FBI Disclosed Vulnerability in iPhone and iMac to Apple on April 14
Apr 28, 2016 04:25 AM EDT
FBI had informed Apple Inc of a vulnerability in its iPhone and iMac software on April 14. However, FBI will not tell Apple how the bureau broke into the iPhone 5c and extracted data belonging to terrorist Syed Rizwan Farook, who killed 14 people in San Bernardino, California with his Pakistani wife Tashfeen Malik.
Apple told Reuters on Tuesday that FBI had informed the company of a vulnerability in its iPhone and Mac software on April 14. This is the first time the bureau informed the flaw in Apple products under controversial Vulnerability Equities Process issued by the White House in 2010.
The Vulnerability Equities Process was created by the Obama administration in 2010 as a cybersecurity measure. The process, which was issued in 2014, is used to determine whether law enforcement and the US intelligence are required to disclosed the hacking method to the manufacturer. Many critics have said the process jeopardized the public security.
The Hill reported that critics argue that an exception for national security concerns allow the government to hoard hacking techniques at the expense of public cybersecurity. Defending the decision, a White House cybersecurity coordinator Michael Daniel said, "Disclosing a vulnerability can mean that we forego an opportunity to collect crucial intelligence that could thwart a terrorist attack."
Nevertheless, the issue whether US government agencies should share information in computer and telecommunication product has been under scrutiny since last month. During an investigation of December's terrorist attack in San Bernardino, California, FBI announced to have found a way to break into iPhone belong to one of the terrorist, Syed Rizwan Farook. Prior to that, Apple refused to help the FBI to extract data from the terrorist' iPhone.
The FBI then decided to sue Apple to force the company to help the Bureau extracting data from the iPhone 5c. Apple rejected the court order to disable phone encryption. Afterward, FBI announced it had purchased a special hacking method and no longer needed Apple's help to extract data from the phone.
Following the successful data mining from the terrorist's iPhone 5C, in accordance to the controversial Vulnerability Equities Process, FBI is required to share its method in hacking the iPhone. In regard to that, FBI has decided to not participate in a White House review of the hacking technique it used to access data in the iPhone.
The FBI also decided not to reveal how it broke into iPhone 5c a secret because the bureau did not posses sufficient technical detail of the vulnerabilities of the iPhone. According to The Guardian, FBI confirmed it wouldn't do this because it couldn't.
"Currently we do not have enough technical information about any vulnerability that would permit any meaningful review," said FBI's executive assistant director for science and technology Amy Hess.
Last April 14, FBI informed Apple Inc of a vulnerability in its iPhone and iMac software. The vulnerability was used to break into the iPhone 5c belong to terrorist Syed Rizwan Farook to extract data related to investigation.