FBI Director James Comey has implied the bureau paid over $1 million for a third party to hack the iPhone 5c of a San Bernardino shooter's iPhone. After securing a court order requiring Apple to build a new OS to unlock the smartphone, last month the Department of Justice (DoJ) dropped its case and announced it had bought a hacking tool.
Comey was asked at the Aspen Security Forum in London about the price tag of the zero-day vulnerability that allowed the FBI to crack the device's Apple ID passcode. The FBI Director stated that it cost more than he would make in the seven years and four months left of his contract.
Public records show that Comey earned a salary of $183,000 last year. That implies the FBI paid over $1.2 million to crack the California shooter's iPhone, while it reportedly recovered no useful data from the smartphone. There are also the legal costs that the FBI spent in its lawsuit against Apple before dropping the case before its day in court.
Another issue is that Comey has reported the hack only works on a small percentage of iPhone models, and not on the new versions including 6 series units.
However, the FBI Director argues the price tag of hacking tool was worthwhile since it works on an iPhone 5c running iOS 9, according to Wired. He described it is a rare "corner case."
Andrew Crocker is a staff attorney for the Electronic Frontier Foundation (EFF). He says that the San Bernardino case spotlights the need for the public to monitor the government's purchase of zero days.
Crocker notes the biggest headline is that the hacking tool was not helpful. He argues Congress should provide oversight if the DoJ continues to spend a lot of money on useless or short-lived security vulnerabilities.
In related news, a Massachusetts judge has thrown out evidence the FBI obtained from malware it created, according to The Next Web. The feds had seized a Dark Web site.
Christopher Soghoian is the principal technologist at the American Civil Liberties Union (ACLU). He reports this the first time a court has stopped evidence from a government hacking operation.
Here's a video on the FBI hacking the iPhone 5c: