It may not surprise many of you, but here is the thing: The FBI will likely keep the security flaw used to crack the San Bernardino shooter’s iPhone 5c to itself rather than disclosing it to Apple, according to “people familiar with the discussions” speaking with the Wall Street Journal.
Actually, after paying more than $1.3 million to an as yet unidentified hacker (or group of grey-hat hackers) for the “magic” tool that allegedly works with only a limited number of Apple devices, well, that was something many industry watchers expected to hear, despite Apple’s statement that “it would insist in court on knowing everything about the vulnerability.”
The FBI plans to share the information with the White House, but the government has no legal obligation disclose the iPhone crack method. There is a government disclosure policy known as the Vulnerabilities Equities Process, under which the authorities would disclose vulnerabilities, but only in limited circumstances.
You may recall the legal and media buzz around the iPhone that caused the confrontation between Apple and the government. Apple refused to develop the required GovtOS to circumvent iOS built-in security, so the FBI contracted a third party to crack open the iPhone. When asked, FBI director James Comey said the tool was well worth the spicy bill.