What's new

FBI Claims Won't Share iPhone 5C Hacking Secret with Apple Because They Don't Understand It

dgstorm

Editor in Chief
doj-iphone-5c.jpg

Which is more disconcerting to you... That the FBI might lie/exaggerate to keep from sharing the iPhone 5C security vulnerability with Apple, or that they are too incompetent to even understand the hack to begin with? That's the situation the Federal Bureau of Investigations is currently presenting the public (if the report from the Wall Street Journal is accurate). As a quick recap for those who missed it, the FBI went to hackers and purchased a method to unlock the San Bernardino shooter's iPhone 5C for a rumored $1.3 Million dollars.

According to the WSJ report, the FBI understands "so little" about this hack that they are going to recommend to the White House that an internal government review makes no sense. The governmental review is one of the only ways that the FBI will be forced to share the hacking method with Apple, and only the White House can order the review.

Basically, this review would be conducted under the U.S. Vulnerabilities Equities Process. This process lets federal agencies determine if critical security flaws should or will be shared with private companies. Without this review, the FBI will not be compelled to share the hacking secret (although they could do so voluntarily).

In trying to explain why he doesn't think a review should proceed forward, FBI Director James Comey said "We are in the midst of trying to sort that out. The threshold (for disclosure) is, are we aware of the vulnerability, or did we just buy a tool and don't have sufficient knowledge of the vulnerability to implicate the process?"

It all boils down to the fact that the FBI wants to continue to use the hacking tool when necessary, and would prefer to share it with Apple only after Apple has already patched it. Isn't that putting the cart before the horse?
 

GreyFox7

Super Moderator
Staff member
Users don't understand the iPhone but they can still use it. The FBI bought a tool that's all, you run the tool it does it's job, end of story. If I was the tool vendor I would require any customer sign an NDA as a condition of their license or they don't get it, etc. etc.
 
Top