FBI Refuses to Tell Apple About the iPhone's Security Flaw
The FBI couldn't really tell Apple how they cracked their phone, even if they wanted to. According to Reuters, the method that was used to crack the infamous Syed Farook iPhone is proprietary and owned by a group of professional hackers outside of the U.S., and certain rules may preclude the government agency from letting Apple in on the secret.
Apple has a strong interest in knowing exactly how the foreign hackers achieved their goal. Before Apple can patch up the security flaw to avoid future hacks of this kind, the company will need to know how the hack was accomplished.
Vulnerabilities for Sale
News travels quickly and when revelations came out that the FBI essentially traded with an outside professional hacking group to pry into Syed Farook's iPhone, popular dislike for government prying was renewed.
The FBI may have a broad idea of how the technique works, but the exact details apparently are the property of an outside group of professional hackers who make their bread by patrolling software weaknesses and selling them out there on the market -- sometimes, even to the US Government. As it is generally known, the tool allowed the feds to bypass the after-10-erase security feature set up by Apple.
Vulnerabilities Equities Process
What people may not know is that there is a process that might hinder the FBI from assisting Apple even if it wanted to. The Vulnerabilities Equities Process is a series of rules set up to review and analyze technical security flaws. More importantly, it contains the determinants in deciding whether or not such discovered weaknesses should be made public. An issue of first impression, however, is whether VEP should apply to flaws discovered by private companies.
Will Apple Sue?
The FBI's James Comey has expressed reticence towards the idea of cooperating with Apple. Perhaps the government agency is acting in kind after Apple dug in its heels even after being issued a court order to cooperate.
Apple announced last week that if the FBI refuses to reveal how the company's iPhone security features were bypassed, it will not sue the government for that information.
Related Resources:
- FBI Director: We Bought 'a Tool' to Hack Terrorist's iPhone (CNN Money)
- FBI Cracks Farook's iPhone Without Apple's Help (FindLaw's Technologist)
- FBI Delays Apple Hearing to Try a New iPhone Hack (FindLaw's Technologist)
- Apple Security in China and America: A Double Standard? (FindLaw's Technologist)