The ongoing battle between Apple and the FBI over bypassing an iPhone’s security during a criminal investigation took an interesting turn last week, when the government abruptly dropped its court appointment, saying it had found another method to get inside the iPhone 5c at the middle of San Bernardino terrorism case. Unfortunately for the FBI, this new trick for bypassing Apple’s encryption is unlikely to remain a secret for long.
Several security experts, along with senior Apple engineers, have spoken to Reuters, explaining that one way or another, the method used for breaking into the device will leak beyond government agencies. This will be good news for consumers concerned with privacy, as the information will make its way to Apple, and then they’ll be able to close the hole in their encryption.
“The FBI would need to resign itself to the fact that such an exploit would only be viable for a few months, if released to other departments,” said independent forensics expert Jonathan Zdziarski. “It would be a temporary Vegas jackpot that would quickly get squandered on the case backlog.”
The exploit could become widely known in a number of ways, such as the FBI sharing the information with other law enforcement agencies, or the source of the security bypass, which the FBI has not revealed, could choose to sell or give the method to other parties, or even other countries.
In the event the FBI tries to keep the exploit a secret from everyone else, future criminal cases where the method is used will make their way to court, giving defense lawyers the opportunity to question and investigate how an iPhone was breached.
“Flaws of this nature have a pretty short life cycle,” said an Apple engineer speaking on the condition of anonymity. “Most of these things do come to light.” Unfortunately, once Apple address the flaw, either in an iOS update or with future iPhone models, the FBI is likely to return to demanding their cooperation, and then we’ll be right back where we were a week ago.