On Tue, May 21, 2013 at 11:25 PM, Andrew Nichols <[email protected]> wrote: > That is correct, which is why a physical disk image (typically required for > criminal investigations) is impossible since the dish encryption keys are > stored on a special chip. I think Apple has some of that secret sauce, too. On another list, Jon Callas has been somewhat coy in his answers surrounding Apple's ability to recovery data.
http://news.cnet.com/8301-13578_3-57583843-38/apple-deluged-by-police-demands-to-decrypt-iphones/ Apple receives so many police demands to decrypt seized iPhones that it has created a "waiting list" to handle the deluge of requests, CNET has learned. Court documents show that federal agents were so stymied by the encrypted iPhone 4S of a Kentucky man accused of distributing crack cocaine that they turned to Apple for decryption help last year. An agent at the ATF, the federal Bureau of Alcohol, Tobacco, Firearms and Explosives, "contacted Apple to obtain assistance in unlocking the device," U.S. District Judge Karen Caldwell wrote in a recent opinion. But, she wrote, the ATF was "placed on a waiting list by the company." A search warrant affidavit prepared by ATF agent Rob Maynard says that, for nearly three months last summer, he "attempted to locate a local, state, or federal law enforcement agency with the forensic capabilities to unlock" an iPhone 4S. But after each police agency responded by saying they "did not have the forensic capability," Maynard resorted to asking Cupertino. Because the waiting list had grown so long, there would be at least a 7-week delay, Maynard says he was told by Joann Chang, a legal specialist in Apple's litigation group. It's unclear how long the process took, but it appears to have been at least four months. The documents shed new light on the increasingly popular law enforcement practice of performing a forensic analysis on encrypted mobile devices -- a practice that can, when done without a warrant, raise Fourth Amendment concerns. Last year, leaked training materials prepared by the Sacramento sheriff's office included a form that would require Apple to "assist law enforcement agents" with "bypassing the cell phone user's passcode so that the agents may search the iPhone." Google takes a more privacy-protective approach: it "resets the password and further provides the reset password to law enforcement," the materials say, which has the side effect of notifying the user that his or her cell phone has been compromised. ... -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
