FBI's iPhone cracking software to remain a secret

Judge slaps down FOI request seeking to reveal details of San Bernardino iPhone hack

The FBI can keep secret the details of a hacking tool used to break into an iPhone last year, a court has ruled.

This is the final word in a long-running series of contentious legal battles over an iPhone 5c belonging to one of the terrorists who launched an attack on an office party in San Bernardino in December 2015, in which 14 people were killed.

The owner of the phone, Syed Farook, died alongside his wife in a shootout with police following the incident. The FBI then tried to access the phone, believing it to contain valuable information related to the case, but in the process managed to lock the device, meaning Apple engineers who were then called out were unable to do anything.

A court order was issued in an attempt to force Apple to develop a tool to unlock the phone, but the company refused to comply, arguing it would be set a dangerous precedent with regard to the security services' ability to override US citizens' right to privacy.

Advertisement - Article continues below
Advertisement - Article continues below

However, in early 2016 the FBI dropped the case, having found a third-party company that could crack into the iPhone without Apple's help, for the bargain price of $1.3 million (900,000).

In September that year, three media organisations the Associated Press, USA Today and Vice Media sued the law-enforcement agency under the US Freedom of Information Act to try and force it to reveal the name of the company that succeeded in cracking the device and how much exactly it paid for the service.

After a year of legal wrangling, US district court judge Tanya Chutkan has finally ruled the information is not covered by FOI requests, citing national security and the threat of cyber attacks against the unnamed third party, IBT reports.

"It is logical and plausible that the vendor may be less capable than the FBI of protecting its proprietary information in the face of a cyber attack," Chutkan said in her ruling. "The FBI's conclusion that releasing the name of the vendor to the general public could put the vendor's systems, and thereby crucial information about the technology, at risk of incursion is a reasonable one."

She added: "Releasing the purchase price would designate a finite value for the technology and help adversaries determine whether the FBI can broadly utilise the technology to access their encrypted devices.

"Since the release of this information might 'reduce the effectiveness of a critical classified source and method', it is reasonable to expect that disclosure could endanger national security."

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020