Forensics laws are specific about what has to happen with any forensic software used to extract data from a digital device in evidence. The software must be regression-tested, every part of it must be documented, it must be evaluated by peer review, and it must be tested on hardware identical to that of the target device. This is necessary to preserve the chain of evidence and make sure the forensic software isn't inadvertently modifying the data.
A small but important consequence of the legal requirements regarding forensics tools (including software) merits special mention. It makes the FBI’s ‘reassuring’ comment that Apple could produce
and keep the required software in-house and under wraps inherently impossible, rendering the agency’s suggestion disingenuous and arguably beyond ludricous.
That said, one can see the Government’s reasoning where it feels it has to make a stance
somewhere and shoehorn its longstanding surveillance habits re privacy rights into a new and essentially incompatible circumstance. And since we all know where that has led in recent years, this particular development doesn't bode much good. The only way to safeguard privacy may have to be based on the physical impossibility to compromise it, and that is a tough standard to meet.
