- Pro-Trump subreddit quarantined over violent threats in support of Oregon Republicans 3 Years Ago
- Woman who live streamed a police officer’s shooting is receiving death threats 3 Years Ago
- Pre-Prime Day deals you don’t want to miss 3 Years Ago
- Dana Loesch out at NRATV; ‘thoughts and prayers’ for her career are in Today 12:33 PM
- Trump’s rant about Megan Rapinoe devolves into treatise about PC culture in the NBA Today 10:41 AM
- Is Millie Bobby Brown joining the MCU? Today 10:39 AM
- Hundreds of thousands demand that Etika’s previously deleted YouTube channel be restored Today 10:18 AM
- Eric Trump says cocktail waitress spit on him in Chicago bar Today 9:47 AM
- Maine governor signs net neutrality bill into law Today 9:07 AM
- How the QAnon movement continues without its messenger Today 8:26 AM
- 6 best Korean beauty products for summer Today 8:17 AM
- ‘The Office’ is leaving Netflix in 2021 Today 7:46 AM
- How to install the iOS 13 beta and test out its best new features Today 7:42 AM
- Swipe This! I want my boyfriend to text me everyday. Is that crazy? Today 7:30 AM
- Why every 2020 Democrat is canceled Today 7:01 AM
FBI says it won’t submit tool used to hack San Bernardino iPhone for disclosure review
Apple is sure to be disappointed by this decision.
The Federal Bureau of Investigation will not submit the secret tool used to access a dead terrorist’s iPhone to a government process that decides whether to disclose such flaws to tech companies.
Amy Hess, the FBI‘s executive assistant director for science and technology, said in a statement Wednesday that the bureau did not know enough about how the tool worked to refer it to the White House-managed Vulnerability Equities Process, an interagency working group that weighs whether to disclose hardware and software bugs so that companies can fix them.
“The FBI assesses that it cannot submit the method to the VEP,” Hess said. “The FBI purchased the method from an outside party so that we could unlock the San Bernardino device. We did not, however, purchase the rights to technical details about how the method functions, or the nature and extent of any vulnerability upon which the method may rely in order to operate.”
A VEP analysis of whether to disclose vulnerabilities, Hess said, “requires significant technical insight into a vulnerability” and cannot occur “without sufficient detail about the nature and extent of a vulnerability.”
“Currently,” she said, “we do not have enough technical information about any vulnerability that would permit any meaningful review under the VEP process.”
An FBI spokesman did not respond to an email asking when the bureau had notified the VEP board of its decision, or whether it had informed Apple ahead of time. The White House declined to comment on the FBI’s decision.
Although FBI Director James Comey has said that the mysterious tool only works a “narrow slice” of iPhones, Apple is obviously interested in learning of any flaws in its products’ code so that it can patch them and assure its users of their safety.
An Apple spokesman did not respond to a request for comment.
The iPhone used by Syed Farook, who with his wife killed 14 people and wounded 22 others in a shooting in San Bernardino, California, last December, became the subject of a high-profile legal battle between the U.S. government and Apple when the tech company fought a court order to help the FBI unlock it.
The government, seeking information on Farook’s communications, wanted Apple to write custom software that would disable certain security features on the phone and let FBI agents flood it with passcode guesses. But Apple refused and appealed the order, arguing that compliance would weaken its users’ trust and set a precedent leading to more onerous demands for technical assistance.
The day before both parties were set to argue their case in court, the Justice Department abruptly notified the judge that a third party had sold it a tool that it could use to access the phone. Later, when the FBI confirmed that the tool had worked, the government dropped its demand for the court order.
Hess said in her statement that while the government generally did not discuss whether the VEP working group would review a particular exploit, “the extraordinary nature of this particular case, the intense public interest in it, and the fact that the FBI already has disclosed publicly the existence of the method” made this case different.
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.