/article-new/2013/05/passcode.jpg?lossy)
Apple has created a 'waiting list' for law enforcement requests to unlock seized iOS devices, according to a report from CNET.
The article notes a case in Kentucky where the Bureau of Alcohol, Tobacco, Firearms and Explosives was the lead agency, and investigators contacted Apple for assistance after they were unable to locate any law enforcement agency in the country with the forensic capabilities to unlock an iPhone crucial to the case.
The agency contacted Apple but was told by a representative in Apple's litigation group that there would be a seven-week delay.
The ATF's Maynard said in an affidavit for the Kentucky case that Apple "has the capabilities to bypass the security software" and "download the contents of the phone to an external memory device." Chang, the Apple legal specialist, told him that "once the Apple analyst bypasses the passcode, the data will be downloaded onto a USB external drive" and delivered to the ATF.
It's not clear whether that means Apple has created a backdoor for police -- which has been the topic of speculation in the past -- whether the company has custom hardware that's faster at decryption, or whether it simply is more skilled at using the same procedures available to the government. Apple declined to discuss its law enforcement policies when contacted this week by CNET.
While it's easy to erase an iPhone when it has been locked, for law enforcement, it appears to be considerably more difficult -- but not impossible -- to retrieve data from seized devices.
In its privacy policy, Apple says it may disclose personal information "by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence" or "if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate."
/article-new/2021/04/third-gen-Apple-pencil-leaked-video.jpg?lossy)
Top Rated Comments
£ and 'mall' in the same sentence - culture clash!
However, since the iPhone 4S and beyond, these ramdisks stopped working for forensic companies when Apple made the bootrom DFU code bulletproof (there are no exploits for it).
Only Apple can make their ramdisk work on the device because they have to codesign it with their private key AND obtain the proper personalisation signing for the device's identifiers and random NONCE. (Getting all these signatures for production devices could be time consuming without a lot of pre-existing tools to automate it. The personalisation process also varies between 4S/5/iPad 2/iPad 3/iPad mini. Normally iTunes mediates this during device restores to production iOS releases).
One thing is for sure... The code on the depicted iPhone is 1701. Wild guess! ;-)