FBI won't reveal how it unlocked the San Bernardino iPhone

Scorpus

Scorpus

Posts: 2,162   +239
Staff member

The FBI has decided that it doesn't need to reveal how it unlocked the San Bernardino iPhone, which will prevent Apple from identifying the security vulnerability and closing it through a software update.

Under a rule brought in by the US government in 2010 called the "Vulnerabilities Equities Process", government agencies like the FBI have to disclose any back doors or flaws in technology that they discover. The idea is that these vulnerabilities would be disclosed in private to the companies who make the products, provided the National Security Council gives the all clear, allowing them to fix the issue and keep Americans safe.

However in the San Bernardino iPhone case, the FBI has a convenient excuse they can use to avoid disclosing the details of the vulnerability. As the agency used a third-party tool to unlock the device in question, the FBI can and will simply say that they are unfamiliar with how the tool works.

If the FBI claims it doesn't know how the tool works, they won't have to disclose to Apple or the National Security Council what vulnerability the tool used to bypass the iPhone's lock screen. This keeps the flaw open and would allow the FBI to use the same tool to unlock similar phones in the future if need be.

Apple no doubt will be annoyed at the FBI's refusal to detail which vulnerability allowed them to bypass the security measures on their handset. Although it's believed that the vulnerability is not present in more modern devices (the San Bernardino killer used an old iPhone 5c), Apple still wants to keep their entire product portfolio secure.

Permalink to story.

https://www.techspot.com/news/64594-fbi-wont-reveal-how-unlocked-san-bernardino-iphone.html

 
And no one cares how they are clearly and unarguably lying? I mean this is like sticking your tongue out at the general public...
 
ikesmasher said:
And no one cares how they are clearly and unarguably lying? I mean this is like sticking your tongue out at the general public...
Click to expand...
Just at the iphone general public. Meh. Besides, Apple has plenty of lawyers and can take the FBI to court. It'll take a few years, then the FBI will capitulate, but by then the 5Cs won't be getting updates anymore.
 
  • Like
Reactions: Reehahs
Something is wrong here...
The FBI has decided that it doesn't need to reveal how it unlocked the San Bernardino iPhone, which will prevent Apple from identifying the security vulnerability and closing it through a software update.
Click to expand...

FBI has a convenient excuse they can use to avoid disclosing the details of the vulnerability.
Click to expand...

Although it's believed that the vulnerability is not present in more modern devices (the San Bernardino killer used an old iPhone 5c), Apple still wants to keep their entire product portfolio secure.
Click to expand...

How do you know this? How was this info leaked? If they've dont believe this vulnerability is NOT present in more modern devices(says who???) then why does it matter? If Apple has allegedly patched this in newer devices, I'm preeeeeeetttttyyyy sure their engineers and programmers can narrow down the vulnerability, because, of course, they've already found it and patched it.

On the other hand, if the FBI is about keeping people safe. This is not something they should be doing. Someone has to be responsible, and if the FBI is lying and not saying WHO knows how the vulnerability works, then arent they colluding with the developer of the tool who DID make it and DOES understand how the vulnerability works? I'snt that itself, somehow, against the law?

Like... I was with this guy who robbed a bank, but I didnt do it, he did it. I didnt really help him, or know how he did it but I knew about it, and he gave me some of the money. I dont get into trouble, AND I get some cash! The FBI asked me, and I didnt give them any information. I am off scot-free.

You better bet your *** they will charge me with AT LEAST obstruction of justice, right? RIGHT? Please correct me if I'm wrong.
 
ikesmasher said:
And no one cares how they are clearly and unarguably lying? I mean this is like sticking your tongue out at the general public...
Click to expand...

This really seems like the case, but how can they then offer to unlock phones for state police in other cases? Wont that bust them?
 
  • Like
Reactions: Uncle Al
Trillionsin said:
ikesmasher said:
And no one cares how they are clearly and unarguably lying? I mean this is like sticking your tongue out at the general public...
Click to expand...

This really seems like the case, but how can they then offer to unlock phones for state police in other cases? Wont that bust them?
Click to expand...

The trump card (sorry for that pun) could be the age old claim of "national security", which gives them the right to avoid prosecution as well as put a gag order on any further hearings; not to mention the "opportunity" to have the whole thing classified under the same umbrella. It has been awhile since this was done effectively, but with the government there is no telling how far they will try to take it.
 
Could this be any less relevant? This is for the previous generation iPhone, the new ones illegibly can't be broken in the same manner, so good for the FBI, they have a secret way of breaking into a phone that's already old news. Hey terrorist, stop using the iPhone 5c is all they're saying with this.
 
Adhmuz said:
Could this be any less relevant? This is for the previous generation iPhone, the new ones illegibly can't be broken in the same manner, so good for the FBI, they have a secret way of breaking into a phone that's already old news. Hey terrorist, stop using the iPhone 5c is all they're saying with this.
Click to expand...

Apple still officially supports the 5C though... so I can see why they'd want to patch the exploit... since the exploit almost certainly involved nand shadowing, however, it's not like the average joe can hack in... so this is basically a whole hullabaloo for nothing.
 
Scorpus said:
The FBI has decided that it doesn't need to reveal how it unlocked the San Bernardino iPhone, which will prevent Apple from identifying the security vulnerability and closing it through a software update.
Click to expand...
Right and continually using the unlock in other cases doesn't keep that door closed. That's like saying just because I have authorization to search one house we might as well search all of them on the block. And it is a bit late now for the FBI to suggest they have not used the unlock outside of the San Bernardino case.
 
That's probably because they badly wasted the taxpayers money to have it unlocked when they could've muscled and coerced some reasonably competent high school hacker kid to do the same thing for free.
 
Uncle Al said:
The trump card (sorry for that pun) could be the age old claim of "national security", which gives them the right to avoid prosecution as well as put a gag order on any further hearings; not to mention the "opportunity" to have the whole thing classified under the same umbrella. It has been awhile since this was done effectively, but with the government there is no telling how far they will try to take it.
Click to expand...

...what?! What my point was, is if they are lying about being able to unlock phones, but offer to unlock phones for state police officials, then wont they be found out? Either I'm an ***** and dont understand your reply, or you didnt get my point. I didnt mean literally "bust" them, I just mean like, "found out," or that their lie would be compromised.
 
Anybody following the regular news outlets already knows how the FBI broke into the Apple phone used in San Bernadino. The stopped suing Apple the second and Israeli company said it could break it. Guess what, it took less than one week from the time the FBI hired this company to break into it before they succeeded. So any of you who really believe your phones are secure, you obviously are putting way more trust in the manufacturers abilities than you should. There is no such thing as an unbreakable technology. If you think there is, I want to talk to you about purchasing an igloo in the middle of Death Valley.
 
dwolfer said:
Anybody following the regular news outlets already knows how the FBI broke into the Apple phone used in San Bernadino.
Click to expand...
Really! I bet you couldn't give Apple the specifics they would need to know in order to patch the vulnerability. But yet you have read all the news outlets and know exactly how it was done. There is quite a bit more to a vulnerability than simply labeling it a vulnerability.
 
Ah...but this would be called industrial espionage by the FBI. It's completely fine and legal for them to break the rules, because they're above the law. Bet you didn't know.
 
cliffordcooley said:
Really! I bet you couldn't give Apple the specifics they would need to know in order to patch the vulnerability. But yet you have read all the news outlets and know exactly how it was done. There is quite a bit more to a vulnerability than simply labeling it a vulnerability.
Click to expand...

They already said the vulnerability didn't exist in any iPhone newer than (and including) the iPhone 6... Since this is when Apple introduced secure enclave, it's a reasonable assumption that they used nand shadowing - this has all but been confirmed from various reports you can read online..

Here's one...

http://www.networkworld.com/article...ow-that-fbi-could-use-it-to-crack-iphone.html

Obviously, they'll never admit to it... but this is the most likely method - and as it involves physically removing the nand chip and replacing it over and over (to achieve unlimited passcode attempts), this won't be something that the "average joe" ever attempts...
 
Squid Surprise said:
No... the FBI admitted it didn't work on newer iphones...
Click to expand...
I'll choose to call that a lie until I read a confirming second opinion from Apple. Lets not forget the FBI will do anything to keep this vulnerability alive, even if that means they have to lie about the range of devices effected.
 
cliffordcooley said:
I'll choose to call that a lie until I read a confirming second opinion from Apple. Lets not forget the FBI will do anything to keep this vulnerability alive, even if that means they have to lie about the range of devices effected.
Click to expand...
Yeah, but since it was nand shadowing, it looks like this time they might actually be telling the truth... this doesn't mean that they don't have OTHER vulnerabilities lying around...
 
You must log in or register to reply here.

Similar threads

E
Another day, another FBI takedown of routers infected by malware
Replies
7
Views
222
p51d007
p51d007
midian182
Counterfeiters caught in multimillion-dollar iPhone repair scheme
Replies
3
Views
171
Underdog
Underdog
D
Apple iPhone 17 Pro could be the first phone with TSMC's 2nm chip
Replies
8
Views
140
daffy duck
D

Latest posts

Back