The FBI paid hackers to unlock the so-called iPhone of the San Bernardino terrorists. The task was achieved using a hardware tool able to jump over the four-digit personal password, without erasing the data of the phone. The bureau is now deciding if it should notify Apple about the software flaw.
According to sources who talked to the Washington Post, hackers received a one-time payment by the Federal Bureau of Investigation. In the world of technology, there are researchers who dedicate to discover bugs and vulnerabilities in software, to sell them to companies or to the U.S. government.
The FBI had previously stated that unlocking a four-digit code, could take them about 26 minutes. However, the iPhone has a feature that deletes all data contained in the phone after 10 failed tries, which complicates the cracking process.
Some reports had said that the Israeli company Cellebrite was involved in the hacking, a theory that has been denied by the Washington Post. It appears that people who collaborated with the U.S. government are called “white hats”, who received an economic benefit from discovering the unlocking method.
The U.S. government has to choose whether to tell Apple about this newly found vulnerability or not.
White hats do not negotiate with companies in charge of software since their work is based on making collaborations with governments. According to James B. Comey, FBI Director, the solution found between hackers and the bureau works only on iPhone 5s with iOS 9.
On the other hand, Apple announced last week that it is not interested in suing the government, for an explanation of the hacking process that allowed them to get access to the iPhone. Nonetheless, security experts have suggested that the government should collaborate with Apple to patch the vulnerability.
Comey said last week at the Ohio’s Kenyon College that if the government reveals data to Apple, the company is going to fix it and then they will be “back where they started from”. However, he said Monday in Miami that they are considering “whether to make that disclosure or not”, as reported by the Washington Post.
The White House said that federal officials can determine if they need to disclose any security leak. In 2014, White House Security coordinator Michael Daniel said that when the government finds out a new vulnerability, there is “a very strong bias towards disclosure”.
“That’s for a good reason. If you had to pick the economy and the government that is most dependent on a digital infrastructure, that would be the United States.” he added, according to the Washington Post.
Source: The Washington Post