Skip to main content

FBI’s disclosure on iPhone crack method may be up to White House review group

Apple store logo
If a federal agency discovers flaws in a company’s security, government policy is to disclose that information so the company can provide a fix. That’s thanks to a White House review group formed not too long ago during the Obama administration.

With the FBI recently discovering a new method — thanks to a third-party — on how to crack into the iPhone in the San Bernardino mass shooting case, you would think, under this policy, that the agency would disclose the technique to Apple. The Cupertino company has also said that it would like to know how the FBI cracked the device.

But the director of national security said in 2014 that the review group would only disclose the information “unless there is a clear national security or law enforcement need,” according to Reuters. What’s more is that security experts say the FBI could avoid the need for a review, as it reportedly used a contractor’s technology to crack into the iPhone.

There aren’t set rules for the review group as well, according to the Michael Daniel, a cybersecurity coordinator and special assistant to the president.

“There are no hard and fast rules,” Daniel said in a blog post discussing the NSA’s disclosure of the Heartbleed security bug in 2014, and he referred to the review group. It’s still likely the group could also move in Apple’s favor, though many security experts seem to be skeptical, according to Reuters.

It’s not hopeless for Apple, as the company is seeking to learn the technique through legal discovery in an unrelated, but similar, New York iPhone case. The Department of Justice requested a court order to force Apple to provide a backdoor into an iPhone related to a Brooklyn drug case, and Apple is trying to have the FBI show and use the same method it used to unlock the San Bernardino shooter’s iPhone.

Meanwhile, cybersecurity expert John McAfee claims the FBI has known about the method all along, thanks to a contract it made with Israeli security firm Cellebrite in 2013. Cellebrite is the leading contender for the FBI’s “third-party,” ever since an Israeli newspaper linked the two together earlier in March.

Cellebrite was reportedly confirmed as the third-party by sources close to the matter, according to several media outlets like CNN Money and Bloomberg. But McAfee wouldn’t say how he knew this information, according to Forbes.

The cybersecurity “legend” also previously claimed that he could unlock the iPhone for the FBI, taking the burden off of Apple’s hands. Now he says the FBI knew of Cellebrite’s UFED Touch technology all along, and only wanted to set a legal precedent in court.

It’s not a new claim, as Fight for the Future and many others have previously stated:

“Consensus among credible technical experts has always been that there were multiple ways the FBI could attempt to bypass the phone’s security, and that the government’s goal in its legal fight with Apple was not to access the data on the phone but rather to set a precedent to compel private companies to build backdoors into their products,” the advocacy group said in a blog post.

“The government’s goal in its legal fight with Apple was not to access the data on the phone but rather to set a precedent.”

UFED Touch is a product, created by Cellebrite, that can extract data from a mobile device.

“With its intuitive GUI and easy-to-use touch screen, the UFED Touch enables physical, file system, and logical extractions of all data and passwords, included [sic] deleted data, from the widest range of mobile devices,” according to Cellebrite’s website.

We reached out to Cellebrite before, and the company said it is unable to provide comment.

Editors' Recommendations

Julian Chokkattu
Former Digital Trends Contributor
Julian is the mobile and wearables editor at Digital Trends, covering smartphones, fitness trackers, smartwatches, and more…
FBI will not disclose technique used to unlock shooter’s iPhone
apple government hack fbi method building 01

Apple will never know the vulnerability that allowed professional hackers, paid by the FBI, to break into the San Bernardino, California, shooter's iPhone.

Amy Hess, the bureau's executive assistant director for science and technology, issued a statement confirming the widespread belief that the FBI will not disclose the method used to hack the San Bernardino shooter's iPhone. Bugs discovered by federal agencies are typically reported to the Vulnerabilities Equities Process. A White House panel then decides if it should report any findings to the company or not.

Read more
The feds got into yet another iPhone without Apple
iphone se ipad pro sales analysis apple 0023

The U.S. government is extending its winning streak over Apple. For the second time, federal officials have told the Cupertino-based tech giant "never mind" when it comes to unlocking the iPhone.

This time, it wasn't because investigators were able to hack into a New York drug dealer's smartphone that was the focus of the dispute, but rather because the passcode was provided to them by an unnamed source.

Read more
How much did the FBI pay to hack the San Bernardino shooter’s iPhone? ‘A lot’
iPhone 5c pocket

How much was the San Bernardino shooter's iPhone worth to the Federal Bureau of Investigation? Director James Comey let slip a hint, which Reuters used to calculate a ballpark amount well north of $1.3 million.

"More than I will make in the remainder of this job ... But it was, in my view, worth it."

Read more