The FBI and Apple don’t have the most harmonious working relationship. The heavily debated, extremely public, month-long court battle to unlock the San Bernardino shooter’s iPhone 5c ended in the government hiring a mystery hacker to break into the phone (although the FBI won’t say how), and there are still a lot more questions that need to be answered.
But according to a Reuters report, the FBI actually is collaborating with Apple on product vulnerability. The only issue is that the specific vulnerability has already been fixed. An unnamed source from Apple told Reuters that “80 percent of iPhones are on a safe version of the operating system,” and the company doesn’t plan on releasing a patch to fix the security hole the FBI found.
The news here for that remaining 20 percent of iPhone users? Update or expect the information on your phone is hidden behind a figurative window. Because if the FBI can figure it out, you can assume that the rest of the hacking community will have no problem.
Who is vulnerable?
Reuters’ unnamed source decided against giving up any technical details on the vulnerability, but did say that the problem was fixed nine months ago. The FBI’s technological lag time is proven once again.
The vulnerability was fixed with the release of iOS 9 and Mac OS X El Capitan. Every updated device from there on is safe — about 80 percent of iPhones out in the world; if you’re still using an iPhone 4 (or older) or an original iPad, however, you can’t update to iOS 9 and will remain in the vulnerable 20 percent. Apple didn’t specify how many computers were still vulnerable in addition to the 20 percent of iPhone users who haven’t updated.
El Capitan operating system was released on September 31, and iOS 9 was released on September 9.
This isn’t the vulnerability the FBI used to break into the San Bernardino phone — FBI Director James Comey says those details can’t be released because the hacking method is owned by the private company that figured it out, according to The Wall Street Journal.
Apple and the FBI’s future relationship
This (already fixed) vulnerability is the first thing the FBI has reported under the Vulnerabilities Equities Program (VEP). The program encourages U.S. law enforcement to report hacking vulnerabilities it finds, and is meant to foster some good will between big tech and big brother.
Apparently Apple is not buying it. The unnamed Apple source told Reuters the flaw the FBI disclosed to Apple this month “did nothing to change the company’s perception that the White House process is less effective than has been claimed.”
If you want the safety of your devices to be better than Apple and FBI’s relationship, you should update to the latest version (if you can) and make sure you’re not in that 20 percent of vulnerable devices.