- Ajit Pai is unhappy states are bucking his agency’s net neutrality repeal 3 Years Ago
- Paul Rudd’s appearance on ‘Hot Ones’ becomes an instantly iconic meme 3 Years Ago
- Network of fake news sites in Michigan appears to be right-wing propaganda effort Today 6:30 AM
- ‘BoJack Horseman’ hints at a brutal reckoning in its final season Today 5:30 AM
- How to stream Barcelona vs. Slavia Praha in the Champions League Today 2:00 AM
- How to stream Chelsea vs. Ajax in the Champions League Today 1:00 AM
- People are using #WheresLindsey to criticize Graham over Trump ‘lynching’ defense Tuesday 8:22 PM
- 2 Proud Boys sentenced to 4 years in prison for attacking antifa protesters Tuesday 7:20 PM
- Paul Joseph Watson is very upset by bartender serving beer with her butt Tuesday 6:24 PM
- Twitter developing a policy to combat deepfakes Tuesday 5:28 PM
- The Nate Diaz vs. Jorge Masvidal bout at UFC 244 is perfect for NYC and its fight mecca Tuesday 5:27 PM
- Alexis Bledel named most dangerous online celebrity Tuesday 5:02 PM
- Kylie Jenner trademarks ‘rise and shine’ after meme success Tuesday 4:50 PM
- ‘Watchmen’ website expands what you know about its alt-history Tuesday 4:31 PM
- Smoke ’em, pass ’em Week 8: Mark Walton szn Tuesday 4:26 PM
The Federal Bureau of Investigation will not submit the secret tool used to access a dead terrorist’s iPhone to a government process that decides whether to disclose such flaws to tech companies.
Amy Hess, the FBI‘s executive assistant director for science and technology, said in a statement Wednesday that the bureau did not know enough about how the tool worked to refer it to the White House-managed Vulnerability Equities Process, an interagency working group that weighs whether to disclose hardware and software bugs so that companies can fix them.
“The FBI assesses that it cannot submit the method to the VEP,” Hess said. “The FBI purchased the method from an outside party so that we could unlock the San Bernardino device. We did not, however, purchase the rights to technical details about how the method functions, or the nature and extent of any vulnerability upon which the method may rely in order to operate.”
A VEP analysis of whether to disclose vulnerabilities, Hess said, “requires significant technical insight into a vulnerability” and cannot occur “without sufficient detail about the nature and extent of a vulnerability.”
“Currently,” she said, “we do not have enough technical information about any vulnerability that would permit any meaningful review under the VEP process.”
An FBI spokesman did not respond to an email asking when the bureau had notified the VEP board of its decision, or whether it had informed Apple ahead of time. The White House declined to comment on the FBI’s decision.
Although FBI Director James Comey has said that the mysterious tool only works a “narrow slice” of iPhones, Apple is obviously interested in learning of any flaws in its products’ code so that it can patch them and assure its users of their safety.
An Apple spokesman did not respond to a request for comment.
The iPhone used by Syed Farook, who with his wife killed 14 people and wounded 22 others in a shooting in San Bernardino, California, last December, became the subject of a high-profile legal battle between the U.S. government and Apple when the tech company fought a court order to help the FBI unlock it.
The government, seeking information on Farook’s communications, wanted Apple to write custom software that would disable certain security features on the phone and let FBI agents flood it with passcode guesses. But Apple refused and appealed the order, arguing that compliance would weaken its users’ trust and set a precedent leading to more onerous demands for technical assistance.
The day before both parties were set to argue their case in court, the Justice Department abruptly notified the judge that a third party had sold it a tool that it could use to access the phone. Later, when the FBI confirmed that the tool had worked, the government dropped its demand for the court order.
Hess said in her statement that while the government generally did not discuss whether the VEP working group would review a particular exploit, “the extraordinary nature of this particular case, the intense public interest in it, and the fact that the FBI already has disclosed publicly the existence of the method” made this case different.
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.