Let me ask this question, then add a bit of a San Bernardino twist to it (Resident lawyers, chime in).
Let's assume the following:
- The data is at rest on Apple's servers,
- The data is indeed encrypted, and
- A given suspect has iCloud Photos disabled.
The hashes for these pictures would either have to be taken when the data is in an unencrypted format, then matched, then encrypted. Therefore, no human will ever see the actual picture, because they won't have the key or algorithm used to encrypt the data to decrypt it, especially if it were a two-way encryption method.
By that extension, it would be nearly impossible for a hash on an encrypted file to match a hash on an unencrypted file. But let's say that one does. A person couldn't get an conviction, let alone an indictment on a hash, because there is no way that a hash is the actual evidence that is needed, correct? I mean, a hash isn't the picture, and the picture is the proof, right?
Additionally, should the investigators need that proof, a person would still have the the 4A and 5A to rely on, correct? The investigators would still need the phone if they were looking for those pictures, because the hashes won't work alone. Like the San Bernardino case, the suspects would not unlock the phone (they couldn't; they were dead, IIRC), and the government had no way to unlock the phone, and Apple refused to help them unlock it.
If that were the case, and all were true, then we're back to where we already are at right now.
And then to add the Phil Zimmerman/PGP twist to it, would it be criminal if a method used to counter this outright were discovered at the code level, and, oh... I don't know... added to a jailbreak should one be found for iOS 15?
BL.
