Skip to main content

ACLU accuses FBI of gambling with cybersecurity as it fails to disclose iPhone hack details to Apple

ACLU

The American Civil Liberties Union has accused the FBI of gambling with cybersecurity by failing to disclose to Apple the method used to access the San Bernardino iPhone, reports the WSJ.

Chris Soghoian, principal technologist at the ACLU, said the FBI is facing “a million-dollar question, and really what it comes down to is, does the FBI prioritize its own surveillance needs, or does it prioritize cybersecurity.’’

The longer the FBI keeps the security flaw to itself, he said, “the more they are gambling that no other entity will discover this flaw.’’ 

A former FBI official said that the agency’s decision on whether or not to reveal the method would likely depend on how many iPhone models it is able to unlock …

Robert Anderson, a former senior FBI official who is now an executive at Navigant Consulting Inc., said that the more iPhones could be opened with the technique, the more likely the government would be to disclose it to Apple. “I don’t think they would hide it and jeopardize millions of people’s safety and privacy,’’ he said.

Anderson added that the government’s attempt to balance the relative risks of hiding or disclosing security vulnerabilities was skewed towards keeping them quiet.

The FBI is said to be working on unlocking another iPhone in a homicide case in Arkansas.

It was reported a week ago that Israel’s Cellebrite was the company which unlocked the phone for the FBI, a story which Bloomberg corroborates today. Both Cellebrite and the FBI have maintained their refusal to comment.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Doug Aalseth - 8 years ago

    Sorry but Robert Andersons comment strikes me as rather naive.

  2. alanaudio - 8 years ago

    “Robert Anderson, a former senior FBI official who is now an executive at Navigant Consulting Inc., said that the more iPhones could be opened with the technique, the more likely the government would be to disclose it to Apple. “I don’t think they would hide it and jeopardize millions of people’s safety and privacy,’’ he said.”

    This seems like nonsense, I would have expected exactly the opposite. If it was a technique that only worked on obsolete 32 bit iPhones, then it would have minimal value to the FBI as it is already ineffective against all current iPhones, so there would be little harm in telling Apple how it was done.

    On the other hand, if the technique could be used to defeat newer iPhones, they would want to keep it very much to themselves and not allow Apple to block the exploit in future models.

  3. boycottappleamerica - 8 years ago

    Numb nuts…you dont tell the enemy the cards you holding…when ate people going to get it…we are at war with some very evil, tech savvy people who want to kill us…i repeat, Kill US. You dont share your strengths, plans, nothing with them.

    Please, get a copy of Jean Francois Revel’s book How Democracies Perish and once read, then post a position on this debate.

    • rahhbriley - 8 years ago

      Please listen to the Janurary 20th episode of Freakonomics Radio “Do Boycotts Work?” and post a new position on boycotts once listened.

      You don’t even know what you’re talking about until you listen to that and report back.

    • Doug Aalseth - 8 years ago

      OK listen “numb nits”. I suspect I’m a lot older that you are. I’m old enough to remember when were were told that the Russians were planning on landing in the US so they could steal our cars and TV sets. They weren’t and didn’t. Then we were told that we dare not lose in Viet Nam or it would mean the downfall of America. We did, because it was a war based on a lie that we should never have gone into. But America survived. Then I remember when drug crazed hippies were going to destroy the American way of life. They didn’t. Then it was Iran that was trying to destroy America. Nada. More recently they said Al Quaida was trying to destroy America. They got one lucky shot, and then nothing, but somehow Al Quaida morphed into the Taliban, who have never attacked anyone outside their own region so Afghanistan was invaded. Trillions spent, all for nothing. Our puppet government will be gone by the end of the decade. Simultaneously we were told that Saddam was going to war against the US and unless we acted to take out his Weapons of Mass Destruction all of America would be a glowing ruin. By this point I could smell a lie coming. Thousand of us protested the open and blatant lies. Lies upon lies. lies so transparent that even schoolchildren could tell they were lies. But apparently not the rest of America. The US went in. Trillions were spent, thousands of Americans killed, all for nothing. We imposed a less stable less inclusive government that also shows little sign of long term stability. Now a group of “very evil, tech savvy” nutballs living in a war zone, is a threat to destroy America. Nope, nope, and nope. I’ve been lied to too many times to fall for this one. They will get in a few lucky shots, but get serious. People in America are far more likely to be shot by a disgruntled worker the next time they go into Walmart than by any plot from Daish.

      The one consistent pattern I’ve noticed over my last fifty odd years is this: Every time they talk about a threat the solution is the same. More money for the military industrial complex, less money for things like education, public services, and healthcare that made America great, and more of our rights “temporarily” surrendered.

      So you may be getting your information from Revel’s book. I got mine from living through the last fifty years. The most fundamental lessons I’ve learned over the last half century, and by studying the last several thousand years of history are these:

      1)You don’t preserve and protect a civilization by turning away from the fundamental principles that are the foundation of that civilization.
      2)Rights once surrendered are never given back.

      • Aunty T (@AuntyTroll) - 8 years ago

        I’m not even American but this is an incredible reply fella- fair play to you.

  4. Kunal Barchha - 8 years ago

    Apple offered a big ZERO when FBI needed help and now expecting FBI to deliver them the sweet dish ! So childish on Apple’s part. You help one, you get one.

    • kevinhancox - 8 years ago

      Far from offering no help they did and do always help when they can… I think you are very naive to think otherwise, they where ordered by a court to write a new software that gave access, which by the way is against the law for them to even ask to do… Look at the US communications laws and you will see that no government agency can insist or order a telecommunications software or hardware provider to later there system for the reason of search… So please tell me how they offered no help when the same government made the law that says they should not help… ;)

      • jowens1259 - 8 years ago

        Instead of refusing why didn’t Apple tell the FBI they could open the phone without creating new software. According to speculation it only works on that particular phone. Unless they didn’t know how. If that’s the case having someone else unlock it makes Apple look incompetent.

    • Dave Howarth - 8 years ago

      I think you need to to 1. review the facts in the case and realize that not only has Apple helped the FBI and local law several times in the past but also tried helping in several ways on this case (short of hacking their own software), and 2. you need to review this article because it’s no Apple asking for anything. It’s a third party saying that it is in all iPhone owner’s best interest (millions worldwide) that you tell them how to protect the phones.

  5. Dan Lowry - 8 years ago

    The technique is most likely the most simple!!! Not a flaw, but a unique issue with most all technology. Copy the phone data while encrypted, try to unlock with Brute Force (up to 10 tries, starting with 0000), if fail then restore and reattempt with 10 new tries! I’m sure Apple is aware if this can be done and is now trying to play the political game back at the FBI. At first Apple said they can’t do it, then they said they won’t, now they say tell me what you found. If they didn’t ask now, they look stupid or neglectful to their most loyal fans and that is bad PR. I have to hand it to FBI, stand your ground and let them figure it out like the FBI did!!!

  6. Kunal Barchha - 8 years ago

    Is it something wrong with the site or is it just me? The article has been posted 1 hour ago, while all the comments shows “6 Hours ago”.

    • cydianerd - 8 years ago

      Same here. It is happening with me as well. Looks like a glitch in time management at their sever end.

      • Ben Lovejoy - 8 years ago

        Maybe the server is trying to pull a time-machine prank on us.

      • cydianerd - 8 years ago

        LOL :D

  7. thh (@thh21044) - 8 years ago

    In the time of rotary dial phones, there was no security. Why is it suddenly the government’s job to protect Apply encryption?

  8. Danny Bissett - 8 years ago

    The ACLU is very dumb if they think the FBI was the first to hack passed the iPhone’s passcode. The FBI just found the dude that has and I am sure there are many others out there.

  9. rgbfoundry - 8 years ago

    Again, the HOW isn’t as important as the precedent. I have no doubt the undisclosed data retrieval technique involves major physical deconstruction of the phone AND additional hardware. We’re not talking about somebody hacking into your functional phone while it’s in your possession. As a separate issue, the FBI and CIA have a long history of discovering security vulnerabilities, fixing them on their own hardware, and leaving the flaw out in the wild for their own purposes. It’s a perfect gateway. Nothing will change this behavior. It’s espionage, and the public doesn’t have any input in the techniques or their legality.

    • 89p13 - 8 years ago

      Actually, both the FBI and the CIA have been actively buying Zero Day Exploits and other “back doors” for years, across Windows and other O/S devices. Witness STUXNET several years ago.

      Nothing new here..

  10. John Smith - 8 years ago

    Normally people should tell Apple about (their own) security failures on the iPhone.

    But unfortunately Apple is just too irresponsible for the FBI to do that.

    Apple needs to start being more responsible with regard to not obstructing law enforcement in serious cases – other corporations ensure that they can and do assist on production of a court order, Apple is deliberately and irresponsibly trying to ensure they can never assist. Until they stop doing that, Apple needs to be seen as part of the problem – they can’t expect to be seen as part of the solution as could be done with other corporations.

  11. Thomas Marble Peak - 8 years ago

    A security flaw exists. Cellebrite will sell their services to exploit it for you. Hello, China? The government is undermining the security of our devices to benefit themselves. A government that can even secure their own “house” (e.g., OPM and IRS). Hello, China?

    Apple haters you need to wake the heck up. This is has never solely been about one company nor one phone or a handful of phones.

  12. b9bot - 8 years ago

    “Robert Anderson, a former senior FBI official who is now an executive at Navigant Consulting Inc., said that the more iPhones could be opened with the technique, the more likely the government would be to disclose it to Apple. “I don’t think they would hide it and jeopardize millions of people’s safety and privacy,’’ he said.”

    Yet that was there intention all along by taking Apple to court to force them to make a backdoor to there encryption. So I don’t think the FBI gives a damn about the millions of users is what it looks like to me.

  13. b9bot - 8 years ago

    Oh and by the way this is not just about Apple. This is about all cell phones, computers, and services that everyone of us uses. If they have there way in court or by some stupid politician then everyone’s data will be at risk. Banking, health records, taxes, pictures, history, business transactions, corporate products, you name it. And it won’t stop here in the United States, it will be world wide with some non-friendly governments asking for your data and taking it without your knowledge if they get there way and weaken encryption with back doors.

  14. Gary Dauphin - 8 years ago

    As a shareholder, I would like to know: shouldn’t the Feds cover the company’s legal expenses for initiating a frivolous lawsuit then dropping it?

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear