Apple Vs FBI: We tried to help the FBI but someone changed phone's iCloud password
Troy Benjegerdes
hozer at hozed.org
Tue Feb 23 15:51:19 PST 2016
On Sat, Feb 20, 2016 at 08:59:31PM -0500, Steve Kinney wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 02/20/2016 02:08 PM, Rayzer wrote:
>
> > Transliteration... The feds tampered with the phone and
> > apparently fucked up their own investigation.
>
> So according to this account, for reasons unknown the FBI violated
> the most fundamental principles of digital forensics by failing to
> make a complete backup of the stored content of the device before
> doing anything else with or to it. Then /also/ quite deliberately
> destroyed its evidentiary value by delivering it into the custody
> and control of some random idiot.
How *do* you make a complete backup of the stored content of a
sealed device with an internal battery that can, and should, if
properly designed, wipe it's internal crypto keys if opened?
A sufficiently savvy niche market device vendor like apple would
not do this 'for user privacy', they'd do it prevent the attack
of the cheap phone clones.
Now, the particularly iphone in question probably has a flash
chip I could read the (encrypted) data out of rather easily with
schematics obtained from an underpayed apple campus janitor, or
with moderate difficulty with a few 10-15 sacrificial phones.
So it seems there should be a market for phones with strong crypto
tamper-protection to maintain both evidentiary integrity, AND force
public disclosure of any attempts to pull data off said phones.
Would it be a good trade for Gov, Industry, and Public to agree
that if the Gov wants the data on a device considered 'evidence',
that *everyone* gets the data, or no-one at all gets the data?
Can such an 'evidence disclosure' protocol be *securely* designed?
Might it look something like bitcoin multi-sig, where N of M
parties must swear under oath, in multiple jurisdictions that
the encrypted blob has been made public, and can each add their
portion of the multi-sig key to the public record?
More information about the cypherpunks
mailing list