[Cryptography] [FORGED] Re: Hope Apple Fights This!

[Thierry Moreau]

On 18/02/16 04:28 AM, Peter Gutmann wrote:
> Kevin W. Wall <kevin.w.wall at gmail.com> writes:
>
>> If this were just about getting access to THIS PARTICULAR phone, does anyone
>> believe that the NSA TAO couldn't do it, even if it meant surreptitiously
>> stealing Apple's current source code and signing key(s).
>
> You don't even need to do that, just use a glitch attack a la smart card
> hackers 20+ years ago.

These types of attack are not preserving the smart card in its full 
integrity (destructive attacks). Forensic investigation has (at least in 
theory) to preserve the investigated system, such that investigators 
keep the initial evidence intact for further investigation and do not 
grant themselves any opportunity to plant a piece of evidence.

This raises an interesting question.

The Court order is written for a high quality forensic investigation 
tool. The evidence extracted from the device would be fully admissible 
in a trial with a competent defense lawyer.

"[the backdoor software] will not modify the iOS on the actual phone, 
the user data partition or system partition on the device's flash memory."

"evidence preservation shall remain the responsibility of law 
enforcement agents."

Do they (the FBI) actually need this for this particular phone?

Alternatively, they could be looking for missing clues in the 
investigation (possibly without a guarantee of admissibility in the 
trial) from which new investigation paths might be followed and/or 
additional evidence might be sought from other sources. In this case, 
they might be willing to rely on destructive attacks.

According to the Court order, they look for a high quality forensic 
tool. Period.

There are no Judge reasons why a destructive attack is not among the 
possibilities for a productive investigation. The reasons are limited to 
"For good cause shown."

- Thierry