On Sat, Feb 20, 2016 at 08:59:31PM -0500, Steve Kinney wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 02/20/2016 02:08 PM, Rayzer wrote:
Transliteration... The feds tampered with the phone and apparently fucked up their own investigation.
So according to this account, for reasons unknown the FBI violated the most fundamental principles of digital forensics by failing to make a complete backup of the stored content of the device before doing anything else with or to it. Then /also/ quite deliberately destroyed its evidentiary value by delivering it into the custody and control of some random idiot.
How *do* you make a complete backup of the stored content of a sealed device with an internal battery that can, and should, if properly designed, wipe it's internal crypto keys if opened? A sufficiently savvy niche market device vendor like apple would not do this 'for user privacy', they'd do it prevent the attack of the cheap phone clones. Now, the particularly iphone in question probably has a flash chip I could read the (encrypted) data out of rather easily with schematics obtained from an underpayed apple campus janitor, or with moderate difficulty with a few 10-15 sacrificial phones. So it seems there should be a market for phones with strong crypto tamper-protection to maintain both evidentiary integrity, AND force public disclosure of any attempts to pull data off said phones. Would it be a good trade for Gov, Industry, and Public to agree that if the Gov wants the data on a device considered 'evidence', that *everyone* gets the data, or no-one at all gets the data? Can such an 'evidence disclosure' protocol be *securely* designed? Might it look something like bitcoin multi-sig, where N of M parties must swear under oath, in multiple jurisdictions that the encrypted blob has been made public, and can each add their portion of the multi-sig key to the public record?