After the Washington Post discovered that it wasn’t Cellebrite but a group of “grey hat” hackers who helped the FBI crack the San Bernardino shooter’s iPhone 5c, other issues surfaced: It looks as though Apple will not be informed about the zero-day vulnerability discovered by these hackers and used to bypass iOS security.
According to Reuters, the company helping the FBI crack the iPhone has sole ownership of the flaw, so it is unlikely that the government will disclose it to Apple, because the Vulnerabilities Equities Process cannot handle or reveal flaws that are discovered and owned by private companies, sources say.
The technology used to get into the phone was supplied by a non-US company, which sources declined to identify. The FBI probably has no details of the technique – it can just determine that it worked, government sources say.
You may recall that the government wanted to force Apple to crack the iPhone 5c used by one of the San Bernardino shooters, Syed Farook. Apple challenged the ruling, which ignited a legal and media battle between the two.
However, just a day ahead of the crucial hearing, the FBI made a surprise announcement: It had possibly managed to break the iPhone security, and may not need Apple’s assistance. After the confirmation of this info, questions regarding the Vulnerabilities Equities Process surfaced: Will the FBI disclose the flaw? Well, it looks as though it won’t.