Read Apple's statement to Congress on the FBI warrant fight

The Verge ^ | February 29, 2016 | By Russell Brandom

[Swordmaker]

Tomorrow, Apple will make its case before Congress, as General Counsel Bruce Sewell gives testimony to the House Judiciary Committee at 1PM ET. It's Apple's first appearance before Congress since the company received an order to break security measures on a phone linked to the San Bernardino attacks, and Sewell may be facing a skeptical crowd. He'll be joined by Manhattan District Attorney Cyrus Vance, who has been an outspoken critic of the company's encryption policies, as well as a number of House representatives who have been vocal supporters of the FBI's position in the past. FBI Director James Comey will also appear before the committee, although he will appear on a separate panel.

Sewell submitted his prepared opening statement to the panel earlier today, and it is reproduced in full below:

---

Thank you, Mr. Chairman. It's my pleasure to appear before you and the Committee today on behalf of Apple. We appreciate your invitation and the opportunity to be part of the discussion on this important issue which centers on the civil liberties at the foundation of our country.

I want to repeat something we have said since the beginning — that the victims and families of the San Bernardino attacks have our deepest sympathies and we strongly agree that justice should be served. Apple has no sympathy for terrorists.

We have the utmost respect for law enforcement and share their goal of creating a safer world. We have a team of dedicated professionals that are on call 24 hours a day, seven days a week, 365 days a year to assist law enforcement. When the FBI came to us in the immediate aftermath of the San Bernardino attacks, we gave all the information we had related to their investigation. And we went beyond that by making Apple engineers available to advise them on a number of additional investigative options.

But we now find ourselves at the center of an extraordinary circumstance. The FBI has asked a Court to order us to give them something we don’t have. To create an operating system that does not exist — because it would be too dangerous. They are asking for a backdoor into the iPhone — specifically to build a software tool that can break the encryption system which protects personal information on every iPhone.

As we have told them — and as we have told the American public — building that software tool would not affect just one iPhone. It would weaken the security for all of them. In fact, just last week Director Comey agreed that the FBI would likely use this precedent in other cases involving other phones. District Attorney Vance has also said he would absolutely plan to use this on over 175 phones. We can all agree this is not about access to just one iPhone.

The FBI is asking Apple to weaken the security of our products. Hackers and cyber criminals could use this to wreak havoc on our privacy and personal safety. It would set a dangerous precedent for government intrusion on the privacy and safety of its citizens.

Hundreds of millions of law-abiding people trust Apple’s products with the most intimate details of their daily lives – photos, private conversations, health data, financial accounts, and information about the user's location as well as the location of their friends and families. Some of you might have an iPhone in your pocket right now, and if you think about it, there's probably more information stored on that iPhone than a thief could steal by breaking into your house. The only way we know to protect that data is through strong encryption.

Every day, over a trillion transactions occur safely over the Internet as a result of encrypted communications. These range from online banking and credit card transactions to the exchange of healthcare records, ideas that will change the world for the better, and communications between loved ones. The US government has spent tens of millions of dollars through the Open Technology Fund and other US government programs to fund strong encryption. The Review Group on Intelligence and Communications Technology, convened by President Obama, urged the US government to fully support and not in any way subvert, undermine, weaken, or make vulnerable generally available commercial software.

Encryption is a good thing, a necessary thing. We have been using it in our products for over a decade. As attacks on our customers’ data become increasingly sophisticated, the tools we use to defend against them must get stronger too. Weakening encryption will only hurt consumers and other well-meaning users who rely on companies like Apple to protect their personal information.

Today’s hearing is titled Balancing Americans’ Security and Privacy. We believe we can, and we must, have both. Protecting our data with encryption and other methods preserves our privacy and it keeps people safe.

The American people deserve an honest conversation around the important questions stemming from the FBI’s current demand:

Do we want to put a limit on the technology that protects our data, and therefore our privacy and our safety, in the face of increasingly sophisticated cyber attacks? Should the FBI be allowed to stop Apple, or any company, from offering the American people the safest and most secure product it can make?

Should the FBI have the right to compel a company to produce a product it doesn't already make, to the FBI’s exact specifications and for the FBI’s use?

We believe that each of these questions deserves a healthy discussion, and any decision should be made after a thoughtful and honest consideration of the facts.

Most importantly, the decisions should be made by you and your colleagues as representatives of the people, rather than through a warrant request based on a 220 year- old-statute.

At Apple, we are ready to have this conversation. The feedback and support we're hearing indicate to us that the American people are ready, too.

We feel strongly that our customers, their families, their friends and their neighbors will be better protected from thieves and terrorists if we can offer the very best protections for their data. And at the same time, the freedoms and liberties we all cherish will be more secure.

Thank you for your time. I look forward to answering your questions.

[Swordmaker]

The people who keep posting threads about this issue are "trolling" too. They keep repeating over and over again the Apple propaganda which I regard as deliberately misleading to the public.

This "issue" as you call it is an important legal topic that is leading in all news media for the last two weeks. YOU want it to be a simple technical "issue" when it is actually it is a philosophical and legal issue affecting the privacy of all Americans, and indeed stretches into international commerce and diplomacy. You can try to denigrate it all you like, but some attorneys say it may be the most important legal decision of the decade, if not the century for the future of technology.

You are a know nothing in these areas and publish of post after post of prattle with no basis in fact spamming these threads with your signature line of trolling. You have shown absolutely ZERO evidence for your claims and when challenged to even so much as provide the words in the Court Order backing your claims of what you say it says, you double down with insults and claims you've already posted what you have not. Pinning you down is harder than nailing jello to the wall.

[Swordmaker]

I mostly ignore you anymore, but I like it when you post pictures or some funny dialogue. You're a funny guy. I like that, but today i'm not likely going to have a whole lot of time to fart around with you. Occasionally I have actual work to do, and this looks like it's going to be one of those days.

YOU IGNORE ME because I am actually extremely knowledgeable about what I post. You cannot stand being shown you are extremely ignorant on what you post. You do not appreciate being corrected when your "facturd" are shown to be something you pulled out of your rectum.

As for work, so do I, but I do not see you doing any.

[Ray76]

> has to be actually open and running to do update anything through normal channels. To do that, the user has to have already input the passcode using the touch screen.

According to Apple you can reinstall iOS without erasing your data and without entering a passcode. https://support.apple.com/en-au/HT201263

[Swordmaker]

Here’s the Ars Technica discussion of updates and DFU:

Here's what it says about the "expertise" of the author of that little article on Ars Technica:

"Leif Ryge is an artist, hacker, and journalist living in Berlin. He used to tweet as @wiretapped but is on hiatus until Twitter stops suspending Tor users' accounts.

As a computer expert. Ryge, is a mighty fine ARTIST. His level of knowledge of Apple OS X and iOS is abysmal. As I said before, he's a LINUX user and really doesn't understand the protections built into iOS in HARDWARE. He's blithering on about software hacks, which cannot get past hardware blocks. The DFU is built into HARDWARE on iOS devices and will not allow what he claims is possible without actually replacing hardware ROMS.

[Swordmaker]

According to Apple you can reinstall iOS without erasing your data and without entering a passcode. https://support.apple.com/en-au/HT201263

It is really OBVIOUS you have NEVER done that. Yes, you can do that. Did you click on the link on that page about Setup your device? Obviously you did not. You have to be able to put in your ORIGINAL AppleID and PASSWORD to get beyond the setup without your original passcode. If you have that, you don't have to go to the setup routine, which requires a restore from a BACK UP! Quit trying to teach USERS of the devices how to use the devices when YOU DON'T use them. You are a blind man trying to teach the sighted how to see.

[mrsmith]

People can believe you OR THEY CAN READ THE ARTICLE AND COMMENTS.

http://arstechnica.com/security/2016/02/most-software-already-has-a-golden-key-backdoor-its-called-auto-update/

[Ray76]

I am not talking about a restore. The ‘setup your device’ does not apply until after the restore. According to the link you’ve posted this is where you create a passcode.

[Swordmaker]

People can believe you OR THEY CAN READ THE ARTICLE AND COMMENTS.

Doubling down on the same blogger's article, are we? I repeat, he does not have an inkling about the built in HARDWARE protections in iOS or OS X that prevent what he claims is possible. If it were so possible to gain access to those certificates, online banking would NOT be possible. He's a wanna be "Expert". Definition of expert. X, the unknown in an equation. spurt, a drip under pressure. So he's an unknown drip under pressure.

There are multiple levels of protection in Apple OS updates that authenticate they are actual Apple signed updates that go beyond just the certificate. He doesn't even begin to cover any of them. Each update has to be validated before it can be installed. There's a validation file imbedded in the update.

[Ray76]

---

If you can‘t update or restore your iPhone, iPad, or iPod touch

You can put your iOS device in recovery mode and then restore it with iTunes.

Put your device in recovery mode and set it up again

1. Connect your device to your computer and open iTunes. If you don't have a computer, borrow one from a friend or go to an Apple Retail Store or Apple Authorized Service Provider for help.
2. While your device is connected, force restart it: Press and hold both the Sleep/Wake and Home button for at least 10 seconds, and don't release when you see the Apple logo. Keep holding until you see the recovery mode screen.
3. When you see the option to Restore or Update, choose Update. iTunes will try to reinstall iOS without erasing your data. Wait while iTunes downloads the software for your device. If the download takes more than 15 minutes and your device exits recovery mode, you'll need to repeat these steps and choose Restore instead of Update when you get back to this step. (emphasis added)
4. After the Update or Restore completes, set up your device. If you previously backed up your device with iTunes or iCloud and had to restore your device in step 3, you might be able to restore from your backup during setup.

from: https://support.apple.com/en-au/HT201263

---

According to Apple, step 4 applies only if the device was restored in step 3.

[DiogenesLamp]

Difficulty level: impossible.

It’s not a software problem (or wouldn’t be if I designed it, which I assume Apple would do a better job of). Part of the decryption key is hidden in hardware, with a persistent hardware counter acting as a gate keeper. When the hardware counter reaches 10, it erases the key. The integrated circuit would be implemented as “obfuscated”, hiding the key and counter in a way quickly destroyed by anyone trying to “de-cap” the chip, and baffling even if cleanly disassembled. None of this is handled in iOS software, and cannot be “fixed” with a custom update.

If this is true, why is Apple throwing a fit? The obvious defense to this order is "we can't." If this is true there is no need to start this massive fearmongering "sky is falling" " the government is totally going to control all of your phones" and "life as we know it will cease to exist" whine-fest.

A simple "Impossible", shuts it down with nary a bit of trouble, yet they don't do that.

They scream like a stuck pig. Why do they scream like a stuck pig if this is impossible?

[DiogenesLamp]

YOU IGNORE ME because I am actually extremely knowledgeable about what I post.

I ignore you because you are the sort, that when someone asks you the time, you try to tell them how to build a clock.

That, and your tendency to screech a lot.

[meyer]

You seem to be rather active in your ignoring.

Just saying’...

[DiogenesLamp]

Well, you suggested that Apple’s iOS source code would be available on a website, AND suggested that all one would have to change is a “10” to something suitably larger (10,000 would be exactly enough). THAT is nuts x2.

No. Your explanation is silly.

Nobody suggests downloading a compiled piece of software when someone is talking about source code. Yes, I saw the software development kit for apps, but that generally only exposes some functionality of the OS, it tells you nothing about how the overall system works.

If all you’re looking for is a single number to tweak, yeah that’s quite doable the way I suggested. (Except Apple’s not stupid enough to implement it that way, but you seem to think they are.)

They're screaming aren't they?

[DiogenesLamp]

You seem to be rather active in your ignoring.

You are seeing the one's i'm answering. Count up the one's I didn't bother with.

[DiogenesLamp]

You bombarded the thread with comments, some of which were crap.

I disagree. There was merit to every one I made, even the one calculated to annoy Mr Apple spokesman.

As I said, constantly posting threads, the premise of which having been disputed in many prior threads, is itself trolling. There comes a time when people are tired of reading the same propaganda over and over again, and just decide to give a little of it back.

Did you read the Apple statement at the start of this thread? Do you agree that every sentence in that is true? From my perspective, it started out as lies, and simply kept expounding on the initial false premise.

Apple inc management has deliberately conflated the court order regarding this one phone into an effort by the government to engage in wholesale snooping on everyone's phones without warrants.

If you are not honest enough to admit that this looks like a con job, then I don't really see any further point in assuming any objectivity on your part.

If you want to be a cult follower, that is your prerogative, but I try to follow objective truth even if it goes against the grain of the majority. It's got me in trouble plenty of times, but it is in my nature to challenge falsehoods and false gods, and I urge everyone else to do the same.

[DiogenesLamp]

If they can’t even spell the correct 3-letter name of the thing they want “fixed”, they’re in no position to demand exactly how it will be done & delivered.

On a lot of websites which I have patronized, your point is generally regarded as being in the category of the "spelling Nazi" which is the kissing cousin of the "grammar Nazi."

It is a pointless and trivial objection that really has no bearing on the discussion other than a demand for order and structure.

The technical and grammar/spelling mistakes of the FBI are not really relevant. What is relevant is whether or not Apple can help within a reasonable level of difficulty, and whether the law can compel them to do so.

I interpret their screaming fit as evidence that this is within their capability, and I interpret the fact that a Judge ordered them to do it as evidence that the law can reasonably compel them to do it.

[DiogenesLamp]

You are NOT going to get my goat, you pusillanimous piss ant pipsqueak.

Perish the thought! :)

[DiogenesLamp]

You say as you troll me. Hey, let's bring up Tim Cooks sexual perversion again. I know YOU want to talk about it! :)

You're the one whose brought it up at least a dozen times in this thread. It's irrelevant to this topic.

I think I have brought it up exactly twice in this thread. Certainly not a "dozen times". One of those times was a joke, and the other time was to get the goat of my pet stalker who seemed to think it was the only thing worth discussing. That is the message to which you are responding.

But you seem somewhat sensitive to it. Does it bother you that Tim Cook is a Homosexual? Or that he tried to force his own homosexual beliefs on the state of Indiana like the Nazi minded whack job he is?

Given how he attempted to intimidate Indiana, it may very well be relevant as this plays out. I could see how a group of people that have a propensity for young boys might be very interested in "privacy" regarding data on their phones. Perhaps that is the fundamental truth driving the vehemence (and Drama Queen like histrionics) of his reaction?

This may be more relevant than you wish to admit.

[Swordmaker]

I am not talking about a restore. The ‘setup your device’ does not apply until after the restore. According to the link you’ve posted this is where you create a passcode.

Yes. You are. If you don't have the passcode or the original AppleID and passcode you can't open the iPhone without erasing the data or restoring the data from an iTunes or iCloud backup. It is just the way it is. As I said, it is obvious you have never done what you are claiming can be done, because it cannot. You cannot just walk up, install a new operating system, and open someone's data. It cannot be done. If you create a passcode, you get a factory blank iPhone. You then can WAKE UP!

Don't try to teach the sighted to see when you yourself are blind.

[Swordmaker]

3. When you see the option to Restore or Update, choose Update. iTunes will try to reinstall iOS without erasing your data.

I've done this numerous times for clients who've screwed things up, Ray.

Let's say when that works, now HOW do you get into the iPhone, Ray76?

It restarts and then presents you with the normal swipe to open screen and the it REQUIRES your passcode to be input to continue! Hooray, you're in. But you don't get in without it, or your AppleID and password, it just won't happen as you seem to think!