Fbi Won’t (or Can’t) Say How It Accessed Locked Iphone

When the FBI paid more than $1 million to crack into the San Bernardino shooter’s iPhone 5C, it paid only for a hacking tool, not the source code, so it is not able to publicly disclose how the phone was broken into. Because it doesn’t have the technical details, the FBI can’t submit any software weaknesses to an interagency White House process that weighs whether such defects should be disclosed to manufacturers, like Apple, or developers. [...] the announcement still hasn’t ended mistrust of the agency, its tactics or the very process the government uses to alert private industry of such problems. The lack of transparency in the equities process is, perhaps, what’s causing that sentiment to spread among Silicon Valley firms, said Katie Moussouris, the founder and CEO of Luta Security, which advises organizations and governments on vulnerability disclosure and bug bounty programs. The revelation last month that the FBI had managed to get into the work phone of Syed Rizwan Farook, who along with his wife killed 14 people in the December attacks in San Bernardino, halted an extraordinary court fight that flared a month earlier when a federal magistrate in Riverside directed Apple to help the FBI hack into the device.