The way the FBI tells it, the encryption on Apple’s iOS is so secure, nothing can break it. Well, not so fast. As reported by the Washington Post, researchers at Johns Hopkins University say they’ve found a bug that allows them to break the encryption of iMessages, decoding photos and videos.
The method requires the data to be in transit, not stored, so it wouldn’t actually help in the case of the San Bernardino shooter’s locked iPhone. By writing software to mimic an Apple server, researchers were able to intercept an encrypted transmission that contained a link to a photo on an iCloud server, as well as a 64-digit key that decrypts it. The key wasn’t visible, but the researchers were able to brute-force each digit. The team notified Apple, who says it paritally fixed the flaw in iOS 9, and will release the full fix on Monday in iOS 9.3.