- Gamer Krucial B passes away during Defend the North tournament 3 Years Ago
- Brexit supporter Boris Johnson becomes prime minister—spawning lots of memes 3 Years Ago
- Democrats want to ban use of facial recognition in public housing 3 Years Ago
- In America’s meme war, the left and right are fighting different battles Today 8:10 AM
- Mahershala Ali’s ‘Blade’ movie won’t arrive until Phase 5 of the MCU Today 7:18 AM
- Natalie Portman isn’t playing ‘female Thor’—she’s ‘Mighty Thor’ Today 7:08 AM
- How to watch ‘Breaking Bad’ online Today 7:00 AM
- Controversial Instagram influencer plans event called ‘The Scam’ Today 7:00 AM
- How to clear your search history on Instagram Today 6:00 AM
- How to stream the Leagues Cup competition between MLS and Liga MX Today 5:00 AM
- Here’s why you shouldn’t buy a Nintendo Switch until mid-August Monday 5:11 PM
- Man blasted for making his coworkers babysit his child Monday 5:07 PM
- Pete Buttigieg’s country radio interview was blocked from the air Monday 4:35 PM
- 15-year-old Smash Bros. prodigy caught using racist slur in private Discord server Monday 3:47 PM
- Instagram users who post pet pictures more likely to get hacked Monday 3:45 PM
FBI says it won’t submit tool used to hack San Bernardino iPhone for disclosure review
Apple is sure to be disappointed by this decision.
The Federal Bureau of Investigation will not submit the secret tool used to access a dead terrorist’s iPhone to a government process that decides whether to disclose such flaws to tech companies.
Amy Hess, the FBI‘s executive assistant director for science and technology, said in a statement Wednesday that the bureau did not know enough about how the tool worked to refer it to the White House-managed Vulnerability Equities Process, an interagency working group that weighs whether to disclose hardware and software bugs so that companies can fix them.
“The FBI assesses that it cannot submit the method to the VEP,” Hess said. “The FBI purchased the method from an outside party so that we could unlock the San Bernardino device. We did not, however, purchase the rights to technical details about how the method functions, or the nature and extent of any vulnerability upon which the method may rely in order to operate.”
A VEP analysis of whether to disclose vulnerabilities, Hess said, “requires significant technical insight into a vulnerability” and cannot occur “without sufficient detail about the nature and extent of a vulnerability.”
“Currently,” she said, “we do not have enough technical information about any vulnerability that would permit any meaningful review under the VEP process.”
An FBI spokesman did not respond to an email asking when the bureau had notified the VEP board of its decision, or whether it had informed Apple ahead of time. The White House declined to comment on the FBI’s decision.
Although FBI Director James Comey has said that the mysterious tool only works a “narrow slice” of iPhones, Apple is obviously interested in learning of any flaws in its products’ code so that it can patch them and assure its users of their safety.
An Apple spokesman did not respond to a request for comment.
The iPhone used by Syed Farook, who with his wife killed 14 people and wounded 22 others in a shooting in San Bernardino, California, last December, became the subject of a high-profile legal battle between the U.S. government and Apple when the tech company fought a court order to help the FBI unlock it.
The government, seeking information on Farook’s communications, wanted Apple to write custom software that would disable certain security features on the phone and let FBI agents flood it with passcode guesses. But Apple refused and appealed the order, arguing that compliance would weaken its users’ trust and set a precedent leading to more onerous demands for technical assistance.
The day before both parties were set to argue their case in court, the Justice Department abruptly notified the judge that a third party had sold it a tool that it could use to access the phone. Later, when the FBI confirmed that the tool had worked, the government dropped its demand for the court order.
Hess said in her statement that while the government generally did not discuss whether the VEP working group would review a particular exploit, “the extraordinary nature of this particular case, the intense public interest in it, and the fact that the FBI already has disclosed publicly the existence of the method” made this case different.
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.