The FBI confirmed on Monday what many people suspected: The San Bernardino iPhone can be unlocked without Apple’s help.
Using the services of a security company familiar with the inner workings of iOS 9 and the iPhone, the FBI cracked Apple’s security features. The agency bypassed the San Bernardino iPhone’s encryption and was able to retrieve the data stored on the iPhone using a mysterious technique that rendered phone’s the PIN protection useless.
As much as it would obviously like to, Apple can’t force the FBI to disclose the security hole, which means others could use a similar hack to break into iPhones in the future until Apple discovers the vulnerability and patches it.
The PIN or password you set for the iPhone’s lock screen is a crucial security measure that also encrypts the device. If the FBI or other agencies can hack the password, then everything on the device is exposed. That’s the kind of serious security issue that Apple would surely want to fix.
But as Ars Technica explains, the FBI is not obligated to disclose the hack, especially if it can be used to unlock other devices that are part of similar ongoing investigations.
“We cannot comment on the possibility of future disclosures to Apple,” a law enforcement official told Ars. The site reminds us that White House cybersecurity coordinator Michael Daniel announced in 2014 that authorities would disclose such vulnerabilities, but not in full. “[There] are legitimate pros and cons to the decision to disclose, and the trade-offs between prompt disclosure and withholding knowledge of some vulnerabilities for a limited time can have significant consequences,” he said while explaining the Vulnerabilities Equities Process.
The FBI’s San Bernardino shooting case might be one of those instances where the government does not want to disclose the vulnerabilities used right away.
Talking to various legal experts, Ars points out that there’s no legal requirement for the FBI to disclose its findings. The Bureau might have to explain the hacks used on iPhones in instances where unlocking the iPhone yields evidence that can be presented in court. But as long as that doesn’t happen, FBI can keep them secret.