FBI says San Bernardino iPhone hack won't be submitted to review group for possible disclosure

The FBI will not be submitting the exploit used to hack into the iPhone of San Bernardino shooter Syed Rizwan Farook to a review process that could clear it for sharing with outside parties, a report said on Wednesday.

When the FBI paid a third party to help unlock the phone, it didn't acquire the rights to the technical details involved in the process, said the FBI's executive assistant director for science and technology, Amy Hess, according to Reuters. As a result, Hess said the agency doesn't "have enough technical information about any vulnerability" that could be considered for release.

Just yesterday, FBI director James Comey said that the agency was still deciding whether it could submit the exploit. The review group, associated with the White House, exists to decide whether cybersecurity flaws uncovered by U.S. government agencies should be shared with entities like corporations or even other internal organizations.

Hess' statement may support one set of rumors pointing to the third party being a dedicated forensics firm, possibly Cellebrite. One report suggested it was a hacker group, in which case the FBI might simply have paid for knowledge of a zero-day exploit.

Apple has previously asked for details on the exploit, but today's decision likely means the information will remain secret, unless the company can devise a legal challenge.

Regardless, any threat to the public may be minimal. Farook owned an iPhone 5c, one of the last major iOS devices without Touch ID. Products with that technology are believed to be immune to the technique the FBI employed, thanks to their Secure Enclaves.

10 Comments

wood1208 10 Years · 2938 comments

About 8 years ago

What's wrong with American intelligence agencies to spit out everything they doing related to terrorism ? Learn from Chinese, Mosad and others. Don't need to say anything in media about what you doing to go after terrorists. Just Do It.

eightzero 14 Years · 3148 comments

A change to the Apple ToS in 3...2...1...

rob53 13 Years · 3312 comments

wood1208 said:

What's wrong with American intelligence agencies to spit out everything they doing related to terrorism ? Learn from Chinese, Mosad and others. Don't need to say anything in media about what you doing to go after terrorists. Just Do It.

Maybe this works in China and other countries but the US is supposed to be a democracy where our government is supposed to be held accountable for the things it does, both good and bad. All you need to do is read this government memorandum, https://www.whitehouse.gov/the_press_office/TransparencyandOpenGovernment, to understand that openness is key to a good government:

"My Administration is committed to creating an unprecedented level of openness in Government. We will work together to ensure the public trust and establish a system of transparency, public participation, and collaboration. Openness will strengthen our democracy and promote efficiency and effectiveness in Government. ...Barack Obama"

You might not agree with things Obama has done but our government is supposed to be open. I know I used "supposed to" a whole lot but that's what's making me mad. The FBI is part of our government and they're hiding behind a technicality. I wonder is the FOI ACT allows someone to request a copy of the procurement order for the services the FBI paid way too money for.

As for the supposed terrorists in San Bernardino, the FBI stated (at least initially) that they were not part of a larger terrorist organization. In other words, they were simply a disgruntled employee who killed a lot of fellow employees. For the FBI to use the terrorist tag, which I believe Comey backtracked and ended up calling them terrorists so he could hide what he was doing, is simply a way to get around any demand by the President for openess.

"It does not appear the two perpetrators of Wednesday’s mass shooting in San Bernardino are part of an organized cell or part of a network, FBI director James Comey said at a news conference this afternoon.
“We are going through a very large volume of electronic evidence … these killers tried to destroy,” Comey said with Attorney General Loretta Lynch at his side. “There is a lot of evidence that doesn’t quite make sense,” he acknowledged. But “our investigation to date, so far we have no indication these killers are part of a larger organized group or part of a cell. There is no indication they are part of a network,” he maintained."