0
1

[–] pessimisticsteel 0 points 1 point (+1|-0) ago 

ELI5

0
7

[–] jxfaith 0 points 7 points (+7|-0) ago  (edited ago)

Article sums it up fairly well: an independent security researching team was approached by the FBI and offered a sum of money to disclose an iPhone software exploit that enabled them to create a hardware bypass to the PIN attempt tracker.

As to the term "Gray-hat", the article also elaborates. Gray as in the literal middle between black and white. White hat hackers publicly disclose their findings in hopes of improving security. Black hat hackers do not disclose their findings in hopes of profiting from them exclusively. Grey hat hackers tend to disclose their findings, but typically only to governments or corporations and usually if the price is right.

2
5

[–] Bobsentme 2 points 5 points (+7|-2) ago 

While those are technically true, you're not really explaining black, white, and grey very well.

White Hats are the security researchers. They are legitimately researching software for exploits that COULD be used. If they find one, they report it, get professional credit and bragging rights, and move on. They tend to be non-intrusive, non-destructive, and work with companies or vendors to help patch holes before the bad guys find them.

Black Hats are the "Hackers" who will practically use ANY MEANS NECESSARY (even destructive ones) to obtain access to what they want. They don't ask permission, they can and will destroy systems, all for their amusement or benefit. This includes selling exploits to other hackers before White Hats find out about them. If they manage to create exploits, they get street cred, not professional cred.

Grey Hats are the Pentesters, as they will only attack targets they've been given explicit permission to attack, but they'll also use the same methods your average hacker would use. Grey hats get both Professional credit and street cred if they find something new and document / work with the people it could affect.

It used to be white vs black, but now that both sides are dipping into research AND actual exploits, everyone's hat is getting cleaner or dirtier, and thus we're all becoming grey.

0
0

[–] pessimisticsteel ago 

Thank you, great answer.

0
2

[–] ItzDaWorm 0 points 2 points (+2|-0) ago 

There are people who are as familiar with the iPhone hardware and software as Apple engineers. These are the guys and gals who bring you jailbreaks, unsigned apps, etc.

This article is proposing that the FBI hired them to crack the security.

[–] [deleted] 0 points 9 points (+9|-0) ago 

[Deleted]

0
2

[–] gosso920 0 points 2 points (+2|-0) ago 

You had one job, Gandalf!

0
0

[–] heili ago 

I wonder if it is one of those that takes advantage of the iPhone 5c not keeping the password attempt counter on the secure enclave so you could trick it if you have a way to kill the power fast enough to not register the failed password attempt?