiar with the matter” tell The Washington Post it was actually “professional hackers who discovered and brought to the bureau at least one previously unknown software flaw.”
No Israeli manufacturer of data extraction, transfer and analysis devices was therefore involved, and no other security-focused enterprise of sorts. Just a nameless, faceless group of good old fashioned, “shadowy” hackers, who were paid a “one-time flat fee” for their help.
Once they came upon the mysterious system vulnerability, designing a piece of hardware allowing the FBI to try unlimited combinations of numbers before getting the four-digit PIN right was probably a piece of cake. Previously, all the information stored on the phone would be erased if the passcode was entered incorrectly ten times.
Of course, it must be frightening for Cupertino that e-mercenaries easily found a way into a locked iPhone provided the suitable incentive, i.e. a nice chunk of change. At the same time, the FBI should have its own concerns regarding the apparent lack of a “code” for these so-called “gray hat” hackers, which don’t serve good or evil. They merely go where the money is. And next time, that could be ISIS or North Korea.
Finally, Apple will rest assured knowing at least this particular hack only works on iPhone 5c units running iOS 9. But what about the next one?
Source: The Washington Post