In the ongoing war of words between Apple and the FBI, there 's a lot to unpack.

In what is quickly becoming a public-relations war between the Department of Justice and Apple, one of the core issues that keeps coming up again and again is, "What would happen to the software the FBI is asking Apple to build?"

That software, of course, is the still-theoretical version of iOS that would cripple a key part of the security on the iPhone 5C of Syed Farook, one of the terrorists involved in the December attack in San Bernardino. The FBI wants Apple to create the software so it can then guess the passcode with a "brute force" hack — essentially guessing one passcode after another in rapid succession.

In its original filing, the Department of Justice says Apple wouldn't need to turn the software over to the FBI, even suggesting that Apple could run the code needed to brute-force the lock screen from its own facilities.

But according to iOS security expert Jonathan Zdziarski, it's not quite that simple.

On his blog, Zdziarski — who has testified for the State of California on the issue of iPhone forensics in three cases — discusses just what could be required of Apple, were it to develop the software the FBI is asking it to build.

In his post, Zdziarski is careful to discuss the legal differences between, in his words, "providing lab services and developing what the courts will consider an instrument."

He says, "Instruments are treated very differently from a simple lab service, like dumping a phone. I've done both of these for law enforcement in the past: provided services, and developed a forensics tool. Providing a simple dump of a disk image only involves my giving testimony of my technique. My forensics tools, however, required a much [sic] thorough process that took significant resources, and they would for Apple too."

The process of creating a forensic instrument (the modified version of iOS, in this case) includes testing and validation by third parties. Zdziarski's own tools were tested and validated by the National Institute of Justice (NIJ) and the National Institute of Standards and Technology (NIST). Zdziarski's forensics tool validation report is available here.

This validation is necessary because if information is found on a device that is going to stand up in court, it needs to be forensically sound. What makes the San Bernardino case different from some of the other cases where the government is requesting assistance unlocking iPhone devices is that it isn't necessarily part of a larger criminal case.

If there is no ongoing court case involving the San Bernardino attack, it's possible Apple wouldn't be required to go through the validation process Zdziarski describes. But if the evidence is to be used in a court — even in the future — it would need to go through these procedures.

This alone significantly undermines the Department of Justice's argument that the code could simply be run from Apple's servers (with the FBI having remote access), because that's not really true. If a tool were to be developed, it would need to follow the same forensics testing procedure and validations that other tools of its type follow.

Zdziarski outlines what he sees as the FBI's ultimate request:

Developed to forensically sound standards

Validated and peer-reviewed

Be tested and run on numerous test devices

Accepted in court

Given to third party forensics experts (testing)

Given to defense experts (defense)

Stand up to challenges

Be explained on the stand

Possibly give source code if ordered

Maintain and report on issues

Defend lawsuits from those convicted

Legally pursue any agencies, forensics companies, or hackers that steal parts of the code.

Maintain legal and engineering staff to support it

On appeals, go through much of the process all over again

Zdziarski tells Mashable that after his own forensics tools were vetted by the NIST/NIJ, third-party commercial tools were written using his methodologies. Some of these tools Zdziarski was paid to work on, but others simply used his code.

In other words, if Apple were to create this tool and document its forensic validity — as would be required in a court case — it is possible, perhaps even likely, that other individuals would be able to use that same methodology to create tools to bypass the lock screen on an iPhone.

Used in other cases

The Wall Street Journal reported Tuesday that there are at least a dozen cases where the All Writs Act is being used by prosecutors to compel Apple to help them unlock iPhone devices.

The details and circumstances involving these cases aren't known. The fear many privacy advocates have is that if the Department of Justice is successful in getting Apple to unlock the iPhone in San Bernardino, that could be used as precedent in these other cases.

If any of those cases include ongoing criminal cases, it would stand to reason that Apple would be required to go through the forensic validation process. Those results would then, obviously, be visible to others and potentially replicable.

Apple vs. the FBI explained, how this case might affect your iPhone