[NewsPoster]

Despite evidence to the contrary, reports are circulating that it was not Cellebrite technology at the core of the San Bernardino iPhone 5c unlock. If rumors are to be believed, a cadre of "professional hackers" including ones that sell flaws to governments penetrated the phone using a zero day exploit in conjunction with a custom piece of hardware designed for the device, and other iPhone 5cs running iOS 9.

According to the Washington Post, the device had a four-digit passcode on it, and the FBI estimated that it would take 26 minutes to break through. Also according to the Post, some "Grey Hat" hackers were involved in the attempt, who "do not disclose the flaws to the companies responsible for the software, as the exploits' value depends on the software remaining vulnerable."

The Post cites sources who wish to remain anonymous. However, according to the Yedioth Ahronoth newspaper, Israel's mobile forensics specialists Cellebrite were utilized for the hack. Additionally, Celebrite signed a $25,000 contract with the FBI above and beyond its normal contract, on the same day that the FBI reported to the court that third parties had contacted the law enforcement agency with a potential intrusion method.

The FBI is discussing internally if it will disclose the flaw used to break into the phone to Apple. However, a Presidential executive order signed earlier this year may force it to do so, and use of information gained by the method in court would force the method's exposure in discovery.

[prl99]

It's really comforting when nobody can trust what the government or media says. Everything is based on anonymous sources making guesses or plain lies. Taxpayers have a right to know what our government is doing and who our government is paying with our taxes to do everything it does. That's called transparency in government, something I doubt we'll ever see. Maybe a FOI demand will show who's being paid to hack into our computers. Either way, paying a foreign company or a group of self-serving hackers sets a bad precedence for the FBI and is something I'd rather not see my taxes go to.

[Mike Wuerthele]

For what it's worth, I think the Post's report is intentional misdirection by the FBI.

[prl99]

@Mike, You might be giving the FBI too much credit to come up with that kind of misdirection. ;-)

Did you see that the California decryption bill was defeated? At least someone in that state's government has some sense. We'll see if the state legislators can talk some sense into Dianne Feinstein.

[Mike Wuerthele]

Yeah, I'm not sure that any of the bills are going to make it past discussion. They're written by knuckleheads who have no tech knowledge, and wave magic wands over problems.

[Inkling]

Welcome to the wonderful world of espionage. Wheels within wheels. Misdirection. Double and triple agents. Shielding the truth with a bodyguard of lies. The reality is that we'll never know what the FBI and CIA can do, or Apple for that matter. It's to their advantage to spread—to terrorists and the like—that they can do less than they actually can. And it's to the advantage of Apple & Kin, to give the contrary impression, meaning that their devices are more secure than they are. Even this much publicized squabble between the FBI and Apple could be misdirection. Indeed, the very fact that its so public might be taken as evidence that, off-stage, the two are the best of friends. They are, after all, both obsessed with secrecy. We'll never know. I'd go nuts working in such places. I did work in anti-SAM missile ECM many years ago, but that was a much simplier world. Simply don't talk about what I saw. There was no need to lie. This is quite different from that.