Stories
Slash Boxes
Comments

SoylentNews is people

Washington Post: The FBI Paid "Gray Hat(s)", Not Cellebrite, for iPhone Unlock

posted by n1 on Wednesday April 13 2016, @07:27PM   Printer-friendly
from the all-the-hats dept.

takyon writes:

The Washington Post reports that the FBI did not require the services of Israeli firm Cellebrite to hack a San Bernardino terrorist's iPhone. Instead, it paid a one-time fee to a group of hackers and security researchers, at least one of whom the paper labels a "gray hat". It's also reported that the U.S. government has not decided whether or not to disclose to Apple the previously unknown vulnerability (or vulnerabilities) used to unlock the iPhone (specifically an iPhone 5C running iOS 9):

The FBI cracked a San Bernardino terrorist's phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter. The new information was then used to create a piece of hardware that helped the FBI to crack the iPhone's four-digit personal identification number without triggering a security feature that would have erased all the data, the individuals said.

The researchers, who typically keep a low profile, specialize in hunting for vulnerabilities in software and then in some cases selling them to the U.S. government. They were paid a one-time flat fee for the solution.

[...] The bureau in this case did not need the services of the Israeli firm Cellebrite, as some earlier reports had suggested, people familiar with the matter said. The U.S. government now has to weigh whether to disclose the flaws to Apple, a decision that probably will be made by a White House-led group.

FBI Director James Comey told students at Catholic University's Columbus School of Law that "Apple is not a demon," and "I hope people don't perceive the FBI as a demon." What a saint.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Washington Post: The FBI Paid "Gray Hat(s)", Not Cellebrite, for iPhone Unlock | Log In/Create an Account | Top | 35 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Interesting) by Arik on Wednesday April 13 2016, @10:42PM

    by Arik (4543) on Wednesday April 13 2016, @10:42PM (#331329) Journal
    The FBI is certainly a major part of the problem here but you shouldn't let that obscure the rest of it.

    If we designed stuff for security this would be a very different situation. We don't, Apple actually does a better job than most, and they are HORRIBLE at it.

    And not just Apple but all their competitors as well *should* be expected to secure their devices at their own expense. Designing it in from the start is expensive, but patching an insecure design later much worse. They go with the latter simply because our legal system, combined with customer ignorance, allows them to externalize the costs of their crappy designs.
    --
    If laughter is the best medicine, who are the best doctors?
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Total Score:   2