[Cryptography] [FORGED] Re: Hope Apple Fights This!
Thierry Moreau
thierry.moreau at connotech.com
Thu Feb 18 21:55:34 EST 2016
On 18/02/16 04:28 AM, Peter Gutmann wrote:
> Kevin W. Wall <kevin.w.wall at gmail.com> writes:
>
>> If this were just about getting access to THIS PARTICULAR phone, does anyone
>> believe that the NSA TAO couldn't do it, even if it meant surreptitiously
>> stealing Apple's current source code and signing key(s).
>
> You don't even need to do that, just use a glitch attack a la smart card
> hackers 20+ years ago.
These types of attack are not preserving the smart card in its full
integrity (destructive attacks). Forensic investigation has (at least in
theory) to preserve the investigated system, such that investigators
keep the initial evidence intact for further investigation and do not
grant themselves any opportunity to plant a piece of evidence.
This raises an interesting question.
The Court order is written for a high quality forensic investigation
tool. The evidence extracted from the device would be fully admissible
in a trial with a competent defense lawyer.
"[the backdoor software] will not modify the iOS on the actual phone,
the user data partition or system partition on the device's flash memory."
"evidence preservation shall remain the responsibility of law
enforcement agents."
Do they (the FBI) actually need this for this particular phone?
Alternatively, they could be looking for missing clues in the
investigation (possibly without a guarantee of admissibility in the
trial) from which new investigation paths might be followed and/or
additional evidence might be sought from other sources. In this case,
they might be willing to rely on destructive attacks.
According to the Court order, they look for a high quality forensic
tool. Period.
There are no Judge reasons why a destructive attack is not among the
possibilities for a productive investigation. The reasons are limited to
"For good cause shown."
- Thierry
More information about the cryptography
mailing list