anyone know his phone number?
FBI boss: We paid at least $1.2m to crack the San Bernardino iPhone
FBI director James Comey today suggested the Feds paid security experts over a million dollars to crack a San Bernardino killer's iPhone. While speaking at the Aspen Security Forum in the UK, Comey was asked how much his agents paid hackers to break into Syed Farook's iPhone 5C. "More than I will make in the remainder of this …
COMMENTS
-
-
Friday 22nd April 2016 07:03 GMT Anonymous Coward
Re: Please lose this - loser!
Yes. he's truly a loser, the Italian head cop coughs up something around €600,000/y, and being Italy is one of the most crime-friendly countries around, your job is also pretty easier. And when your job is over, you can also end up in a job like Finmeccanica's president...
-
Thursday 21st April 2016 20:08 GMT Anonymous Coward
This points to use of some pretty specialized equipment
No way is a simple 0 day exploit that anyone could find going to cost $1 million, but if you have such an exploit that also requires disassembly of the phone, decapping the SoC or something like that I could see that sort of price tag. Also explains what they meant when they said it would only work on this particular phone - either the exploit is specific to the 5c (and maybe 5, which is basically the same hardware) or they meant it was a one off that was done specifically to this phone and it isn't something they could easily repeat for another.
-
Thursday 21st April 2016 20:15 GMT John H Woods
This is all good, but ...
... " That's why we have to continue to talk about this [the encryption debate]."
No. This has resolved the whole thing --- you can't stop people using strong encryption; you can't legislate to ensure that vendors compromise cryptosystems on your behalf; but governments can use serious tech and clever people to break into *specific* devices of interest. This is exactly as it should be: just a shame that his statement hints at wanting to change this ...
-
-
-
-
Friday 22nd April 2016 07:21 GMT Pascal Monett
The guy is dead. Whatever he did and whoever he contacted are known elements. What he said to those contacts is probably known as well. Given the care he demonstrated in disposing of his private equipment, it was a million-to-one that he'd be stupid enough to leave anything on the work phone - and now we know he wasn't.
If it had cost $10,000, then fine, I would agree and say go ahead, crack it. If the guy was alive, definitely crack it whatever the cost. But over a million bucks down the drain to crack a dead guy's phone that is virtually guaranteed to not have any info ? That is waste, pure and simple.
-
-
-
-
-
Friday 22nd April 2016 06:42 GMT FuzzyWuzzys
Easy enough
The old adage, "Keep friends close but enemies closer.". If you know where the bad guys are, you can lean on them when you want a "favour". Trawl the database of whom they hauled in recently, offer them $500k, dropped charges on current rap, promise to be a good boys/girls in future and a free t-shirt to crack the phone.
-
-
-
Friday 22nd April 2016 08:48 GMT Anonymous Coward
Re: Note to FBI...
I think that's a man in the middle attack, you'd need to know or be able to find the phone number of an active target to make use of it. It doesn't give the info stored on an inactive phone.
You might be able to get that kind of info on living terrorists by decrypting the contents of a dead terrorists iPhone of course....
-
-
Thursday 21st April 2016 23:09 GMT Anonymous Coward
I don't ask the FBI to keep me safe - they are not up to the job anyway.
I just ask that they do their real job: investigate law breakers so charges can be brought against them.
If they can't do that - and it appears they're devoting less and less of their time to the task - lets just shut them down.
-
Thursday 21st April 2016 23:15 GMT Doctor Syntax
'"It was in my view worth it," he added. Of course, nothing useful was found on the iThing.'
And we're not even told what was found that wasn't useful. So what evidence do we have, other than Comey's own statement, that the phone was broken at all?
From his point of view, of course, it was worth it as a face-saving way to climb down from a position he thought he could win and then found he couldn't.
-
-
Friday 22nd April 2016 06:38 GMT Tessier-Ashpool
Re: Did someone try...
That's pretty relevant, actually. Some luggage locks – the TSA approved ones – are deliberately compromised so that 'the authorities' can easily break in unnoticed. He has this crazy dream that you can apply this mentality to strong encryption.
-
This post has been deleted by its author
-
-
-
Friday 22nd April 2016 00:03 GMT Oengus
Why do the work ourselves
Yes, if we're able to go to a federal judge and make a showing of probable cause that you are a foreign terrorist, a spy or someone engaged in serious criminal activity and you're using that device to do that.
So if we
can'tare too lazy to convince a federal judge to give us a warrant we'll just phone our mates in the NSA and get them to provide as much data as we want (related to the case or not) and our other mates in the FISC will ensure that no one can complain. -
Friday 22nd April 2016 00:06 GMT Bob Dole (tm)
I'd like to see a detailed receipt please
The US Government is notorious for lumping unrelated things under a similar heading. $1.2m to hack the phone? Unlikely. Unless you consider the amount of money spent on the case, the salaries of the people that have been working on getting into the phone since they first acquired it, paper for the photocopier, overtime for being in court, etc, etc.
It's kinda like the software package that DHS put together for $5.7b which couldn't even monitor email. Sure, a lot of money was spent but we, the people, have no idea what it was really spent on.
-
Friday 22nd April 2016 02:48 GMT JeffyPoooh
"...we have a responsibility to keep people safe..."
Ah, I found it. This is where it all went wrong.
"...we have a responsibility to keep people safe..."
There's no limit to the amount of daft-evil that could be unleashed from this starting point.
"It's for your own protection...", he said, as he herded the last few citizens into their pens, and locked them in. "You'll be safe here. Good night." Then he turned, and walked away. Out into his very lonely and potentially dangerous freedom.
-
Friday 22nd April 2016 06:04 GMT Anonymous Coward
Fools and their money are easily parted
So now there is an exploit for Apple phones, that can be used to gain access to the phone, and you funded it.
And it will leaks, or be developed in parallel or be resold again and again to many countries.
And all those businessmen and politicians who travel around with their phones, cannot trust the encryption on those phones. *You* found nothing. The perps were already dead and you can't prosecute corpses anyway. You did a "terrorists be afraid" political game to undermine encryption and our security, and you did it with public money.
If you want to run for office with your ideas, then do so WITH YOUR OWN MONEY NOT FBI BUDGET.
-
Friday 22nd April 2016 08:41 GMT Bloakey1
Not just for That Phone.
Hmmm.
i would like to point out that the primary driver in getting this technology / software was that phone but think of what fun they can have on phones of a similar ilk. This time next year it will transpire it cost 10 dollars per phone that they utilised it on.