Expats News Updates & advice

FBI could have to show Apple how to hack iPhone

In a surprise announcement, the FBI said last week that an “outside party” had demonstrated a possible way to unlock the iPhone 5c that has provoked a showdown with Apple over government access to encrypted data.

The FBI did not provide details of the method proposed or who proposed it, but officials told US media that it had been successfully demonstrated and that they would know ahead of an April 5th court deadline whether it will work in this case. If it does, it could be the master key the government has been seeking in this case — and in more than 100 other criminal investigations in which locked iPhones may hold crucial evidence.
In this case, the FBI wants to look at data encrypted in the iPhone 5c used by Syed Rizwan Farook, one of the attackers who killed 14 people in San Bernardino, California, December 2, but is locked out by the device’s password protection, which could erase data after 10 failed password attempts.
A federal judge last month ordered Apple to devise a new operating system to defeat its own security protocols. Apple refused, setting off a heated national debate over privacy, security, and the limits to technology companies’ obligations to help law enforcement.
Unlocking the iPhone without coercing Apple’s help would seem to be a victory for the FBI, avoiding a legal battle it might not have won.
But the victory could be short-lived. The method and vulnerability it exploits could be subject to a rule requiring the government to tell Apple about it, so that the company can fix the flaw to protect other users, Bloomberg News reported. The little-known procedure known as an equities review was put into place by the Obama administration to determine whether government should share its knowledge of computer product flaws with the companies producing them.
Chris Inglis, a former deputy director of the National Security Agency (NSA) spy service, told Bloomberg the iPhone vulnerability should be subject to an equities review. The FBI did not comment on whether it would be or not. In a 2014 White House blog post, Cyber Security Coordinator Michael Daniel listed some of the criteria for determining whether the government must share its knowledge of vulnerabilities.
These include how much harm a bad actor could do with it and how badly the government needs the intelligence it could collect with it ,and if it could get it some other way.
Former FBI cyber-expert Leo Taddeo said he did not believe the government would be obligated to share its discovery with Apple, if the flaw was not widely known or easy to exploit.
“The government is obligated to do what is in the public interest,” he told Bloomberg. Daniel said “in the majority of cases” the government had decided to disclose vulnerabilities. Bloomberg cited a White House source “familiar with” the review process that in one year, out of 100 vulnerabilities discovered, just two were withheld. — DPA

 

Comments
Loading...
Skip to toolbar