Digital Media Center
Bryant-Denny Stadium, Gate 61
920 Paul Bryant Drive
Tuscaloosa, AL 35487-0370
(800) 654-4262

© 2024 Alabama Public Radio
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

FBI Explains Why It Won't Disclose How It Unlocked iPhone

FBI Director James Comey testifies March 1 before the House Judiciary Committee on the encryption of the iPhone belonging to one of the San Bernardino attackers.
Nicholas Kamm
/
AFP/Getty Images
FBI Director James Comey testifies March 1 before the House Judiciary Committee on the encryption of the iPhone belonging to one of the San Bernardino attackers.

The FBI has officially decided it can't tell Apple how the agency hacked into the locked iPhone used by one of the San Bernardino attackers.

The FBI paid undisclosed professional hackers more than $1 million to get inside the locked and encrypted iPhone 5C through a previously unknown flaw in the software.

The agency has been weighing whether it would submit the details to a review process that helps decide whether software vulnerabilities known to the government should be disclosed to companies.

FBI science and technology chief Amy Hess said in a statement on Wednesday that the agency has determined it won't be able to submit the third-party iPhone hack to the review, called the Vulnerabilities Equities Process:

"The VEP cannot perform its function without sufficient detail about the nature and extent of a vulnerability.

"The FBI purchased the method from an outside party so that we could unlock the San Bernardino device. We did not, however, purchase the rights to technical details about how the method functions, or the nature and extent of any vulnerability upon which the method may rely in order to operate. As a result, currently we do not have enough technical information about any vulnerability that would permit any meaningful review under the VEP process."

This was exactly the kind of challenge predicted by Robert Knake, former director of cybersecurity policy for the National Security Council in the Obama administration, in his recent interview with NPR. Knake offered a detailed description of how the Vulnerabilities Equities Process works and suggested that intellectual property lawyers will in the future fight over whether hackers can own the rights to a vulnerability.

Copyright 2021 NPR. To see more, visit https://www.npr.org.

Alina Selyukh is a business correspondent at NPR, where she follows the path of the retail and tech industries, tracking how America's biggest companies are influencing the way we spend our time, money, and energy.
News from Alabama Public Radio is a public service in association with the University of Alabama. We depend on your help to keep our programming on the air and online. Please consider supporting the news you rely on with a donation today. Every contribution, no matter the size, propels our vital coverage. Thank you.