ACLU accuses FBI of gambling with cybersecurity as it fails to disclose iPhone hack details to Apple

By Ben Lovejoy

The American Civil Liberties Union has accused the FBI of gambling with cybersecurity by failing to disclose to Apple the method used to access the San Bernardino iPhone, reports the WSJ.

Chris Soghoian, principal technologist at the ACLU, said the FBI is facing “a million-dollar question, and really what it comes down to is, does the FBI prioritize its own surveillance needs, or does it prioritize cybersecurity.’’

The longer the FBI keeps the security flaw to itself, he said, “the more they are gambling that no other entity will discover this flaw.’’ 

A former FBI official said that the agency’s decision on whether or not to reveal the method would likely depend on how many iPhone models it is able to unlock …

Robert Anderson, a former senior FBI official who is now an executive at Navigant Consulting Inc., said that the more iPhones could be opened with the technique, the more likely the government would be to disclose it to Apple. “I don’t think they would hide it and jeopardize millions of people’s safety and privacy,’’ he said.

Anderson added that the government’s attempt to balance the relative risks of hiding or disclosing security vulnerabilities was skewed towards keeping them quiet.

The FBI is said to be working on unlocking another iPhone in a homicide case in Arkansas.

It was reported a week ago that Israel’s Cellebrite was the company which unlocked the phone for the FBI, a story which Bloomberg corroborates today. Both Cellebrite and the FBI have maintained their refusal to comment.