Roger Fingas
The FBI may be entitled to keep secret the technique it used to break into the iPhone of San Bernardino shooter Syed Farook, as a result of a special White House group designed to review digital security flaws uncovered by federal agencies.
The group, set up under the Obama administration, is nominally supposed to disclose any vulnerabilities "unless there is a clear national security or law enforcement need," Reuters noted on Thursday, quoting the Office of the Director of National Security. That could allow the FBI's technique to be protected in a review, especially since it might conceivably be applied in other criminal/terrorist investigations. Making it public could let people devise a way of guarding against it.
The method might also survive review if it demands physical access to a device. If NAND mirroring is being used, as speculated, it poses little threat to Internet security, which is normally the special group's focus.
Although the FBI might be able to avoid a review entirely if it used a contractor's proprietary technology — Israel's Cellebrite has been named as an assisting outside party — the significance of the vulnerability is expected to make it subject to scrutiny.
Apple repeated its view to Reuters that it would like the government to supply information about its unlock technique. The company might use that information to bolster security in future products, though the Secure Enclave used in devices like the iPhone 6 and 6s already makes Apple's hardware more difficult to hack than Farook's iPhone 5c.
Christine McKee
Stephen Silver
Charles Martin
Amber Neely
48 Comments
The government would protect the most people's security by helping Apple make the iPhone more secure. There is no reason to prevent Apple from fixing this flaw. The knowledge that at least the iPhone 5c can be cracked will deter criminals from using it. If it is left vague that the flaw may affect more iPhones then criminals will avoid the iPhone altogether. iPhone 5c phones already in government custody will not be made inaccessible by Apple's fix.
I am skeptical of a 'special organization' set up by this White House. The FBI was just asking Apple to perform similar task until they found out a method of their own. The White House criticized Apple for keeping thier stance. Now Apple wants information and all of a sudden there's a 'special organization' to decline their requests. I smell a rat.
Or maybe they didn't really get into the phone. It seemed like a very short amount of time between the announcement that they found a company to work with to its unlocked 2 days later. Also the day before the FBI was to go into court to argue their case they magically found someone to unlock the phone. I think we will never no the truth about this and just seems like a weird smear campaign against Apple.
I know that private companies have been charged under the DMCA when hacking a third party's hardware. I am curious as to whether the FBI hack violates the DMCA.
They probably took the the phone out of its case and saw the post-it note inside with the password written on it.