In a strange pseudo-ending to an already strange case, the FBI paid professional hackers to break into the iPhone of the San Bernardino terrorist a little while ago. The hackers were able to exploit a
software flaw, which was used to create a piece of hardware that allowed them to bypass the security feature that would have wiped all the data from the phone before they could access it.
The FBI has since retracted the suits it filed against Apple. Now, though, the company the FBI paid has the legal right to the method used to break into phones. One of two things usually happens
with these kinds of events: the NSA keeps the information about the flaw to themselves so they can exploit it, or a few government agencies get together and decide whether the information should be
made public.
There is apparently a big market for security flaws in various technical systems, with defense contractors selling the flaws for millions of dollars.
The FBI is still
considering whether or not they’ll share this information with Apple, but it would need permission from the company that hacked it in order to even consider sharing it.
So what did we
learn from all this?
We learned that the government will continue to pressure businesses into compliance in the name of security. We learned that businesses probably have legal footing to push
back. We learned that information on personal devices is about as secure as a lock on a door (which is not very secure at all when someone who knows what they're doing wants in). And we learned that
the bully pulpit is a powerful tool for businesses who find themselves in compromising positions.