Apple-FBI

On February 16, 2016, a U.S. federal judge ordered Apple to help the FBI hack into the iPhone owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino.

The FBI asked Apple to create a version of iOS that would both disable passcode security features and allow passcodes to be entered electronically, allowing it to then brute force the passcode on the device.

Apple announced that it would oppose the order in an open letter penned by Tim Cook, who said the FBI's request would set a "dangerous precedent" with serious implications for the future of smartphone encryption. Apple said the software the FBI asked for could serve as a "master key" able to be used to get information from any iPhone or iPad - including its most recent devices - while the FBI claimed it only wanted access to a single iPhone.

Apple's dispute with the FBI ended on March 28, 2016 after the government found an alternate way to access the data on the iPhone through the help of Israeli firm Cellebrite and withdrew the lawsuit.

'Apple-FBI' Articles

'GrayKey' iPhone Unlocking Box Seeing Wide Adoption Among Law Enforcement

GrayShift's recently publicized "GrayKey" box designed to crack locked iPhones is seeing wide adoption among police forces and federal agencies across the United States according to a recent investigation by Motherboard. Motherboard found that regional police forces like the Maryland State Police, the Indiana State Police, and the Miami-Dade County Police have purchased or are soon purchasing GrayKey technology, while other forces like the Indianapolis Metropolitan Police Department have looked into boxes and received quotes from GrayShift. GrayKey box, via MalwareBytes The Secret Service is also planning to purchase "at least half a dozen" GrayKey boxes for unlocking iPhones, while the State Department has already bought them and the Drug Enforcement Administration has expressed interest. Current FBI Director Christopher Wray said in January at the International Conference on Cyber Security that law enforcement officials are facing a "Going Dark" challenge where an "enormous" number of cases rely on an electronic device. "We're increasingly unable to access that evidence, despite lawful authority to do so," said Wray. Motherboard's investigation into GrayShift, the GrayKey iPhone unlocking boxes, and other smartphone unlocking methods suggest that is not the case. The FBI uses the going dark debate to advocate for easier access to electronic devices through backdoors, but the seemingly readily available tools like GrayKey undermine these arguments."It demonstrates that even state and local police do have access to this data in many situations," Matthew Green,

FBI Didn't Investigate All Unlocking Options Before Seeking Order for Apple's Help in San Bernardino Case

Back in early 2016, the United States Federal Bureau of Investigation failed to pursue all possible solutions to unlock the iPhone 5c owned by San Bernardino shooter Syed Farook before demanding Apple's help accessing the device, reports Reuters. The information was shared today in a report issued by the Department of Justice's Office of the Inspector General. According to the report, the FBI's in-house unit that handles breaking into mobile devices did not begin looking for outside help to unlock Farook's iPhone until the night before the FBI demanded Apple's help through a court filing. The FBI was aware that one of the vendors contacted at that point in time had "almost 90 percent completed" a technical solution that would allow the FBI access to the phone. The FBI, though, in its court filing with Apple at the time, said there were no other options for accessing the device. A judge ended up ordering Apple to help federal investigators access the data on Farook's iPhone by creating a tool that would bypass the auto-erase function and allow investigators to submit an unlimited number of passwords to attempt to unlock the iPhone. Apple, of course, opposed the order and refused to build such a tool, leading to a long and drawn out legal battle with the FBI that only ended when the FBI admitted it had indeed found another way to access the device. Communication failures at the FBI were to blame, causing some officials to "misunderstand the status" of the FBI's efforts to open the device. That led to delays seeking help from the FBI and the vendor that

Craig Federighi on Renewed Government Push for Backdoor Device Access: 'Weakening Security Makes No Sense'

Law enforcement officials are revisiting proposals that would require tech companies to build backdoor access into electronic devices to allow for better access to data in criminal investigations, reports The New York Times. This is an issue that was heavily debated following the 2016 legal dispute between Apple and the FBI over the iPhone 5c that belonged to San Bernardino shooter Syed Farook. The government wanted Apple to create software that would allow them to access data on the device, which Apple refused to do. In response to rumors over renewed efforts to build such a tool, Apple software engineering chief Craig Federighi told The New York Times that weakening security protections in iOS devices would be a grave mistake, maintaining Apple's stance on the issue."Proposals that involve giving the keys to customers' device data to anyone but the customer inject new and dangerous weaknesses into product security," he said in a statement. "Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses or even manage vital infrastructure like power grids and transportation systems."Apple has continually argued for the need for improvements to device security to stay ahead of hackers and other bad actors who exploit security vulnerabilities in iOS devices. During the dispute over the San Bernardino device, Apple refused to build a backdoor tool into its devices and argued that if such a tool existed, it could easily end up in non-government hands. Federighi has previously

FBI Forensic Examiner Stephen Flatley Calls Apple 'Jerks' and 'Evil Geniuses' for Encrypting iPhones

Senior FBI forensic examiner Stephen R. Flatley spoke at the International Conference on Cyber Security yesterday, and during the talk he discussed Apple and the FBI's differing opinions on the topic of smartphone encryption. According to Motherboard, Flatley described the company as "jerks" and "evil geniuses" for creating iOS device encryption that is so powerful as to prevent Apple itself from entering users' iPhones. Flatley said that recent updates to Apple device encryption have made password guesses slower, by increasing hash iterations from 10 thousand to 10 million, "making his and his colleagues' investigative work harder." This extended brute force crack time from a few days to two months, leading to Flatley stating that Apple is "pretty good at evil genius stuff." No detailed context was given regarding his "jerks" comment. Image of Stephen Flatley taken by Lorenzo Franceschi-Bicchierai via Motherboard That means, he explained, that “password attempts speed went from 45 passwords a second to one every 18 seconds,” referring to the difficulty of cracking a password using a “brute force” method in which every possible permutation is tried. There are tools that can input thousands of passwords in a very short period of time—if the attempts per minute are limited, it becomes much harder and slower to crack. "Your crack time just went from two days to two months," Flatley said. “At what point is it just trying to one up things and at what point is it to thwart law enforcement?" he added. "Apple is pretty good at evil genius stuff." Flatley's comments come

FBI Didn't Ask Apple for Help Unlocking Texas Shooter's iPhone in First 48 Hours [Updated]

In the aftermath of a deadly shooting at a Texas Church on November 5th, the FBI and other law enforcement agencies failed to immediately ask Apple for help unlocking shooter Devin Patrick Kelley's iPhone, reports Reuters. According to a source that spoke to Reuters, the FBI did not contact Apple for about 48 hours after the shooting, missing a critical window where the iPhone in question might have been easier to unlock. If the iPhone had Touch ID enabled, the shooter's finger might have been able to be used to unlock the device. But that unlocking method would have needed to be used within a 48 hour window, as Touch ID is disabled after 48 hours have passed since it was last activated or when the iPhone is powered off. Christopher Combs, head of the FBI's San Antonio field office, said on Tuesday that the shooter's smartphone is being transferred to the FBI's crime lab in Quantico, Virginia as authorities have not been able to unlock it. Little is known about the shooter's smartphone at this time. Sources told the Washington Post that it's an iPhone, but it's not known which iPhone it is nor which version of iOS it's running. It's also not known if Touch ID was indeed enabled on the phone at this point. As we learned with the San Bernardino case, Apple will not provide authorities with the tools to unlock the iPhone, but the company can and will provide iCloud data if compelled by court order. It is not known if Apple has already received a court order asking for iCloud information. Update: Apple has provided a statement on the situation with the

FBI Unable to Retrieve Encrypted Data From 6,900 Devices Over the Last 11 Months

The United States Federal Bureau of Investigation was unable to retrieve data from 6,900 mobile devices that it attempted to access over the course of the last 11 months, reports the Associated Press. FBI Director Christopher Wray shared the number at an annual conference for the International Association of Chiefs of Police on Sunday. During the first 11 months of the current fiscal year, Wray says the 6,900 devices that were inaccessible accounted for half of the total devices the FBI attempted to retrieve data from. Wray called the FBI's inability to get into the devices a "huge, huge problem." "To put it mildly, this is a huge, huge problem," Wray said. "It impacts investigations across the board -- narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation."Wray did not specify how many of the 6,900 devices the FBI could not access were iPhones or iPads running a version of Apple's iOS operating system, but encryption has been an issue between Apple and the FBI since last year when the two clashed over the unlocking of an iPhone 5c owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino. The FBI took Apple to court in an attempt to force Apple to create a version of iOS that would disable passcode security features and allow passcodes to be entered electronically, providing the FBI with the tools to hack into the device. Apple refused and fought the court order, claiming the FBI's request could set a "dangerous precedent" with serious implications for the future of

FBI Can Keep Details of iPhone Hack Secret, Rules Judge

The FBI doesn't have to identify the company it contracted to unlock an iPhone used by one of the shooters in the 2015 California terror attack that killed 14 people, a federal judge ruled on Saturday (via Politico). Three news organizations – USA Today, Associated Press, and Vice Media – sued the FBI last year under the Freedom of Information Act (FOIA) to try to force the agency to reveal the name of the company and the amount it was paid to unlock the device. In the original complaint, the news organizations argued that the public had a right to know how the government spent taxpayer funds in the case. They also claimed the existence of a flaw in the iPhone could be a danger to the public. However, U.S. District Judge Tanya Chutkan ruled this weekend that the information is exempt from mandatory disclosure under the government transparency law. In her ruling, released Saturday night, Chutkan said the identity of the firm that managed to unlock the iPhone and the price it was paid to do so are classified national security secrets and constitute intelligence sources or methods that can also be withheld on that basis. She also ruled that the amount paid for the hack reflects a confidential law enforcement technique or procedure that is exempt from disclosure under FOIA.A battle between Apple and the FBI began in early 2016 when Apple refused to help the government unlock shooter Syed Farook's iPhone 5c under the belief that it could set a bad precedent for security and privacy. The FBI didn't know what was on the device at the time, but believed that any

Senator Reveals FBI Paid $900K for Hacking Tool Used to Open San Bernardino Shooter's iPhone

A year after the public disagreement between Apple and the FBI, which centered on the passcode-locked iPhone 5c of the San Bernardino terrorist, one of the major questions remains how much the United States government and the FBI paid for the tool it used to crack open the iPhone. That question became so focused upon that a trio of news organizations filed a lawsuit to find out the exact amount that the tool cost the FBI. Speculation in the midst of the Apple-FBI drama placed the price of the tool at upwards of $1.3 million, and then somewhere below $1 million. A recent statement by senator Dianne Feinstein appears to confirm the latter estimation, with Feinstein revealing that the U.S. government paid $900,000 to break into the locked iPhone 5c. The classified information came up during a Senate Judiciary Committee oversight hearing, where Feinstein was questioning FBI director James Comey (via The Associated Press). Senators Charles Grassley and Dianne Feinstein "I was so struck when San Bernardino happened and you made overtures to allow that device to be opened, and then the FBI had to spend $900,000 to hack it open," said Feinstein, D-Calif. "And as I subsequently learned of some of the reason for it, there were good reasons to get into that device." In the ongoing lawsuit filed by the Associated Press, Vice Media, and Gannett, the organizations cite the Freedom of Information Act: "Release of this information goes to the very heart of the Freedom of Information Act's purpose, allowing the public to assess government activity - here, the decision to pay public

Cellebrite Says it Now Supports 'Lawful Unlocking' of iPhone 6 and Older Models

Cellebrite director of forensic research Shahar Tal recently tweeted out that the company's Advanced Investigative Service can now unlock and extract the full file system for the iPhone 6 and iPhone 6 Plus (via CyberScoop). To date, CAIS "supports lawful unlocking and evidence extraction" from the following iPhone generations: 4s, 5, 5c, 5s, 6, and 6 Plus. No mention has been made whether or not the developer has attempted to unlock newer-generation iPhones, including the iPhone 6s, 6s Plus, 7, or 7 Plus. Cellebrite's CAIS now supports lawful unlocking and evidence extraction of iPhone 4S/5/5C/5S/6/6+ devices (via our in-house service only).— Shahar Tal (@jifa) February 22, 2017 The company reportedly charges $1,500 to unlock an individual phone and $250,000 for a yearly subscription to the data extracting service. In addition to the basic system and user data it can get, the hack also targets various apps within the iPhone, including personal data stored in Uber, Facebook, Chrome, and some dating apps. At the same time this week, Cellebrite announced the next generation of its "Content Transfer" tool, which will allow retailers and operators to fully duplicate a customer's existing iPhone onto a brand new iPhone at an average content transfer speed of 1GB per minute. The developer said this should reduce wait times in stores while also pleasing anxious customers worried about losing data when upgrading to a new iPhone generation. Cellebrite said the most important settings get transferred in the process, including wallpaper, alarm settings, weather, photos,

News Organizations Refocus FBI Lawsuit to Question Cost of San Bernardino iPhone Hack Tool

A trio of news organizations -- consisting of the Associated Press, Vice Media, and Gannett -- have petitioned a judge in the United States to force the FBI to reveal the exact amount of money it paid for the technology used to crack open an iPhone used by San Bernardino shooter Syed Farook (via BBC). The same group of news organizations sued the FBI last September to gain more information about how exactly the FBI entered the iPhone, what "outside party" helped with the process, and how much the government paid for it. The new filing appears to tone down that original lawsuit with a focus on the amount spent on the hack tool, and not how it works or who exactly provided it. Although the FBI never confirmed the rumors, it was widely reported that Israeli mobile software developer Cellebrite was hired to get into Farook's iPhone 5c. A price for the developer's services has only ever been speculated upon. According to the court filing acquired by the BBC, the three news organizations claim that there is "no adequate justification" for the FBI to continue to withhold the information related to the cost of opening the iPhone. The information they ask for is also specified as not a risk to national security if it does become public, as they simply want "to learn more about the circumstances surrounding the event." "While it is undisputed that the vendor developed the iPhone access tool, the government has identified no rational reason why knowing the vendor's identity is linked in any way to the substance of the tool, much less how such knowledge would reveal any

Hacker Leaks Cellebrite's iOS Bypassing Tools, Tells FBI 'Be Careful What You Wish For'

It's been nearly a year since a U.S. federal judge originally ordered Apple to help the FBI hack into an iPhone owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino. As we learned in the months after the initial court order -- which Apple continually opposed -- the FBI enlisted the help of Israeli mobile software developer Cellebrite to open up the iPhone 5c in question. Now a hacker has reportedly stolen and publicly released a cache of Cellebrite's most sensitive data, including its tools used to hack into older iPhones, as well as Android and BlackBerry smartphones (via Motherboard). Techniques that the firm uses to open "newer iPhones" were not included in the public posting, but it's also not clear exactly which models of iPhone are considered "older." Farook's iPhone 5c, which launched in 2013, is likely in that category. Apple's main stance against the court order last year was its fear that creating such an operating system that bypassed the iPhone's basic security features -- essentially creating a "master key" for all iOS devices -- would set a "dangerous precedent" for the future of encryption and security. The bypass could also potentially make its way into the public and affect hundreds of millions of Apple customers, with Apple CEO Tim Cook claiming that the software the FBI wanted to use to force open Farook's iPhone was "the equivalent of cancer." As pointed out by Motherboard, the newly leaked tools "demonstrate that those worries were justified." According to the hacker in question who shared Cellebrite's

Indian Government Purchasing Cellebrite Technology Used to Bypass Locked iPhones

India's Forensic Science Laboratory is in negotiations to purchase the security bypassing technology used by Israeli mobile software developer Cellebrite, the company that the FBI enlisted to help unlock the iPhone of the San Bernardino shooter earlier in the year (via The Economic Times). The FBI needed Cellebrite's "mobile forensics solutions" to bypass the lock on the iPhone 5c in question, a method which Apple vehemently opposed throughout the lengthy public spat between it and the U.S. Justice Department. Cellebrite has worked with government and law enforcement agencies "around the world," and the FBI's interaction with the company was reported earlier in the year to cost somewhere around $1 million. The terms of India's purchasing agreement with Cellebrite were not laid out, but an anonymous official from the Forensic Science Laboratory said that the Indian government is expected to get the unlocking technology fairly soon. “We are likely to have the technology within a month or so. India will become a global hub for cases where law enforcement is unable to break into phones,” said a senior FSL official. All officials spoke on the condition of anonymity. As the FSL official mentioned, after its purchase of Cellebrite India intends to become the "global hub" for cases similar to the one between Apple and the FBI that occurred this year, since it will now own the "entire tool" to open encrypted smartphones. It's mentioned, although not in much detail, that requests the FSL receives by other institutes to unlock a smartphone "will be entertained at a fee."

FBI Looking Into 'Legal and Technical Options' for Entering Another Terrorist's iPhone

A new case might lead the FBI and Apple into another fight over security and privacy on smartphones, following a confirmation yesterday by FBI special agent Rich Thorton that the FBI has the iPhone of Dahir Adan in its possession (via Wired). Adan was the culprit behind the stabbing of 10 people in a Minnesota mall in mid-September, and was eventually shot and killed by police. After the event, terrorist organization ISIS claimed credit for the attack on social media, but "no evidence has emerged to suggest ISIS had a hand in planning or executing the attack." During a press conference in St. Cloud, Minnesota yesterday, Thorton confirmed that the FBI has Adan's iPhone and that it is locked with a passcode. According to the special agent, the organization is "still trying to figure out how to gain access to the phone's contents." The issue currently is that the model and version of iOS running on the iPhone is known only to the FBI. Following the launch of iOS 8 in 2014, any iOS device running the software is encrypted to an extent that no malicious outsider -- or even Apple itself -- can get into the iPhone or iPad. “Dahir Adan’s iPhone is locked,” Thornton told reporters, “We are in the process of assessing our legal and technical options to gain access to this device and the data it may contain.” Because of this, the deciding factor on whether or not the new issue could lead to another San Bernardino-related debate between Apple and the FBI hinges on the software and model of his iPhone (iOS 8 can run on iPhone 4s and newer devices). For now, Thorton said that

News Organizations Team Up in Lawsuit Against FBI Over San Bernardino iPhone Hacking Case

A group of three news outlets, including Gannett, the Associated Press and Vice Media, filed a lawsuit today against the FBI on grounds relating to the bureau's decision to keep its method of hacking into San Bernardino shooter Syed Farook's iPhone a secret. The news organizations are looking for more information about how exactly the FBI entered the iPhone, what "outside party" helped with the process, and how much the government paid for it (via USA Today). Gannett, the AP, and Vice Media have each sought details on the hack under the Freedom of Information Act, but the FBI denied the requests, arguing that "revealing the records would imperil its enforcement efforts." Now the organizations are teaming up and asking the court to force the FBI to release the requested information. While the security drama swirls, University of Cambridge researcher Sergei Skorobogatov has released proof countering the FBI's claim that it couldn't get into Farook's iPhone without Apple's help. In his report (via Engadget), Skorobagatov detailed his process in bypassing the passcode retry counter of an iPhone 5c running iOS 9, which he said "does not require any expensive and sophisticated equipment." This was achieved by desoldering the NAND Flash chip of a sample phone in order to physically access its connection to the SoC and partially reverse engineering its proprietary bus protocol. The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful

Privacy Advocates Cite NSA Hack as Vindication of Apple's Fight With FBI

Privacy advocates have claimed the breach of hacking tools and exploits apparently stolen from the National Security Agency has vindicated Apple's stance in its dispute with the FBI earlier this year. Last week, reports emerged that a hacker group called the "Shadow Brokers" had allegedly stolen a cache of the NSA's top espionage tools and offered to sell them to the highest bidder. The malware was linked to the "Equation Group", a secretive team of cyber spies widely believed to be associated with the NSA and its state partners. The hacking collective that stole the malware posted two sets of files online, including a free sample of the stolen data, which dates back to 2013, and a second encrypted file whose decryption key went up for sale in a bitcoin auction. Many saw the auction as a stunt. But the attack code posted by the hackers appeared to be real, according to former NSA personnel who worked in the agency's hacking division, known as Tailored Access Operations (TAO). "Without a doubt, they're the keys to the kingdom," said one former TAO employee, who spoke to The Washington Post on the condition of anonymity to discuss sensitive internal operations. "The stuff you're talking about would undermine the security of a lot of major government and corporate networks both here and abroad." "It's a big deal," said Dave Aitel, an ex-NSA research scientist and CEO of penetration testing firm Immunity. "We'd be panicking." Whistle-blowing website Wikileaks tweeted that it also had the data and would release it "in due course". News of the leak has been

Political Will for Encryption Law Has Weakened Since Apple-FBI Dispute

Support for encryption legislation in the U.S. has flatlined and the push for changes in federal law following the San Bernardino shootings has petered out, according to sources in congressional offices, the administration and the tech sector (via Reuters). On February 16, a U.S. federal judge ordered Apple to help the FBI to unlock the iPhone owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino that left 14 people dead. Senate Intelligence Committee leaders Richard Burr and Dianne Feinstein. The FBI asked Apple to create a version of iOS that would both disable passcode security features and allow passcodes to be entered electronically, allowing it to then brute force the passcode on the device. Apple announced that it would oppose the order in an open letter penned by Tim Cook, who said the FBI's request would set a "dangerous precedent" with serious implications for the future of smartphone encryption. Apple claimed the software the FBI asked for could serve as a "master key" able to be used to get information from any iPhone or iPad - including its most recent devices - while the FBI claimed it only wanted access to a single iPhone. Apple's dispute with the FBI ended on March 28, after the government found an alternate way to access the data on the iPhone through the help of "professional hackers" and withdrew the lawsuit as a result. During the controversy, a Senate Intelligence Committee encryption bill was announced by committee leaders Richard Burr and Dianne Feinstein, which aimed to force companies to

Apple Rehires Security and Encryption Expert Jon Callas Following FBI Dispute

Following its very public encryption battle with the FBI, Apple has rehired software engineer and and security expert Jon Callas, reports Reuters. Callas, who has previously worked at Apple, is known for co-founding encrypted communications services Silent Circle, Blackphone, and PGP Corporation. Apple's decision to rehire Callas comes amid rumors the company is working on improving the security of its iOS devices. Apple has said it will continually improve security to keep ahead of hackers, and its dispute with the FBI is said to have spurred the company begin work on implementing security measures "even it can't hack." Earlier this year, Apple was ordered to assist the FBI in the unlocking of the iPhone 5c used by San Bernardino shooter Syed Farook, an order it fought because the FBI was asking for new software that would bypass iPhone passcode security measures. Apple insisted the software was "too dangerous to create," setting dangerous precedents that could lead to a weakening of overall device encryption. The FBI eventually dropped the case after finding an alternate method to breach the iPhone, but the fight over encryption is far from over. According to Reuters, Callas supports Apple's position and is opposed to companies being compelled to break their own encryption by the government, but he believes law enforcement officials should be able to take advantage of software vulnerabilities, the method the FBI ultimately used to get into Farook's iPhone 5c.Callas has said he is against companies being compelled by law enforcement to break into their own

FBI Director Expects Legal Battle Over Encryption to Continue

In a briefing with reporters, FBI director James Comey said that he expects litigation over the encryption of mobile devices to continue, as encryption is "essential tradecraft" of terrorist organizations like ISIS, reports Reuters. Comey indicated that the debate involving both legal and privacy issues over whether the federal government can compel tech companies to unlock personal devices in the interest of national security is far from over in a briefing with reporters at the Federal Bureau of Investigation.Since October, FBI experts have examined nearly 4,000 devices and have been unable to unlock around 500, according to Comey. He thinks none of these devices are the same model as San Bernardino shooter Syed Farook's iPhone 5c, which means the method the FBI used to unlock that phone would not work on these other models. The U.S. Justice Department dropped two lawsuits against Apple in the past couple of months. The first case was an attempt to order Apple to unlock the San Bernardino shooter's iPhone, but the Justice Department dropped the case when it found a contractor that could unlock the device for under $1 million. The second case was a New York drug case, which was dropped when investigators unlocked the phone in question by hand. Comey also confirmed reports that the identity of the contractors who unlocked the iPhone 5c is a closely-guarded secret within the FBI, saying that he had a "good sense" of the identity of the third-party contractor but was not aware of its identity. Finally, the FBI director mentioned that WhatsApp's new end-to-end encryption

New Report Says FBI Paid Less Than $1 Million to Unlock San Bernardino Shooter's iPhone

Last week, FBI director James Comey hinted at how much the agency paid to unlock San Bernardino shooter Syed Farook's iPhone, saying it cost more than he will make in the next seven years and four months. The number worked out to around $1.3 million, as Comey's annual salary is $183,000. However, sources now tell Reuters that the amount was actually under $1 million. Although the FBI says it will keep the technique it used to unlock Farook's iPhone 5c a secret, sources tell Reuters that the agency can use the method on other iPhone 5c's running iOS 9. The FBI has physical possession of the mechanism used to unlock the phone and does not need to pay the contractor any more money for further uses. The contractor responsible for the method is a closely-held secret within the FBI, with Comey being in the dark himself, according to Reuters' sources. In mid-April, it was reported that the FBI hired "professional hackers," at least one of which is a gray hat researcher that sells flaws to governments, black market groups or surveillance companies. Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

FBI Gave First Security Disclosure Under 'Vulnerability Equities Process' to Apple on April 14

On April 14, the FBI informed Apple of a security flaw in older versions of iOS and OS X, its first vulnerability disclosure to Apple under the Vulnerability Equities Process, reports Reuters, citing information obtained directly from the Cupertino company. The Vulnerability Equities Process allows federal agencies to determine whether critical security flaws should be kept private for law enforcement use or disclosed to companies to allow them to patch major vulnerabilities. The security flaw the FBI shared with Apple pertained to older versions of the iPhone and Mac and it was fixed with the release of iOS 9 and OS X El Capitan. It was not the vulnerability that was exploited to break into the iPhone 5c used by San Bernardino shooter Syed Farook, which remains under wraps. Apple says 80 percent of iPhones run a safe version of iOS and are not vulnerable to the security flaw shared by the FBI. Apple told Reuters it does not have plans to issue a patch for the older, vulnerable software. According to Reuters, the FBI was motivated to provide Apple with information on an older vulnerability following a report suggesting it would not use the Vulnerability Equities Process to provide Apple with the method used to hack the San Bernardino iPhone.The day after that report, the FBI offered information about the older vulnerabilities to Apple. The move may have been an effort to show that it can and does use the White House process and disclose hacking methods when it can. The flaw the FBI disclosed to Apple this month did nothing to change the company's perception