To Appear Helpful, FBI Tips Apple an iOS Security Flaw That was Fixed 9 Months Ago
The FBI has decided not to share the details of the iPhone 5c hack with Apple, however, to appear helpful the Federal Bureau of Investigation gave the tech giant its first security tip-off on April 14th.
FBI-Apple drama continues…
In the latest battle over encryption, the agency pulled back from a legal fight after a private party helped it in unlocking the iPhone involved in the San Bernardino shootings. Apple and others were pushing FBI to share the details of the hack to help Apple patch the vulnerability. However, the FBI has decided not to do so. In order to appear cooperative with the tech industry, the agency has now shared its first ever security tip under the Vulnerability Equities Process. The process was put in place in 2014, and is meant to “balance law enforcement and U.S. intelligence desires to hack into devices with the need to warn manufacturers so that they can patch holes before criminals and other hackers take advantage of them.”
The disclosure of this security flaw reported by the FBI, however, is useless as it was patched nine months ago in iOS 9 and OS X. Apple has said this is the first time FBI has given information over to the company, something that is useless anyway. Since it was more of a show than a meaningful cooperation, Apple believes that this month’s security tip-off did nothing to change the company’s perspective about the White House process being less effective than it’s claimed to be. “The move may have been an effort to show that it [FBI] can and does use the White House process and disclose hacking methods when it can,” Reuters reported.
Reuters reported earlier this month that the FBI believed it did not have legal ownership of the necessary information and techniques for breaking into the iPhone so would not be able to bring it to the White House for review under the equities process.
The day after that report, the FBI offered information about the older vulnerabilities to Apple. The move may have been an effort to show that it can and does use the White House process and disclose hacking methods when it can.
The flaw the FBI disclosed to Apple this month did nothing to change the company’s perception that the White House process is less effective than has been claimed, said an Apple executive who declined to be named.
Though he declined to provide technical details, the executive said the problem had been fixed by the company nine months ago, with the release of iOS9 for phones and Mac OS C El Capitan.
The FBI paid an outside party over $1.3 million to break into the iPhone 5c. “Are we aware of a vulnerability or did we just buy a tool and don’t have sufficient knowledge of the vulnerability to implicate the (review) process,” director James Comey said at a cyber security conference this Tuesday.