In early 2016, the security vs. privacy debate entered a new phase after Apple refused to help the FBI unlock the iPhone 5C belonging to Syed Rizwan Farook — one of the San Bernardino shooters. Eventually, the feds used a third-party to access the device. Now, a federal court has ruled that the agency doesn’t have to reveal who helped it, or how much it paid for the assistance.
As reported by Politico, three news publications — USA Today, the Associated Press and Vice Media — were all suing the FBI under the Freedom of Information act to try and force it to reveal details about the anonymous company and how much it charged to break Apple’s older security features.
But U.S. District Court Judge Tanya Chutkan ruled that the information is properly classified national security secrets and therefore exempt from disclosure under the FOIA. She also warned that releasing the company’s name would likely make it a target for attack.
“It is logical and plausible that the vendor may be less capable than the FBI of protecting its proprietary information in the face of a cyberattack,” the court said. “The FBI's conclusion that releasing the name of the vendor to the general public could put the vendor's systems, and thereby crucial information about the technology, at risk of incursion is a reasonable one.”
In April last year, then FBI director James Comey suggested that the FBI paid around $1.3 million to unlock the iPhone, but during a Senate Judiciary Committee hearing in May, California Sen. Dianne Feinstein said: “I was so struck when San Bernardino happened and you made overtures to allow that device to be opened, and then the FBI had to spend $900,000 to hack it open.”
It seems that the official cost will remain a secret. “Releasing the purchase price would designate a finite value for the technology and help adversaries determine whether the FBI can broadly utilize the technology to access their encrypted devices,” said Judge Chutkan
It’s widely suspected that Israeli firm Cellebrite was the one who provided the tools to hack the iPhone, though the method reportedly doesn’t work on newer Apple devices that feature a secure enclave. But some believe it was a team of gray hat hackers who helped crack the device.