Secret iPhone hack may stay that way

April 8, 2016 10:35 pm

FBI director James Comey. Photo / AP

The FBI has not decided whether to share with Apple details about how the bureau hacked into an iPhone linked to a California terrorism investigation, the bureau’s director says.
James Comey said the flaw the FBI exploited in Apple’s software works only on a “narrow slice of phones” – the iPhone 5C, running version 9 of Apple’s mobile operating system, not on newer or older models.
“If we tell Apple, they’re going to fix it and we’re back where we started,” Comey said. “As silly as it may sound, we may end up there. We just haven’t decided yet.”
The Justice Department dropped its legal fight to compel Apple to provide it with specialised software that would allow the FBI to hack into the iPhone, which was issued to San Bernardino county health inspector Syed Farook. Farook and his wife, Tashfeen Malik, killed 14 people in December before dying in a shootout with authorities.
The iPhone was found in a vehicle the day after the shooting. Two personal phones were found destroyed so completely the FBI could not recover information from them.

A US judge had ordered Apple to provide the FBI with software to help it hack into Farook’s work-issued iPhone after the Government said only Apple could help authorities access the encrypted and locked iPhone. The order touched off a debate pitting digital privacy rights against national security concerns.
Comey said that the case also inspired a lot of efforts to try to break into the phone. “Someone outside the Government, in response to that attention, came up with a solution,” he said. “One that I am confident will be closely protected and used lawfully and appropriately.”
The Government then “purchased a tool that allows court-authorised access to the phone”, Comey said. The Government will not release the identity of the third party that made it possible to access the iPhone.
“The FBI is very good at keeping secrets, and the people we bought this from, I know a fair amount about them, and I have a high degree of confidence that they’re very good at protecting it and their motivations align with ours.” .
Comey’s comments were the closest hints about what the FBI may do with its knowledge of a vulnerability in Apple’s software that could let someone bypass built-in digital locks to access private information. It remains unclear whether the FBI will share details about the technique with state or local police agencies or law enforcement offices.
The encrypted phone in the California case was protected by a passcode that included security protocols: a time delay and self-destruct feature that erased the phone’s data after 10 tries. The two features made it impossible for the Government to repeatedly and continuously test passcodes.
Comey said the new method to get into the iPhone would disappear if Apple changes its software.
The FBI frequently receives requests to help with cellphone forensics, including getting into locked phones. The bureau said it has received requests for technical assistance on more than 500 cellphones during four months from October and responds on a case-by-case basis.

shared on