FBI Can't Reveal Exploit Used to Unlock San Bernardino Shooter's iPhone

The unidentified group that assisted the FBI in unlocking the San Bernardino shooter's iPhone has sole legal ownership of the exploit, making it highly unlikely to be shared with Apple, U.S. administration sources have revealed.

According to a report published by Reuters yesterday, the White House routinely reviews technology security flaws as part of its Vulnerabilities Equities Process to decide which ones should be made public, but it does not reveal flaws discovered or owned by private organizations without their explicit cooperation.

applefbi
Initial rumors had suggested the FBI received assistance from Israeli mobile forensics firm Cellebrite to hack the phone, but more recent information suggests the group involved consisted of "professional hackers" who sell flaws to governments, black market groups, or companies that create surveillance tools.

The FBI itself likely does not know the details of the technique, only simply that it worked, according to government sources and Rob Knake, who managed the Vulnerabilities Equities Process before leaving the White House last year.

The news is being seen as a blow to Apple, which has sought information regarding the exploit used by the FBI to unlock suspected terrorist Syed Farook's iPhone in the hope of fixing it before it can be used by criminals. Previously FBI director James Comey had said the government was contemplating the pros and cons of looping Apple in on the situation.

In a separate report published by CBS News yesterday, a law enforcement source revealed that the data successfully extracted from Farook's iPhone has yet to reveal any information relevant to the FBI investigation. However, the source stressed that the bureau continues to analyze the extracted data in the hope that something of significance will yet be discovered.

After a very public legal battle in which the FBI obtained a court order demanding Apple help the government unlock the iPhone used by Farook, the Justice Department dropped the lawsuit after announcing it had found an alternate method to gain access to the phone's data.

Comey has since said the exploit only works on a "narrow slice of phones", which does not include models of the iPhone 5s and after.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.



Top Rated Comments

(View all)
Avatar
30 months ago
How can someone have legal ownership of an exploit?

That's like me saying I have legal ownership of 'smashing a window with a hammer to break it'.
Rating: 8 Votes
Avatar
30 months ago

The FBI itself likely does not know the details of the technique, only simply that it worked, according to government sources and Rob Knake, who managed the Vulnerabilities Equities Process before leaving the White House last year.

If it is true that they were briefing senators on the technique then they know how to do it. And as for not revealing the technique I can't imagine that a competent defense lawyer can't force them to reveal it to prove that incriminating data wasn't added to the phone in the process if it is ever used in a case that comes to trial. Also I would think if they try to force Apple to create a backdoor again Apple could get a judge to make them reveal the technique so their engineers can be sure that it doesn't work on whatever version of the phone they want a backdoor to.
Rating: 5 Votes
Avatar
30 months ago
Something seems so off about this whole thing. The way the trial got delayed and then cancelled, how the method is kept under wraps, and even more reports saying that the content on the phone has been deemed irrelevant as well, apparently. As far as we know they may have not even gotten into the phone and it's all just a bluff.
Rating: 4 Votes
Avatar
30 months ago
FBI won't say anything, purely because it would cast sunshine on the grey industry of shopping around exploits in common software (windows/Mac/iOS/Android/etc.) to private companies and law enforcement/regimes around the world.
Rating: 3 Votes
Avatar
30 months ago
This is just a smoke screen. They figured out the guys password. It was password.
Rating: 3 Votes
Avatar
30 months ago

So the FBI is essentially turning apples own defense tactic against them. Saying they "don't know" how to access the phone so their hands are tied. Well played FBI.


Or, a smart move, knowing they wouldn't get any help from the FBI, they have ammunition the next time they come calling saying, "You wouldn't help us, why should we help you?"
Rating: 2 Votes
Avatar
30 months ago
So the FBI is essentially turning apples own defense tactic against them. Saying they "don't know" how to access the phone so their hands are tied. Well played FBI.
Rating: 2 Votes
Avatar
30 months ago
How does one have "Legal Ownership" of an illegal hack ?
Rating: 1 Votes
Avatar
30 months ago

i remember hearing how the FBI would be compelled by federal law to provide the info based on requirements for evidence.. so that's not the case here?? i mean, apple's T&Cs probably won't cut it against our government's orwellian position as 'untouchable' regarding anything 'terrorism' related, but one would figure there's something in place which the FBI would have to push back against...

if they DON'T provide the methods used, how would the evidence hold up in court? just trusting a screen readout or printed version of the contents of the phone? who else gets to physically look in this phone, just the DA/Judge?


The defendants are dead. There is no court proceedings against them. The FBI is looking for possible links to co-conspiritors. If they find any they have two options: (1) Use the evidence found on the phone (if it is strong enough) and then it will be subject to court scrutiny or (2) Look for other evidence related to the identified co-conspiritors and use that evidence in court.
Rating: 1 Votes
Avatar
30 months ago
FBI are under no obligation to reveal how the phone was hacked. Also it's in their best interest not to either so the vulnerability remains for as long as possible.
Rating: 1 Votes
[ Read All Comments ]