Apple believes it can patch the iOS security exploit used by the FBI

iphone 5se hands on 02
Credit: Jason Snell

After a multi-week battle that saw Apple and the FBI duke it out both in court and in the court of public opinion, the FBI finally managed to access a locked iPhone used by one of the San Bernardino shooters. Ultimately, the FBI reportedly relied upon an exploit from an Israeli software forensics company called Cellebrite to bypass the iPhone's built-in security mechanisms.

While one might reasonably assume that this spells the end for what proved to be a contentious issue, that couldn't be farther from the truth. For starters, the DOJ has indicated that it won't think twice about seeking help from device manufacturers in future cases.

A DOJ statement on the matter reads:

It remains a priority for the government to ensure that law enforcement can obtain crucial digital information to protect national security and public safety, either with cooperation from relevant parties, or through the court system when cooperation fails. We will continue to pursue all available options for this mission, including seeking the cooperation of manufacturers and relying upon the creativity of both the public and private sectors.

As for the security exploit in question, the FBI has already begun sharing it with various law enforcement agencies around the country. What's more, the FBI went so far as to inform law enforcement agencies that they shouldn't hesitate to come forward if they have an iOS device that needs to be accessed.

"As has been our longstanding policy, the FBI will of course consider any tool that might be helpful to our partners," the FBI said in a statement. "Please know that we will continue to do everything we can to help you consistent with our legal and policy constraints."

Of course, it's not as if Apple is just going to sit idly by and watch an iOS security exploit proliferate freely through law enforcement agencies, thereby increasing the chances it eventually falls into the wrong hands.

On the contrary, sources close to Apple have indicated that the exploit being employed by the FBI will eventually leak and that Apple can and will patch up the security hole.

To this end, Reuters reports:

The FBI's method for breaking into a locked iPhone 5c is unlikely to stay secret for long, according to senior Apple Inc engineers and outside experts.

Once it is exposed, Apple should be able to plug the encryption hole, comforting iPhone users worried that losing physical possession of their devices will leave them vulnerable to hackers.

When Apple does fix the flaw, it is expected to announce it to customers and thereby extend the rare public battle over security holes, a debate that typically rages out of public view.

One important point to consider is that the iPhone at issue in the San Bernardino case was an iPhone 5c, which is to say that it predates Touch ID and therefore does not come equipped with the Secure Enclave that was released alongside the iPhone 5s. In other words, it's entirely possible that the exploit the FBi is currently taking advantage of may not work on more recently manufactured iPhones.

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Related:
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.