Following yesterday’s news that the FBI bought information from independent hackers to assist it with unlocking the San Bernardino iPhone, a new report from Reuters reveals that the company the FBI acquired the procedures from retains sole legal ownership of the method, although it is unclear whether this “company” represents the “independent hackers” referred to in the earlier report. Either way, Obama administration sources have indicated that this makes it “highly unlikely” that the government will be able to disclose the technique. Technology security flaws are ordinarily reviewed by the White House to determine which should be made public, as part of a procedure known as the Vulnerabilities Equities Process — but sources note that the FBI would not even be permitted to submit the method to the White House for consideration without the permission of the private company that owns the technique. Rob Knake, a former White House staffer who was previously responsible for managing the process, noted that the FBI likely doesn’t even know the details of the technique other than that it successfully unlocked the iPhone in question, and added that the Vulnerabilities Equities Process had been created in 2010 to handle situations where government employees invent their own methods for circumventing security. The process was not designed for “a world of commoditized exploitation” by private companies, and that the government cannot “force companies to share the methods that they are trying to sell,” nor can they be prevented from buying technology from those companies.
Meanwhile, despite all of the legal battles and efforts undertaken to access the San Bernardino iPhone, a new report from CBS News reveals that nothing of value has yet been discovered on the iPhone in question, although it was stressed by the cited law enforcement source that the FBI continues to analyze the data. Apple had previously provided the FBI with the content of the most recent iCloud Backup made from the iPhone, although the FBI contended that it still needed access to the actual iPhone content, as it felt that it may not have included all of the necessary data stored on the iPhone.
