While the FBI narrowly avoided a legal battle over breaking encryption on the iPhone belonging to San Bernardino shooter Syed Farook, there are still many more questions left unanswered. The bureau has kept mum on how it accessed the phone’s data or even who the third-party was that assisted them. They also have said nothing about whether the data contained on the phone was useful to terrorism investigators in any way.
On Tuesday, FBI Director James Comey said, according to Reuters, “The threshold (for disclosure) is, are we aware of the vulnerability, or did we just buy a tool and don’t have sufficient knowledge of the vulnerability to implicate the process?”
He added that the agency was “close to a resolution” while speaking at a cybersecurity event. Apple itself is still unaware of how the FBI accessed the iPhone 5c (running iOS 9).
The process of determining what to disclose, to whom, and when is all handled under the government’s cumbersomely named Vulnerabilities Equities Process. However, that process might not even apply, should the exploit be discovered and owned by a private company. The method for unlocking the phone seems to belong to the mysterious, reportedly non-U.S. third party.
So, as of right now, an international hacker, or group of hackers, is in possession of a method to unlock thousands of smartphones and Apple has no idea how to patch it, mostly because of federal bureaucracy. Neato.