Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Director Suggests iPhone Hacking Method May Remain Secret (reuters.com)

Posted by BeauHD on from the pick-and-choose dept.

An anonymous reader quotes a report from Reuters: FBI Director James Comey said on Tuesday that his agency was still assessing whether a vulnerability used to unlock an iPhone linked to one of the San Bernardino killers would go through a government review to determine if it should be disclosed to Apple or the public. "We are in the midst of trying to sort that out," Comey said. "The threshold (for disclosure) is, are we aware of the vulnerability, or did we just buy a tool and don't have sufficient knowledge of the vulnerability to implicate the process?" The White House has a procedure for reviewing technology security flaws and deciding which ones should be made public. Although officials say the process leans toward disclosure, it is not set up to handle or reveal flaws that are discovered and owned by private companies, sources have told Reuters, raising questions about the effectiveness of the so-called Vulnerabilities Equities Process.

4 of 110 comments (clear)

  1. This has reached the point of ridiculousness by bangular · · Score: 4, Insightful

    Does anyone actually believe anything they say on the matter anymore? I'm still not convinced they even have the contents of the phone at the point.

  2. Too obvious by jxander · · Score: 3, Insightful

    Soo, they didn't actually crack the thing at all.

    Let's see: no actionable data from the phone (imagine the headline: "FBI's cracked iPhone thwarts terror plot"), they haven't shared this skeleton key with Law Enforcement, and now they might just never divulge the secret at all??

    "Ignore the man behind the curtain."

    --
    This signature is false.
  3. Re:Who cares? by vux984 · · Score: 5, Insightful

    Because its a policy / precedent.

    How they behave with this security vulnerability today is how they will behave with the next one tomorrow.

    It's literally a ... "first they came for the X, but I was not a X, so I did nothing" situation.

    And theirs is the wrong action, law enforcement should disclose vulnerabilities to the manufacturer and owners so that they can be corrected in future, not so that they can exploit them themselves.

    Its fundamentally the exact opposite of what they should be doing, FBI & NSA both, and the government in general. Their function is to 'serve and protect' the public. I am in no way being served by there being known security vulnerabilities in the products I use. If the government knows them, then so do other actors. I don't trust those other actors, and based on government behavior I don't trust them either.

  4. Congratulations, you're now the enemy by BitZtream · · Score: 4, Insightful

    So you've effectively put yourself at war with the American people in that statement, do you realize that?

    You've weaponized an asset of an American company and are intentionally putting the American public at risk to further your own agenda.

    You should be hung from the highest bridge with care.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager