FBI sued for keeping details about San Bernardino iPhone exploit secret

The Apple vs. FBI case may finally be over. Last September, a group of news organizations filed a freedom of information lawsuit against the FBI, aiming to compel the bureau to hand over the information of how it was able to hack the iPhone 5C used in the San Bernardino case, as well as who hacked it. The group included the likes of The Associated Press, Vice Media, and Gannett, which is the parent company of USA Today. And now, more than 12 months later, a judge has finally ruled in that case in favor of the FBI.

“The FBI’s purchase of the technology — and its subsequent verification that it had successfully obtained the data that it was seeking thanks to that technology — confirmed that a serious undisclosed security vulnerability existed in one of the most popular consumer products in the world,” the initial filing said. But late in the evening of September 30, 2017, federal judge Tanya Chutkan ruled that identifying the vendor the FBI used would effectively place a bounty of said vendor’s head, and could eventually result in the technology being compromised.

According to the FBI, the vendor’s networks are “not as sophisticated” as that of the federal agency’s, which might leave the company vulnerable to cyberattack.

“It is logical and plausible that the vendor may be less capable than the FBI of protecting its proprietary information in the face of a cyber-attack,” said the court. “The FBI’s conclusion that releasing the name of the vendor to the general public could put the vendor’s systems, and thereby crucial information about the technology, at risk of incursion is a reasonable one.”

The case was certainly an interesting one. After the San Bernardino shooting, the FBI demanding that Apple create a custom software to hack into the iPhone itself. Apple declined, saying that doing so would set a bad precedent for future cases. The FBI then took matters into its own hands and dropped the case against Apple.

The news organizations involved in the suit claimed that it’s important that Apple is told how the hack was accomplished so that it can fix the flaw and prevent millions of iPhone owners from being vulnerable to hacks themselves. Not only that, but the group also claimed that the situation brings up questions about the allocation of public funds as well as governmental oversight issues. Finally, the suit suggested there’s no legal basis for the FBI to hold on to the information.

It’s been a long and tumultuous road for Apple and the FBI, but for now, it looks like this chapter is closed.

Update: A judge has ruled that the FBI can keep its secret around how it hacked the San Bernardino terrorist’s iPhone.