Monday, October 2, 2017

Judge: FBI Doesn't Have to Reveal How It Unlocked iPhone Used by San Bernardino Terrorist


Remember the infamous encryption fight between the FBI and Apple for

unlocking an iPhone

belonging to terrorist Syed Farook behind the San Bernardino 2015 mass shooting that killed 14 people?

The same Apple vs. FBI case where

Apple refused to help feds

access data on the locked iPhone and, later the Federal Bureau of Investigation reportedly paid over a million dollars to a vendor for unlocking the shooter's iPhone.

For keeping the iPhone hack secret, three news organizations—The Associated Press, USA Today, and Vice Media—sued the FBI last year under the Freedom of Information Act (FOIA) and forced the agency to reveal the name of the company and the amount it was

paid to unlock the iPhone

.

However, unfortunately, they failed.

A US federal judge ruled Saturday that the FBI does not have to disclose the name of or how much it paid a private company for an 

iPhone hacking tool

that unlocked Farook's iPhone.

Apple vs. FBI was one of the biggest legal battles in which Apple was being

forced to build a backdoored version

of its iOS that could have helped the agency unlock Farook's iPhone, but the company refused.

After weeks of arguments, the US government withdrew its motion and announced it had obtained an alternative

method to unlock the iPhone

from an "outside party."

A few months later, The Associated Press, USA Today, and Vice Media sued the FBI, arguing that the public have a right to know how the government spent taxpayer funds for the iPhone hack.

The news organisations also claimed the existence of a serious vulnerability in the iPhone could be a danger to the public.

However, U.S. District Judge Tanya S. Chutkan of the District of Columbia

ruled

this weekend that the information on vendor and hacking tool used is exempt from mandatory disclosure under the government transparency law.

"It is logical and plausible that the vendor may be less capable than the FBI of protecting its proprietary information in the face of a cyber attack," the judge said.
"The FBI's conclusion that releasing the name of the vendor to the general public could put the vendor's systems, and thereby crucial information about the technology, at risk of incursion is a reasonable one."

Regarding the cost of the hacking tool, the federal judge also agreed with the US government that revealing the price the government paid for unlocking iPhone could harm national security.

"Releasing the purchase price would designate a finite value for the technology and help adversaries determine whether the FBI can broadly utilise the technology to access their encrypted devices," Chutkan said.
"Since the release of this information might 'reduce the effectiveness of a critical classified source and method', it is reasonable to expect that disclosure could endanger national security."

Last year, former FBI Director James Comey indirectly disclosed that the agency reportedly paid around $1.3 Million for the hacking tool that helped the agency break into Farook's iPhone 5C.

Although Comey said the hacking tool the FBI bought was only effective against an iPhone 5C running iOS 9 and not on later versions of iPhone such as the 5S, 6 and 6S, the agency could theoretically find a way to expand the tool's effort or build a similar implementation to hack higher models.



from The Hacker News http://ift.tt/2xMtojV

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.