FBI Spent $1.3 Million To Not Even Learn The Details Of The iPhone Hack... So Now It Says It Can't Tell Apple

from the wtf dept

Once the DOJ told the court in San Bernardino that it had succeeded in hacking into the iPhone of Syed Farook, the big question people asked is whether or not the FBI would then tell Apple about the vulnerability. After all, the administration set up the so-called "Vulnerabilities Equities Policy" (VEP) with the idea of sharing most vulnerabilities it discovers with companies. The White House directly stated:
One thing is clear: This administration takes seriously its commitment to an open and interoperable, secure and reliable Internet, and in the majority of cases, responsibly disclosing a newly discovered vulnerability is clearly in the national interest. This has been and continues to be the case.

This spring, we re-invigorated our efforts to implement existing policy with respect to disclosing vulnerabilities – so that everyone can have confidence in the integrity of the process we use to make these decisions. We rely on the Internet and connected systems for much of our daily lives. Our economy would not function without them. Our ability to project power abroad would be crippled if we could not depend on them. For these reasons, disclosing vulnerabilities usually makes sense. We need these systems to be secure as much as, if not more so, than everyone else.
Of course, there's a big "but" there -- and it's that there's an "exception" for law enforcement. Last fall, after (yet another) big legal fight, the good folks over at the EFF finally got access to the VEP details and you can now read a (heavily redacted) version.

Still, one could make a strong case that this vulnerability should be disclosed... even if almost no one expected it to be. Amusingly, just a few days ago, Apple revealed that the FBI used the VEP to disclose a vulnerability for the very first time, on April 14th, just as everyone was arguing about this. Of course, the flaw it revealed was not about hacking into the iPhone, and was actually about a flaw that Apple had discovered and fixed... nine months ago. But, again, if this is the very first time the FBI has disclosed something to Apple, it certainly suggests that the VEP process generally means nothing gets disclosed. In fact, the timing of this really suggests that someone in the DOJ recently flipped out and realized that there's now going to be scrutiny on the VEP, so they might as well disclose something. Thus, they found an old bug that had already been patched and "revealed" it.

Either way, things got stranger a couple of days later, when the FBI -- which had already admitted to paying over $1 million to access Farook's iPhone, said that, for all that money, the people it hired never explained the vulnerability. They just opened the phone. Really.
“The F.B.I. purchased the method from an outside party so that we could unlock the San Bernardino device,” Amy S. Hess, executive assistant director for science and technology, said in a statement.

“We did not, however, purchase the rights to technical details about how the method functions, or the nature and extent of any vulnerability upon which the method may rely in order to operate. As a result, currently we do not have enough technical information about any vulnerability that would permit any meaningful review” by the White House examiners, she said.
Now, some are arguing that this suggests absolutely terrible bargaining on the side of the DOJ/FBI. But, another interpretation is that it's how the DOJ knew that it wouldn't have to reveal the flaw to Apple. Of course, this might also explain why the DOJ at one point appeared to claim that the hack in question only worked for Farook's phone. They later claimed that was a misstatement, and it really meant that it only applied to that iPhone configuration. But, if the FBI never actually got the details, then in some sense they'd be right that for the FBI the crack only worked for that one phone. And if they wanted to do it on another phone, they'd have to shell out another ~$1 million or so...

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 29 Apr 2016 @ 9:41am

    We did not, however, purchase the rights to technical details about how the method functions, or the nature and extent of any vulnerability upon which the method may rely in order to operate.

    In other words, they do not even know if the method modified the contents of the phone in any way. In other words they paid a lot of money to allow them to escape from a court case that they started.

    reply to this | link to this | view in chronology ]

    • icon
      GrooveNeedle (profile), 29 Apr 2016 @ 9:58am

      Re:

      Exactly what I was thinking. For all the FBI knows, there actually was important information on the phone, but due to their desire to set precedent and then subsequently escape the court case that was going to set the antithesis of the precedent they wanted, they have handed over the phone to an unknown entity, that may or may not be Daesh sympathizers, that may or may not have modified the contents of the phone...for better or worse.

      They royally screwed up an investigation into a single, solitary cell phone, and these jackholes want access to everything?

      Federal Bureau of Incompetence

      reply to this | link to this | view in chronology ]

      • icon
        madasahatter (profile), 29 Apr 2016 @ 10:28am

        Re: Re:

        This would not be the first time LE agencies botched an investigation so thoroughly that there will never a conviction no matter how guilty the defendant is.

        reply to this | link to this | view in chronology ]

    • identicon
      DCL, 29 Apr 2016 @ 10:32am

      Re:

      two words: Plausible Deniability.

      reply to this | link to this | view in chronology ]

    • identicon
      Alya, 30 Apr 2016 @ 10:49am

      Re:

      In other words, they do not even know if the method modified the contents of the phone in any way.

      So, what if the FBI found that the phone looked just like one that had been recently wiped? Just coincidence, I'm sure, and it only cost them $1.3 million dollars.

      Hey, FBI, next time you need one cracked I'll do it for a million bucks, even. Heck, I might even give you a two-fer. Of course, I can't guarantee what will be found. They might turn out looking like they've been recently wiped.

      reply to this | link to this | view in chronology ]

  • icon
    Daniel (profile), 29 Apr 2016 @ 9:44am

    Discovery

    My BS indicator is reading in the red. Only thing that would make sense is that they really didn't unlock the phone and this has been a tactical retreat from their precedent fight with a colorful narrative to fill in the details; because why would anyone question the details of a relatively closed-case investigation?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 29 Apr 2016 @ 11:38am

      Re: Discovery

      It seems highly possible that they didn't just beat a hasty 'tactical retreat', but they also paved someone's pockets (probably a friend) in over a million dollars of tax money as part of their retreat. Well isn't that nice...

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 29 Apr 2016 @ 12:14pm

        Re: Re: Discovery

        This is an excellent money laundering method. Buying and selling "exploit implementation" solutions.

        Personally, I wouldn't mind if they gave me over a million dollars to unlock a phone. Since I'm not the government, a wrench would likely be enough in most cases. In others, I could supply them with phone contents tailored to whatever they were looking for.

        I hope the FBI at least got some confirmation that the data they received actually came from the phone in question....

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 29 Apr 2016 @ 4:12pm

      Re: Discovery

      Why would they not just be lying yet again in this case?

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 1 May 2016 @ 5:04am

      Re: Discovery

      "Only thing that would make sense"

      You're missing the fact that these hacking companies sell products. Just like Google sells advertising products, not advertising data, hacking companies sell hacking products not hacking methods.

      It's simple economics, you make more money selling fish than teaching fishing lessons.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Apr 2016 @ 9:51am

    Alternate explanation for disclosing old bug

    Maybe when they decided to disclose that bug, it was new/unknown, but the extent of bureaucracy that had to be navigated before the disclosure was such that Apple had time to independently find and fix the bug before the bureaucracy got around to approving the disclosure. Government is well known for being slow and inefficient even when that inefficiency does not directly serve its interests. Consider how much more slowly it would go when some of those involved feel that doing nothing is better than doing something.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Apr 2016 @ 9:56am

    Hi, we're FBI, and we have no idea how we're spending out budget.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 1 May 2016 @ 5:19am

      Re:

      Let’s dispel once and for all with this fiction that FBI doesn’t know what it's doing. It knows exactly what it’s doing.

      reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 29 Apr 2016 @ 9:58am

    Empty gestures

    Amusingly, just a few days ago, Apple revealed that the FBI used the VEP to disclose a vulnerability for the very first time, on April 14th, just as everyone was arguing about this. Of course, the flaw it revealed was not about hacking into the iPhone, and was actually about a flaw that Apple had discovered and fixed... nine months ago.

    Yeah, going to have to agree with the article here, I'm guessing the only reason they 'reported' the flaw was because it had been patched and was therefore useless to them. I really doubt they'd be willing to report an active flaw, given doing so would reduce their ability to access devices affected by it, and they care more about that than protecting the public from the repercussions of others using the flaw.

    reply to this | link to this | view in chronology ]

  • icon
    Tom Mink (profile), 29 Apr 2016 @ 10:49am

    What a cost

    By not insisting they know the details of the crack, that means they were willing to risk the destructible/modification of this all important evidence. Even if they got any useful information, it would've not been useful from a law enforcement perspective since whether they had to turn over the phone or not to unlock it, the chain of evidence would be tainted.

    That pretty starkly illustrates their motives in wanting the phone unlocked in the first place. They probably had to pay more to NOT find out the details of the vulnerability since just revealing its existence would lower its market value, and it's likely that they reflexively asked for plenty of safeguards like exclusive ongoing access and complete secrecy.

    reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 29 Apr 2016 @ 11:01am

    Handy that

    First they absolutely required Apple's forced assistance to unlock the phone, and insisted that it was vital that it be done because who knows what might be on it?

    Cyber pathogens?
    The Ultimate Question?
    A bunch of sudoku puzzle answers?
    What appears to be a bunch of lurid poetry with innuendos that are almost, but not quite enough to make a nun blush, but which is actually perfectly tame and only masterfully written to seem questionable?

    Then when it started to look like the case might not go their way, overnight and like magic they suddenly found out that they didn't in fact need Apple's forced assistance, and ran away from the case fast enough to set speed records. Yet despite managing to do what they claimed was impossible previously, they remained silent on how they did it, and the only thing known was the crazy price-tag on how much it took.

    And now they claim that they handed over both phone and $1.4 million to a company or group that only unlocked the phone, and didn't tell them how they did it, not only making anything found on the phone absolutely worthless as far as evidence goes(which assumes that they cared about the contents in the first place of course), because if they don't know how it was done they have no assurance that the process didn't change anything, and oh would you look at that, they can't tell anyone how it was done so that anyone can check to see if the technique used actually exists.

    It's not a question of if they lied, but when and how much, and the more I read the more I come to believe that the answer to that question is 'At every step of the process, and in every possible way'.

    reply to this | link to this | view in chronology ]

  • icon
    Dave Cortright (profile), 29 Apr 2016 @ 12:37pm

    So tell us who did it and get out of the way as a useless middleman

    If the FBI doesn't know the details, the people they paid do. Tell us who they are and let us work with them to disclose the exploit. Sounds to me like the FBI is currently guilty of obstruction.

    reply to this | link to this | view in chronology ]

  • identicon
    RightShark, 29 Apr 2016 @ 12:49pm

    "As a result, currently we do not have enough technical information"

    She could have stopped right there.

    reply to this | link to this | view in chronology ]

  • identicon
    Skeeter, 29 Apr 2016 @ 1:28pm

    And if you believe that...

    Ok, the FBI claims it hacked the phone, but then immediately released a statement that 'no actionable intelligence' came from the hack. Then they wait a week, and make some action that isn't really detailed as to how the phone data tied the terrorist to others, then the media goes blank on what the FBI is doing, and reverts to spinning that it cost $1MM+ to do the hack, now they can't disclose the hack because they don't know how it was done?
    A public defender could get most suspects off with this lame story, especially when they ask to see 'validated data the proves the resource discovered in the illegal hack wasn't fabricated evidence'.

    Show me a C-programmer that will code it for free, and i'll give you an entirely unbreakable encryption algorithm in a day that you can post the code as GPL, and it will still never be hacked. This isn't rocket science, this is a fun-house with scary mirrors - and the NSA owns it.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Apr 2016 @ 4:07pm

    I am fairly certain they just comitted perjury with this

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Apr 2016 @ 3:47am

    It's called "Plausible Deniability". What they don't know they can't tell the public, Apple, or a judge/jury and because they can't tell anyone what the it can't be questioned by the defense.

    Whether or not that will get by a judge in an evidence hearing is anyone's guess. Some judges are sticklers on questionable procedures, others don't give a damn and tend to side with the prosecution because well... "The King can do no wrong." The person is guilty as hell cuz we said so!

    All it takes is one judge to accept the questionable procedure and it becomes a precedent prosecutors can use in the future to allow the same thing to happen again in another case in another jurisdiction. Besides it's an annar... er commu... err drug... er terrorist suspect, yeah that's it!

    reply to this | link to this | view in chronology ]

    • icon
      Coyne Tibbets (profile), 30 Apr 2016 @ 5:08am

      Re:

      I think the reason they won't talk is even simpler than this: non-disclosure agreement.

      reply to this | link to this | view in chronology ]

      • icon
        John Fenderson (profile), 30 Apr 2016 @ 7:08am

        Re: Re:

        I think that there's a fair chance that the reason they won't talk is even simpler: the entire story is a lie, and there is no hack.

        reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 30 Apr 2016 @ 10:32am

          Re: Re: Re:

          That's my guess as well, the whole 'We got in, no need to continue with the case' was a lie designed solely to allow them to drop a case that was going badly for them, and now this is yet another lie to try and cover for the first.

          They drop the case by claiming that it's not needed, but of course people want to know how they got in, and since they didn't they need some excuse for how they got in but can't tell people who they did it. Out of nowhere an unknown group steps in that unlocks the phone but doesn't tell the FBI how they did it, and as a result the FBI can't tell anyone else how it was done either.

          The entire thing positively reeks of lie after lie, attempting to use the court system to set the precedent they can't get via the lawmakers and running away when it starts to look like the 'wrong' precedent will be set.

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 1 May 2016 @ 5:15am

          Re: Re: Re:

          Yours is the kind of conspiracy theory that is influenced by pre-existing beliefs and ideology rather than rational analysis. You want to believe that your devices are secure from FBI intrusion.

          It's a lot more probable to believe that no device is invulnerable and those businesses who profit from finding these vulnerabilities also profit from not disclosing them and instead packaging them into products and services they can sell for exorbitant sums to nation states on a per-use basis.

          reply to this | link to this | view in chronology ]

          • icon
            That One Guy (profile), 1 May 2016 @ 8:32am

            Re: Re: Re: Re:

            You might want to check your Occam's Razor, it seems to be sharpened in a rather interesting way.

            'The FBI lied to get out of a case that was going poorly for them, and then lied again to cover for the first lie' is much more likely to me at least than 'The FBI found just at the right time a group willing to unlock the phone but not tell how it was done, and the FBI accepted this despite the fact that it made any potential evidence on the phone completely useless.' Slightly less likely than #1, but still more likely than option #2 of course is 'The FBI lied when they claimed they didn't have the ability to access the phone in the first place, and just wanted to force Apple to do what they could have done to set the legal precedent they wanted.'

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 1 May 2016 @ 10:59am

              Re: Re: Re: Re: Re:

              "made any potential evidence on the phone completely useless"
              So it's completely believable to you that an agency would lie as a matter of course yet for some reason be above parallel construction, which has already been proven to be widespread?

              It's much more plausible to think that the FBI would not stop searching for other ways to access the contents of the iPhone, and the official story is an outside hacking group approached them which would make sense given the high profile nature of the proceeding.

              There are irrefutable givens:
              * Vulnerabilities exist in hardware and software
              * Companies exist to find these vulns and sell hacking products (i.e. Hacking Team, Cellebrite)
              * It is in the best business interest of the kinds of companies above NOT to disclose their sources and methods

              What is the most likely in my view, and anyone who analyzes the likely motives of all involved parties, is that FBI realized it had the clear legal right to attempt to access the iPhone and would pursue all legal methods of doing so. This doesn't mean it is only about one phone, it isn't and Comey's statements to that effect are carefully worded to be misleading, but not outright dishonest.

              If you look at the history of US government it has become increasingly difficult to tell an absolute lie. Even Clapper's infamous statement "not wittingly" was a tell. It's a travesty of democracy that one must think like a legal scholar to understand the meaning of the words of our officials, but that is another matter.

              Occam's razor cannot support the mass conspiracy needed to explain outright lies, a $1.3m budget item, and the idea that FBI is so competent as to orchestrate a long running subversion of the legal system (somehow countering the checks and balances of gov't too) at the expense of their primary investigative goal.

              reply to this | link to this | view in chronology ]

              • icon
                That One Guy (profile), 1 May 2016 @ 8:24pm

                Re: Re: Re: Re: Re: Re:

                So it's completely believable to you that an agency would lie as a matter of course yet for some reason be above parallel construction, which has already been proven to be widespread?

                Not at all, however evidence laundering against who? The 'suspects' in this case are quite dead, and if they were going to lie and claim that some vital information had been 'found' on the phone I imagine they'd have done it already. Instead they seem to be hoping that the matter will blow over and be forgotten for when they try again the next time a tempting case comes along.

                It's much more plausible to think that the FBI would not stop searching for other ways to access the contents of the iPhone, and the official story is an outside hacking group approached them which would make sense given the high profile nature of the proceeding.

                To what end though? Unless I'm off by miles they do not and never did actually care what was on the phone itself, all they cared about was the legal precedent they thought it could get them. Once it looked like that wasn't going to happen they dropped the case to avoid the 'wrong' precedent being set.

                Occam's razor cannot support the mass conspiracy needed to explain outright lies, a $1.3m budget item, and the idea that FBI is so competent as to orchestrate a long running subversion of the legal system (somehow countering the checks and balances of gov't too) at the expense of their primary investigative goal.

                You might be overthinking it, there's no need for a 'mass conspiracy', just good old perjury in an attempt to get through the courts what they couldn't get through the lawmakers.

                As I see it there were several points at which a lie was possible:

                1) In the beginning, when they claimed that they couldn't unlock the phone without Apple's forced assistance. For this to be a lie it would require them to already have access in some way, perhaps by a previously discovered flaw in the security.

                Odds: Low to mid.

                2) Also in the beginning, when they claimed that they had 'exhausted all other options', and tried everything with no success. For this to be a lie they'd simply need to not try all other possibilities such as getting in contact with other agencies or specialists and soliciting their help/advice.

                Odds: Mid to high.

                3) When they claimed that they'd found another way in and no longer needed to force Apple to help them. This was a lie either in the sense that they didn't 'just' find the exploit, they'd had it the entire time, or in the sense that they hadn't found a way to unlock the device and were just claiming otherwise in order to drop the case.

                Odds: Mid to high. I'd put this one as the most likely given the timing.

                And finally 4) When they claimed that a mystery company/group sold them the unlocked phone but didn't tell them how it was done, so they in turn couldn't tell anyone else how it was done(and more importantly so that other people couldn't check if the hack even existed).

                In the end it's the timing that strikes me as the greatest indicator that the 'We found a way in' was a lie. They spend considerable resources trying to swing public opinion in their favor, and just as it seems the case is going to go south on them like magic they 'find' another way in and drop the case.

                It's not like this was a small, relatively unknown case, if there really was someone willing to sell them an exploit to unlock the phone I imagine they would have approached the FBI with it early on, not waited that late in the case to sell it(though I suppose in that scenario doing so would give them quite the bargaining chip).

                reply to this | link to this | view in chronology ]

          • icon
            John Fenderson (profile), 5 May 2016 @ 6:26am

            Re: Re: Re: Re:

            "Yours is the kind of conspiracy theory that is influenced by pre-existing beliefs and ideology rather than rational analysis. You want to believe that your devices are secure from FBI intrusion. "

            You are incorrect. I in no way believe my devices are secure from government or corporate intrusion.

            reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.