back to article We survived a five-hour butt-numbing Congress hearing on FBI-Apple ... so you don't have to

In a marathon session that would have tested the patience of even the biggest Apple fanbois, the House Judicial Committee spent the entirety of Tuesday afternoon discussing the conflict between the FBI and Apple over access to an iPhone. Unfortunately, despite nearly five hours of testimony from FBI director James Comey, Apple …

  1. Brian Miller

    Congress par for the course

    "... the US Congress had an opportunity to force some truth into the equation. It failed to do so."

    That's normal. The US Congress rarely forces truth into anything. If there is truth in a session, it's not a deliberate result or even intention.

    No, it's all par for the course. Hot air in Washington, DC, global warming not blamed.

    1. Graham Marsden
      Thumb Up

      Re: Congress par for the course

      Mostly these hearings are about those asking the questions making sure they look good for the cameras and, if possible, getting a good soundbite on the news so they can say to their voters "Look, see, I'm doing stuff for you!"

      Often it seems they spend so much time making speeches that they have bugger all time left to ask questions at all!

  2. Snowy Silver badge

    Hmmm

    Why not roll back the password change to the icloud and force the phone to backup to the icloud?

    1. MachDiamond Silver badge

      Re: Hmmm

      Many systems don't allow the admin to see the current password, but the admin can reset the password on an account so that the user can then change to whatever they like. Once the old password is reset, it's gone. It's a good way to keep passwords secret.

      1. Anonymous Coward
        Anonymous Coward

        Re: Hmmm

        Are you telling me Apple's servers are not backed up with Time Machine?

        1. Anonymous Coward
          Anonymous Coward

          Re: Hmmm

          iCloud is stored on AWS, not on Apple's servers (at least not yet)

          iCloud is used as a backup for your iPhone, why would Apple make backups of backups? The data is stored redundantly on AWS, but they don't offer any way to recover something you've deleted from iCloud. Once its gone, its gone.

          1. Robin

            Re: Hmmm

            why would Apple make backups of backups?

            Surely as far as Apple are concerned, that first 'backup' isn't theirs, it's the user's. So it's primary data?

            You'd be pretty pissed off if your phone died but then you couldn't restore the data because a hard drive had died and wiped it.

            1. Anonymous Coward
              Anonymous Coward

              Re: Hmmm

              As I said, the data is stored redundantly on AWS, so they don't need a backup. If the user deletes something from their phone, that deletion is synced to iCloud the next night, and they want it back, tough. That's not a capability Apple advertises for iCloud backup of your phone.

              If you want that, you back it up to iTunes and manage your own backup strategy.

            2. PaulFrederick

              Re: Hmmm

              yeah well get over it. Shit happens. Better luck next time. If it is really that important to you then use a more robust backup system.

  3. a_yank_lurker

    Congress Doing What It Does Best

    Many have noted the intelligence of Congress critters is a very, very low mark to exceed. Czar Reed of Maine noted the propensity of Congress critters to subtract from the sum total of human knowledge. And that is what they do best. Comey may look intelligent compared to Congress critters but he still is subtracting from the sum total of human knowledge, just not as rapidly.

    1. tom dial Silver badge

      Re: Congress Doing What It Does Best

      The problem may not be so much that the senators and representatives lack intelligence as that they feel an irresistible compulsion, when in public, to appear intelligent to impress their constituents who, on average, are less intelligent and much less informed. When this gets into subjects where a fair amount of somewhat uncommon technical knowledge would be helpful, things go very rapidly Soutn.

      1. Anonymous Coward
        Anonymous Coward

        Re: Congress Doing What It Does Best

        things go very rapidly South.

        You may have said more there than you intended :)

  4. Peter Prof Fox

    Is Napalm the only answer?

    If the Colonials elect Woodentop then definitely yes. Bush lowered the bar but Trump in the White House blurting would be too much even for the arselickin' British.

    1. Captain DaFt

      Re: Is Napalm the only answer?

      "but Trump in the White House blurting would be too much even for the arselickin' British."

      Never underestimate the masochism of Parliament. They have a class of officers designated as Whips, after all. :)

  5. Mark 85

    Our CongressCritters are an embarrassment and it's only going to get worse. <sigh> And from the comments I read here on El Reg, I daresay those of you across the pond feel the same way about Parliament.

    1. Fred Flintstone Gold badge

      And from the comments I read here on El Reg, I daresay those of you across the pond feel the same way about Parliament.

      It's more a source of frustration and sadness. There is so much potential wasted in a great nation by a dangerous mixture of idiocy and self interest that I despair at this ever righting itself without some pretty aggressive corrections, not helped by the fact that everyone has guns. The fact that there are only two political parties (again mainly focused on their own interest) is not helping either.

      There are a lot of good things that the US can do globally, but it does indeed require some sanity to return to the way it is governed. So far, the signs are not that good :(

      1. Pascal Monett Silver badge

        There is only one political party, carefully orchestrated to make people believe they have a choice.

        In truth, everything is arranged beforehand by committee, deals are sealed in advance, and the "election" is just a reality show.

      2. allthecoolshortnamesweretaken
  6. Anonymous Coward
    Trollface

    > Mr Issa must have read a post on a technical blog somewhere because he became convinced he had the answer to the FBI's woes: "You can remove all the non-volatile memory from an iPhone 5C,"

    Sounds like he (mis)read my stupid comment this morning.... trololol

    Nah, I doubt it. I didn't use that exact phrase.

  7. mrjohn

    Trey

    "You can go into people's bodies and remove bullets but you can't go into a dead person's iPhone and remove the data? I'm just amazed by that.

    You're not the only person who was amazed, Trey."

    I think you are deliberately missing the point. It is starting to sound like tech is a sacred cow which must remain inviolate, however we accept the need to cut open a corpse, irrespective of the distress this might cause the bereaved, for evidence. It's an emotional stance perhaps, not a logical comparison, but humans generally make decisions based on emotion, not logic.

    If my assumption is correct I see where he is coming from, smart phones, and the data they contain and access are considered the priority, perhaps even the much vaunted privacy is beginning to play second fiddle to the preeminence of the technical achievement that ensures this privacy. The value is not the information, but the fact Apple have made a clever way of keeping it.

    What keeps Tim Cook awake is the possible realisation by the general public that analog alternatives have their plus side. Maybe the US will see a spike in sales of fireproof safes, same as Japan has seen this year.

    1. bazza Silver badge

      Re: Trey

      Yes I was thinking that too. It's an extreme analogy from Trey, but it is valid. Everyone is used to the idea of investigators looking in a murder's wallet, house, papers, bank accounts, phone bill, corpse, etc. Why should their phone be any different?

      To extend Trey's analogy, Apple's argument amounts to saying that surgical tools used in autopsies should be band.

      It's not like the FBI are asking for warrantless or universal access. With a warrant (which indicates one off necessity) they can already look in one's wallet, house, papers, bank accounts, phone bill, iCloud, etc, and everyone thinks that's ok. Oneself need not be dead, they simply have to show a reason to justify suspicion.

      However, they aren't doing themselves any favours in stretching what a warrant should empower with FBI vs Microsoft.

      Safes that can defeat a real expert armed with the right equipment are pretty rare and expensive.

      1. Frank Zuiderduin

        Re: Trey

        You seem to be missing the very same point Comey is. It's not about getting access to this particular device. It's about creating something that will essentially enable law enforcement to access any such device anywhere in the world.

        I don't think Apple would mind providing access to that iphone if they could do it without endangering the security of all other iphones.

      2. Richard 12 Silver badge

        Re: Trey

        They are asking for universal access.

        To use a daft analogy that Congresscritters might understand:

        Apple have built a pretty secure safe. It's almost impossible to break open that safe without destroying the contents.

        The FBI want Apple to make a special lockpick they can use to open one of these safes.

        However, that lockpick must, by definition, also open all safes of that type and once built it is trivial to copy.

        Furthermore, the FBI have acted dishonestly throughout.

        They claimed that the lockpick and the legal force used to create it would only be used for this one case.

        Both of these are simple lies. It appears they now accept the latter.

        They also did not allow Apple to present arguments to the judge when they asked for the order against Apple.

        Put simply, this is a huge overreach by law enforcement.

      3. John H Woods Silver badge

        Re: Trey

        "It's an extreme analogy from Trey, but it is valid. "-- bazza

        I disagree. I think the analogy is seriously flawed but if we must stick with it, it is more like this:

        We have always been allowed to remove bullets from corpses for forensic purposes. These new fangled bullets wont come out without disintegrating, so they'll be forensically worthless. The bullet manufacturer does not have a tool to extract the bullets intact. Maybe they could create one? The trouble is that it would allow other people to remove other bullets from corpses, allowing the possessors of such a tool to commit crimes (more exactly destroy the evidence of the crimes they have committed).

        Analogies have their uses, but the frantic - and largely [1] fruitless - search for a good analogy to describe the current situation makes me concerned that many of the people engaging in the discussion are simply not equipped to do so.

        [1] the only reasonable analogy, IMHO, is the one presented by Richard12 above: the safe manufacturer can only open this one safe by creating a tool that would open very many of the safes they have already sold. But for the analogy to work, this tool has to be one that, once created, is easily stolen or copied.

        1. AIBailey

          Re: Trey

          the only reasonable analogy, IMHO, is the one presented by Richard12 above: the safe manufacturer can only open this one safe by creating a tool that would open very many of the safes they have already sold. But for the analogy to work, this tool has to be one that, once created, is easily stolen or copied.

          How I'd read it was more like the safe manufacturer has been asked to create a tool that will indeed only open one safe, and they're then allowed to destroy anything that they had to develop in order to make that tool - mouldings, documentation, prototypes etc.

          However, having proven that they're capable of doing it for one safe (validating that they can produce a tool that serves the purpose), they've opened the floodgates and will receive progressively more requests for "one-off" tools. Eventually the safe maker decides that it's more cost effective to make a universal tool, or to keep a selection of toolings and moulds to turn out "bespoke" tools whenever asked.

      4. PaulFrederick

        Re: Trey

        The difference is the FBI is demanding that Apple supply them with the forensic tools they desire. Apple is under no compulsion to do such a thing either. They probably can't. If I told you to flap your arms and start flying, could you? How about if I held a gun to your head? Does that help you get off the ground any? Let's be reasonable here. The FBI is demanding that Apple manage to do the impossible. Or at least massively difficult. This goes a bit beyond say a jury duty notice when it comes to civic responsibility.

        If the government wants to snoop in people's phones then I say more power to them. But I also say they can do their own dirty work too. Which amounts to saying good luck. While we continue to develop technologies that thwart their attempts to invade our privacy. Which is the whole point of encrypting personal devices. If we wanted these bootlickers to see our private data we'd have emailed it to them!

    2. Paul Crawford Silver badge

      Re: Trey

      Trey Gowdy is probably right, but for all the wrong reasons.

      The problem I see with the FBI's request, and indeed most of the debate, is about the ability to bypass encryption with software. Quick, easy, and something that can probably be used remotely as well (if it can be a forced "upgrade" with Apple's signature) on any phone they can get an IP address for. That opens a floodgate of possible abuse not just by the FBI but every police and intelligence agency world-wide.

      But what if they only way was a physical forensics approach? So you have to de-solder the encryption chip, grind off its packaging, and use an electron microscope to read out the key? That is analogous to an autopsy and the removal of bullets for evidence. It is not quick or cheap, and certainly not possible remotely. That would bring some parity in the argument where safes, bank deposit boxes, etc, are being compared to encrypted contents.

  8. Anonymous Bosch

    It is Congress not congress

    If the editors want to "print" stories about the American system, try capITalizing things correctly. It is the US Congress not the us congress.

    1. Anonymous Coward
      Anonymous Coward

      Re: It is Congress not congress

      If the editors want to "print" stories about the American system, try capITalizing things correctly. It is the US Congress not the us congress.

      shift keys are expensive and exclusively reserved for the programming team. budget cuts, you know..

    2. MrDamage Silver badge
      Trollface

      Re: It is Congress not congress

      If Americans wish to speak and write in English, try learning to spell and pronounce it correctly first.

      Also, your grammar could use a bit of polishing, because technically it would be the U.S. Congress.

  9. Anonymous Coward
    Anonymous Coward

    Yes, you CAN remove the "non-volatile memory".

    "Non-volatile memory"...interesting descriptive phrase, that...is fabricated from thin slices of monocrystalline silicon. The slices are cut into rectangles which are typically encapsulated in plastic or epoxy and usually have an array of conductive spots on the surface of one of the two larger faces. The array of conductive spots on the memory device is attached to a matching array on the circuit board by a conductive material, usually solder. If El Reg allowed the posting of images, I could show a variety of "non-volatile memory" devices in both free (still in the carrier) and installed (soldered-down) condition. I could also post images of devices that have been non-destructively removed for diagnostic purposes. The process requires some specialized and expensive equipment, as well as a skillful and experienced rework technician. But it's not rocket science.

    I am rather disappointed in Kieren McCarthy, not only for being unaware of this relatively commonplace practice, but also for his unflattering comparison of Darrell Issa to someone's doddering old uncle. In this instance at least, Mr. Issa is correct.

    I don't know if El Reg permits the posting of links. But for what it's worth, you can get a good look at the "non-volatile memory" device installed in an i5 phone at an Australian tear-down site: http://iexpertsaustralia.blogspot.com/

    I will happily retract my expression of disappointment if K.M. will post specs on the specific "non-volatile memory" device in question (the device, not the phone) showing that the encryption mechanism is internal to the device package, and that the device itself keeps count of the number of attempts made, to access its (the chip's) internal contents.

    Hint: Think "Hynix NAND Flash". Investigating this part number: "Hynix H2JTDG8UD3MBR" would be a good place to start.

    1. Anonymous Coward
      Anonymous Coward

      Re: Yes, you CAN remove the "non-volatile memory".

      I will happily retract my expression of disappointment if K.M. will post specs on the specific "non-volatile memory" device in question (the device, not the phone) showing that the encryption mechanism is internal to the device package, and that the device itself keeps count of the number of attempts made, to access its (the chip's) internal contents.

      Well, time to post that retraction then. There is no need for NVRAM to have the crypto internally as it only holds data and the problematic encrypted containers. The crypto chip is separate, which is the whole point - the crypto chip processes data before it gets to NVRAM so you can lift all you want from the NVRAM, it won't be of help other than being able to run through the whole AES256 keyspace to brute force crack it.

      The crypto chip has a salt (crypto ID which is used to alter encryption) which is unique to each specific device, and it cannot be extracted as a factor as it is only ever seen as the result of encryption - this is what ties it to the device hardware. Data without that specific processor is useless. It will also hold the NVRAM "master key" which is randomly generated, and it is the combination of "baked-in-chip" + "master key" that will allow you to decrypt what is in NVRAM.

      If you fail to enter the correct password for more than 10 times, the chip will drop the master key, which is pretty much equivalent to erasing NVRAM stored encrypted containers, but without spending the time rewriting every bit.

      Now, Mr Expert, the first expertise you should focus in is how to use Google and read more comments because this is FAR from new. I know it is hard, but if you would bother to first research to resolve your own ignorance, it would save you from opening your mouth and confirming it. It would have also yielded the insight (visible in many posts) that The Register does indeed allow URLs for people who have been here long enough although granted, it could really do with an update on which tags are allowed, and probably make that a bit easier to find.

      1. Anonymous Coward
        Anonymous Coward

        Re: Yes, you CAN remove the "non-volatile memory".

        I'll grant that the decryption process would be a draconian ordeal. But a brute force attack is quite possible and is quite likely to succeed. The substance of my posting is/was that the chip CAN be removed and that the data CAN be extracted, barring some risk of accidental destruction during either of the extraction phases...physical followed by digital.

        I will also grant that your knowledge and understanding of the encryption mechanisms used in this phone and even regarding encryption in general are far superior to my own. However, I would like to observe that decrypting the data, once it is extracted, is a separate issue with respect to the extraction itself.

        Your response focuses almost entirely upon the difficulty of cracking a fully functional phone, with all protective mechanisms intact and running. I don't think my post addresses that process. At all.

        I think it's premature to simply discard any possibility of physically extracting the encrypted data and subsequently trying for a brute force decryption, particularly if Apple prevails in the courtroom.

        And seriously...was your last paragraph really necessary?

        1. Richard 12 Silver badge

          Re: Yes, you CAN remove the "non-volatile memory".

          A brute force attack on this type of encryption would take many trillions of trillions times longer than the age of the universe.

          https://m.reddit.com/r/theydidthemath/comments/1x50xl/time_and_energy_required_to_bruteforce_a_aes256/

          If you don't believe me, do the maths yourself.

          2 raised to the power of 255 (half the keyspace) is a very, very big number.

          1. allthecoolshortnamesweretaken

            Re: Yes, you CAN remove the "non-volatile memory".

            So, just to clarify (this is not my field of expertise) and to wrap my mind around this: it would be possible to remove the memory chips from the phone and make a 1:1 copy of the data stored on the chips - but that would not bring you any closer to decrypting1) the data, so in this case it's pointless?

            1) unless you have the time machine that would be necessary to brute force it

            1. John H Woods Silver badge

              Re: Yes, you CAN remove the "non-volatile memory".

              "So, just to clarify (this is not my field of expertise) and to wrap my mind around this: it would be possible to remove the memory chips from the phone and make a 1:1 copy of the data stored on the chips - but that would not bring you any closer to decrypting1) the data, so in this case it's pointless?" --allthecoolshortnamesweretaken

              My usual explanation of brute forcing AES256:

              Keyspace 2^256, average time to find key 2^255=6e+76. Allow a nanosecond per attempt (that's almost unfeasibly fast) and you need 6e+67 seconds. Allow ten million of those machines and you are at 6e+60 seconds. Find an as yet unknown algorithmic weakness in AES256 and award yourself a trillion trillion trillion fold speed up, and you get to 6e+24 seconds --- which is about 15 million times the current age of the universe (4.3e+17 seconds or thereabouts).

              AES256 may not be invulnerable (and it probably isn't) but standard (i.e. non-quantum etc) brute forcing of the keyspace is simply never going to be possible.

            2. Anonymous Coward
              Anonymous Coward

              Re: Yes, you CAN remove the "non-volatile memory".

              Short answer to the first question: Yes, the raw bits can be extracted from the flash memory, although there exists a non-trivial risk that the flash memory or the raw bits may be damaged or destroyed by accident.

              Whether or not the bits can be decrypted within a useful period of time depends upon what may or may not be known about the data.

              Most folks equate a "brute force" attack on AES256 as being synonymous with "trying every possible combination" one at a time. This perspective includes the worst case scenario, where every bit in the 256 bit keystring has been used to encrypt the data. There are several good write-ups on the subject, but the upshot is that one needs to make 2^256 trials in order to exhaust every possible keystring combination.

              If the cracker(s) know enough about the data, then the number of trials can be substantially reduced. I doubt the FBI has this knowledge, but who knows?

          2. Doctor Syntax Silver badge

            Re: Yes, you CAN remove the "non-volatile memory".

            @ Richard 12 (and assorted others).

            Read this very carefully. Read it several times if you don't understand it first go.

            The FBI want to try brute force.

            What they're trying to brute force isn't the encryption key.

            What they're trying to brute force is a pass code of a few digits.

            1. Fred Flintstone Gold badge

              Re: Yes, you CAN remove the "non-volatile memory".

              As far as I can tell, the long term goal is to brute force a return to their golden days of the Clipper chip backdoor, this time by setting a precedent to enable unprecedented legal harassment.

              The phone and its content is merely incidental, a tool to game the legal system, the press and the politicians.

        2. Anonymous Coward
          Anonymous Coward

          Re: Yes, you CAN remove the "non-volatile memory".

          Your response focuses almost entirely upon the difficulty of cracking a fully functional phone, with all protective mechanisms intact and running. I don't think my post addresses that process. At all.

          I think it's premature to simply discard any possibility of physically extracting the encrypted data and subsequently trying for a brute force decryption, particularly if Apple prevails in the courtroom.

          And seriously...was your last paragraph really necessary?

          I'll only address the latter because that saves a lot of time: yes, for a simple reason - ALL, and I mean really ALL of the questions and sensible explanations have appeared here since the first story about Apple vs FBI broke, and not just once but many times over. After a while, this leads to a sort of idiot-fatigue, an irritation with people who don't bother to do their own reading but depend on others to explain to them again and again (and again) stuff even the most basic search on Google could unearth for them. Maybe just give that a try next time?

          Oh, and then express "disappointment" with the journalist for not repeated a discussion about something that is unworkable, has been explained ad infinitum, would require no more than about 10 seconds to find data on and be upset being called on that. Well, colour me "disappointed" too then, with that standard of thinking.

          So yes, full on yes.

  10. MachDiamond Silver badge

    Encryption?

    I am frustrated at the media for printing that the FBI wants Apple to "break the encryption" on the phones in question when this isn't the case. It's just a simple login password gate that may (or may not) have a wipe routine if too many incorrect attempts are made in a row.

    If the data on the phone is encrypted, they might as well give up now and save the taxpayers millions of dollars in useless grandstanding and LPTUL (Loss of Productivity Through the use of Lawyers).

    1. Anonymous Coward
      Anonymous Coward

      Re: Encryption?

      If the data on the phone is encrypted, they might as well give up now and save the taxpayers millions of dollars in useless grandstanding and LPTUL (Loss of Productivity Through the use of Lawyers).

      It IS encrypted, but do you really expect results from asking politicians to actually *work* for a living?

      :)

  11. Anonymous Coward
    Anonymous Coward

    Phone...

    I wonder how much that iPhone would fetch on Ebay?

  12. Chris G

    Congress

    Or Parliament or similar institutions, seem to be places of refuge for feeble, politically oriented minds who are usually wealthy but unlike most refuges, they pay the inmates instead of the other way round.

    Now I'm getting on a bit I am thinking of going into politics; I don't think I could do much worse!

    1. allthecoolshortnamesweretaken

      Re: Congress

      Do it. No sarcasm intended - if any field needs more people with a technical/scientific background* in it, it's politics.

      *as this is El Reg forums, I'm assuming you've got one

  13. Michael Habel

    If Congress iis guilty of anything.... It's overreach.*

    This is clearly a question that will have to chill until after the next Election + the inevitable appointment to the SCotUS.. As what is happening her goes straight to the heart of no less then Three of the TOP FIVE Constitutional Amendments. Namely the Fifth, (Self Incrimination), the Fourth (Search, and Seizure), and if you will take Apples viewpoint the Granddaddy of 'em all the First (Speech).

    Anyone like Bill Gates that would liken ones Smart Device Data, as rip for picking by all sundry shpuld probably be best avoided. Smartphone Data is NOT public record al la Bank, or phone Bill Record(s)..

    And to me this is a clear, and pressent violation of the Fifth Amendment, So for now Congree's opinion on this matter (Regardless of which side is running it!), to me is largely irrelevant. As unlike the spade of only mildly entertaining International Patent disputes. Along comes an actual question for the Constitutional Court(s).

    *Yes Congress can make, and eventually pass (New) Laws, but we're not even 1/64th of the way there for them. The current mangment, or shudder the One that forsterd the Obamascam Tax on us. When the question is clearly addressed to those serving on the SCotUS to basicly state the obvious that this should be a clear violation of the Fifth, and should be dismissed as such.

  14. Doctor Syntax Silver badge

    "Comey also came across as sincere when he said that if anyone watching had any good ideas about how to break into the phone or to help resolve the broader issue about encryption and privacy, he was all ears."

    I can help him in two words: accept limits.

    It's the lesser of the two evils.

  15. Adam 1

    counting attempts

    It occurred to me that the number of wrong attempts must be written somewhere non volitile.

    It can't be encrypted with the actual key (although could be encrypted using the hardware ID). How do the iphones protect themselves against overwriting that block of storage between each guess so as far as the phone knows it is the first guess?

    1. Anonymous Coward
      Anonymous Coward

      Re: counting attempts

      Good question.

      Battery backed-up RAM, perhaps? Surely this problem cannot be as simple as opening the case and unsoldering a battery lead?

      Anyone out there know the answer?

    2. JeffyPoooh
      Pint

      Re: counting attempts

      "...the number of wrong attempts must be written somewhere non-volatile."

      One of the presentation videos on CCC.de has the hacker/cracker illuminating an individual non-volatle memory cell (one bit, a flag) within a de-capped security chip to reset that security state flag bit (with light).

      That's the sort of unforeseen approach that's used to get into a system with 'infallible' security. They might need to invent or discover something for the iPhone 5C. But there's always a way, unless this is the very first device with perfect security (seems unlikely).

      Nothing to do with brute forcing. Seems to take days or weeks, not trillions of times the life of a universe filled with etc etc etc.

      They'd certainly want to buy a box of phones to practise on, before their one-shot at the subject.

  16. allthecoolshortnamesweretaken

    Worth it?

    According to Cryptome, the FBI Director's salary is about $200,000 per annum. So roughly $547,95 a day*. Assuming an 8 hour workday** that's $68,49 per hour.

    5 hours of butt-numbing Congress hearing x $68,49 = $342,47. Before tax.

    * Yes, I know. Sundays, days off, etc. And lifetime benefits, perquisites, medical, consultancies. This is not a PhD thesis, so back off.

    ** You just can't let it go, can you?

    1. Mephistro
      Devil

      Re: Worth it?

      It makes sense if the true goal of Mr. Comey in this affair is being able to choose his own salary. Call it an investment. ;-)

  17. Nifty Silver badge

    I'm expecting a change in U.S. law. After all, an un-decypherable iPhone in a terrorists hands is akin to a powerful weapon. And you're not allowed to manufacture/keep such things at home in America are you? Oh wait...

    1. CarbonLifeForm

      Nobody is saying you shouldnt be allowed to have this phone. But should you be allowed to keep your gun away from forensic investigation or fit it with self destruct?

      1. Michael Habel

        A Gun depending on how much of a clean freak you are.. can only tell someone about the time it was last used. Or to take a "sample" to match the striations of the Projectile, to see if those match. What it can NOT tell you is who fired it, and when. Sans any Fingerprint residue.

        A Smart Device on the other hand could potentially have someones whole life inside of it. Their Contacts, Personal Pictures, such Documents that the Police would otherwise would undoubtedly love... to have to nail your sorry rump. But, where does the myth of wider security HAHAHAHA! begin to trump over personal, Constitutional rights?

        You simply can't be that dense to post on a Site like this, and think that this will just end with that One SmartPhone in California now... Or?!

    2. Michael Habel

      That change in law probably can not happen until the SCotUS gets a say in this matter. Unfortunately, and given the seriousness, of the immediate question before us, its probably not likely to hit said court until sometime next year. I'm very sure Obama would LOVE to fork over the American People one last time by having a play with who might get that empty "seat" in the SCotUS. Thankfully though, the time of his Stars being properly aligned are over, and anyone that might get a Hearing to that Appointment, will just be spinning their Wheels into obscurity FAST! So for one I doubt there are very many currently interested in the job at this time.

      Though on the other hand... being as clear a violation of at least the Fifth, and very possibly the First Amendments. It's not exactly rocket science for them to step up their game, and tell both Congress, and the FBI to back off. But, again for the subcontext above. Probably not gonna happen in an election year.

      But, it is quite fun to see how our Politicians would use the Constitution to wipe up after themselves, if they think they can just do what they damn will please.

  18. Anonymous Coward
    Anonymous Coward

    Video of the whole event..

    .. is available on Youtube.

    Just in case you have trouble getting to sleep.

  19. Old Handle

    I still think the electron microscope idea has some merit. The way I see it, the phone necessarily contains all the information required to reproduce the unencrypted data, except the PIN. It could be stored in this chip, that chip, or spread among several, and some of those chips may well have their own safeguards, but ultimately it's all got to be there.

    The risk that they might inadvertently destroy the data while trying to get at it is a concern, but they could of course practice on other iPhones first.

    1. Michael Habel

      Boy that takes me back...

      Perhaps they can get NDS to break it the way they broke Mediaguard CAS (French Satellite DTH Encryption) back in the early Naughties. That is if you believe the legends... I for One do....

    2. PaulFrederick

      why wouldn't the data be stored encrypted? Just how lame is the security on an iPhone? Usually all data is encrypted with these digital security schemes. So electron microscope, or no, you're still looking at an encrypted stream. Simply copying the data out of the device itself should be far more trivial than trying to scan it one electron at a time too. Physical access opens up possibilities that realistically cannot be safeguarded against.

      Unless you're Mr. Phelps. Then maybe you can have a phone that says, This phone will self destruct in 5 seconds. Cue the theme song.

      1. Old Handle

        It would be encrypted, of course. But the key(s) (save the pin itself) must be in there in some form as well, or else the phone wouldn't be able to decrypt it either.

  20. PaulFrederick

    What happened to the good old days?

    You know, like when governments did their own spying? I think the FBI is missing the whole point of cryptography here. I doubt Apple even wrote the code they use for security. Even if they did, that doesn't mean that they made it easily breakable. Because if it was then what good would it really be? The whole reason that security is there is specifically so the FBI can't do what they want to do. That's life, deal with it!

    It used to be that at an early age people came to realize that life isn't always about getting everything you want. Although if you're extremely lucky it can sometimes be about getting what you worked hard for yourself. So act somewhat mature FBI, because right now you're embarrassing yourselves.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like