Though not officially confirmed, Israel-based Cellebrite is believed to be the company currently assisting the FBI in cracking the iPhone from the San Bernardino shooting.
While it’s still not clear what kind of tool the forensics company has developed to bypass Apple’s software protections built-in iOS, Cellebrite has a white paper on how such evidence should be extracted, preserved, and presented to the court.
According to it, the “GovtOS” custom iOS version the government wanted from Apple may not have been necessarily stood in court.
DON’T MISS: Apple stared down the FBI and won
“Just as it is for physical evidence, the admissibility of digital evidence depends on good handling procedures throughout the entire chain of custody,” Cellebrite writes in the paper found by 9to5Mac. “Each link on the chain is responsible for the proper preservation, collection, and documentation practices that demonstrate the evidence is as close as possible to its original state.”
The company further notes that when evaluating that the tool used to extract information is forensically sound, “whether its use can certify that evidence remains unchanged and that the resulting report is a true and accurate representation of what exists on the evidence device,” four questions should be answered, as follows:
1. Is it a tested theory or tool?
2. Has it been independently peer reviewed?
3. Will its use support both fact and expert witness trial testimony?
4. Is it generally accepted within the forensic community?
The company explains each one of these questions in detail, but, as 9to5Mac points out, it would seem that the GovtOS tool would “fail at least three of the four tests.”
Furthermore, the company proposes a series of questions that attorneys might ask during court hearings in a case where evidence taken from a digital device would be presented. One of them asks whether it can be proven the tool is unable to write data to an evidence device or user account.
The tool the FBI wanted Apple to make for the San Bernardino iPhone would have written code to the device so that it could remove the possibility of the smartphone erasing itself after 10 failed PIN guesses.
Obviously, there’s no definitive evidence that the tool the FBI wanted Apple to make wouldn’t stand in court. But what the white paper seems to indicate is that Cellebrite’s own forensic tools are able to pass these tests, and resulting evidence could be used in courts.
