Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Couldn't Tell Apple What Hack It Used, Even If It Wanted To (qz.com)

Posted by msmash on from the apple-vs-government dept.

An anonymous reader writes: The US Federal Bureau of Investigation doesn't own the technique used to unlock the San Bernardino iPhone, so it can't reveal the method to Apple even if it wanted to, Reuters reported, citing unnamed White House sources. The Washington Post reported yesterday, citing unnamed sources, that the FBI had paid a hacker a one-time fee to use a piece of hardware that allowed it to access the iPhone 5c belonging to one of the San Bernardino, California assailants. The vendor that supplied the hack is a non-US company, according to Reuters. But according to the Post report, it is not the Israeli firm Cellebrite, which had previously been named. The FBI would require the vendor's cooperation in order to submit the technique it used to Vulnerabilities Equities Process, a mechanism that allows the government to consider whether it should disclose security flaws to manufacturers. It's a move that mirrors Apple's own efforts to create security systems on its phones that even it wouldn't be able to crack, meaning it can't comply with a government order to hand over user data even if it wanted to.

1 of 99 comments (clear)

  1. DMCA allows it by raymorris · · Score: 4, Informative

    I posted relevant portions of the law last week, if you care to read the details. There are two sections that are mainly relevant.

    First, DMCA explicitly says that circumvention by or FOR the government is legal. So you can hack it if the government asks you to.

    Secondly, and this is important to my job developing security testing tools, DMCA says twice that it is legal to create tools to research on the security of the measures as long as those tools aren't used, or intended to be used, for copyright infringement as specified in DMCA.

    So it's a lot like gun laws in areas that have Constitutional gun laws - using a gun to commit a felony is an additional crime, but just having a gun is legal. Similarly, building a circumvention tool FOR THE PURPOSE of copyright violation is unlawful, but building it for research, security, and investigation purposes is fine.