Third Party Hacks San Bernardino Terrorist iPhone, Ending Standoff Between Apple and FBI
The U.S. Justice Department announced yesterday that the third party who came forward and convinced the FBI that it could unlock the San Bernardino terrorist’s encrypted iPhone successfully unlocked the encrypted iPhone, ending the standoff between Apple and the FBI. The government informed the court in its filing yesterday that it had successfully retrieved the data stored on the encrypted iPhone and no longer required assistance from Apple.
According to Silicon Beat‘s reporting, at least one founder of an advocacy group, Tiffiniy Cheng, co-founder of Fight for the Future, is predicting that this standoff “will go down in history as one of the FBI’s biggest public relations failures.” This general perception that the government has been the big loser in this matter has been the prevailing view among many commentators.
The Wall Street Journal, however, suggested in its reporting that a contrarian view has developed that “Apple’s credibility could be questioned” since clearly the iPhones do have security flaws that can in fact be exploited. Also, The Wall Street Journal reported that this contrarian view suggests that the episode may “complicate the government’s position the next time” it seeks court-mandated help from a software company over an encryption issue.
The government has been silent on the source of the encryption unlocking assistance it has received; however, Tech Crunch and International Business Times reported that the mysterious third party was the Israeli company Cellebrite, which the government has a long history of working with.
Regardless of the identity of the third party providing the assistance, as The New York Times has reported, the very fact that a security flaw was uncovered that Apple was unaware of may serve as a wake-up call to Apple that it may want to rethink its policy on refusing to pay hackers that identify security flaws in its software. According to The New York Times, it is a standard practice in the industry to pay hackers who identify security flaws that could be exploited for malicious purposes–a practice that Apple has refused to adopt–which has caused a huge underground market to develop for the sale of information on Apple security flaws.
In the meantime, while this particular chapter in the encryption battle has been closed, the Department of Justice’s appeal in the New York case over the unlocking of an iPhone continues on. There is no word yet if the solution uncovered in the San Bernardino iPhone matter will also work with the iPhone in the New York case, although Reuters is reporting that Apple has already raised that question in New York court filings. Also, as the Silicon Valley Software Law Blog reported previously, a potential encryption fight over WhatsApp also remains on the Department of Justice ‘s plate that has yet to be resolved. Thus, it seems likely the debate over the encryption issue will be renewed in the foreseeable future over another software encryption matter.
While legal observers may be disappointed to see that fight postponed for another day, I would argue that Americans should be relieved that the right result was finally achieved in this case.