FBI Follows Apple's Example, Says It Doesn't Have iPhone Hack Info
FBI's assistant director says the agency doesn't have the information necessary to disclose how it hacked terrorist Syed Farook's iPhone, so it can't share it with Apple or the public.At first glance, it seems like a case of turnabout being fair play when the Federal Bureau of Investigation (FBI) announced on April 27 that it would not tell Apple how it got into terrorist Syed Farook's iPhone 5C, which was recovered by authorities following Farook's December killing rampage in San Bernardino, Calif. After all, the wording used by FBI Executive Assistant Director Amy Hess seems similar to how Apple said it couldn't help the FBI in the first place. In a statement provided to eWEEK by the FBI National Press Office, Hess, who is the executive assistant director for Science and Technology, said the agency has determined it cannot submit the method used to the Vulnerabilities Equities Process (VEP), a method sponsored by the White House to allow federal agencies to tell technology makers about vulnerabilities uncovered during the course of their activities. The VEP is itself classified, but the Electronic Frontier Foundation was given a redacted version as part of a Freedom of Information Act request.
"The VEP is a disciplined, rigorous and high-level interagency decision-making process for vulnerability disclosure that helps to ensure that all of the pros and cons of disclosing or not disclosing a vulnerability are properly considered and weighed. By necessity, that process requires significant technical insight into a vulnerability," Hess said in her statement.