What we know, and don't, about the alleged Bezos phone hack

BOSTON (AP) — U.N. human rights experts are asking Washington to investigate a suspected Saudi hack that may have siphoned data from the personal smartphone of Jeff Bezos, Amazon founder and owner of The Washington Post. But the forensic evidence they cite comes from an incomplete study of Bezos's phone, raising multiple questions.

Here's a quick guide to what's known, and what remains unknown, about their findings.

WHAT HAPPENED TO BEZOS' PHONE?

According to a cybersecurity firm run by a former Obama administration official, e vidence on the phone suggests it was infected by spyware in May 2018 via a WhatsApp message from the account of Saudi Crown Prince Mohammed bin Salman. That message included a video file that the firm's investigators say likely contained malware.

Bezos' personal security adviser had been advised in February 2019 to have the phone examined by an intelligence official who has not been named. Bezos went public with the suspected hack shortly thereafter, saying the National Enquirer tabloid had threatened to publish his private messages and photos.

ARE THE FORENSIC FINDINGS CONCLUSIVE?

Not at all. Outside security researchers highlighted several issues with the forensics report by FTI Consulting, run by former Obama administration National Security Council cybersecurity official Anthony Ferrante.

For instance, the FTI report, dated November and obtained Wednesday by the Vice News site Motherboard, said researchers didn't find any malware on the phone, nor any evidence that Bezos’ phone had surreptitiously communicated with known spyware command servers.

Further, an examination of the crucial root file system — where top-flight hackers often hide their malware — was still pending when the report was written. iPhone security expert Will...