The FBI plans not disclose to Apple the method it used to access an iPhone belonging to the San Bernardino shooter, or submit it for an internal government review, according to a Wall Street Journal report.
The FBI announced in March that it had purchased a hacking tool from a third party that enabled it to access data on an iPhone used by Syed Farook. Farook and his wife killed 14 people during a shooting at the Inland Regional Center in San Bernardino, California. His iPhone became a lightning rod for the ongoing debate over encryption when the FBI demanded that Apple assist the government in accessing data stored on the device.
Apple fought the FBI’s demand that it create a custom operating system that would allow investigators to crack the phone’s passcode in a high-profile court battle last month. The confrontation ended without a clear judicial ruling when the FBI announced its purchase of the hacking tool.
So far, the FBI has refused to share details about the tool with Apple, except that it doesn’t work on the iPhone 5S or newer models. Apple hasn’t publicly pressed the FBI to release details about how it accessed the phone, but would understandably want to know how the tool works so it can patch any vulnerabilities that persist in current iPhone models.
Earlier this month, an Apple attorney said that the company would not sue the government to reveal how the San Bernardino iPhone was unlocked. The attorney said that whatever vulnerability the government had discovered would likely be fixed as the company regularly improves the security of its products.
The government has some policies in place that govern the disclosure of security problems to companies, but the Vulnerabilities Equities Process is shrouded in secrecy. The government is generally supportive of vulnerability disclosure because the quicker companies can patch security issues, the less likely they are to be exploited by malicious hackers.
The FBI plans to argue that it does not know enough about the tool to substantively explain how it works during an internal government review of the hacking method, according to the Wall Street Journal. FBI director James Comey has revealed that his agency spent more than $1 million to obtain the tool.