Monday, March 28, 2016

"Apple likely can’t force FBI to disclose how it got data from seized iPhone" (AAPL)

From ars technica:

"It is an important test for the government's disclosure policy."

The US government isn't saying whether it will divulge to Apple the method it used to access the locked iPhone seized by one of the San Bernardino shooters. The iPhone has been at the center of a bitter dispute between Apple and the Federal Bureau of Investigation. But that legal battle—in which a judge last month had ordered Apple to write code to assist the authorities in unlocking the phone—came to a seemingly abrupt halt late Monday when the government said it "successfully accessed the data" on the phone without Apple's assistance.

A federal law enforcement official requesting anonymity told reporters in a conference call Monday that the US government would not discuss whether it would reveal the method.

"We cannot comment on the possibility of future disclosures to Apple," the law enforcement official said in response to a question from Ars. Just a week ago, Apple told reporters in a conference call that it would insist in court of knowing everything about the vulnerability. Ars reported last week that the Israeli firm Cellebrite was potentially working for the US government to unlock the phone, and many have speculated that the method was a NAND mirroring attack.

White House cybersecurity coordinator Michael Daniel announced in 2014 that the authorities would disclose vulnerabilities—to an extent, and in limited circumstances. This is known as the Vulnerabilities Equities Process....MORE