James Clapper Says Nerd Magic Can Solve Terrorist Content Filtering, Create Safe Encryption Backdoors

from the harry-potter-but-for-lawful-access dept

Former Director of National Intelligence James Clapper went from having a comfortable, shadowy job in a comfortable, shadowy office to being the face of the American surveillance state after the Snowden leaks. Instead of only being periodically hassled by a couple of Intelligence Committee members (mainly Ron Wyden), Clapper was called to account for the NSA’s apparent surveillance sins. And he handled it badly.

After plenty of evasive discussion, Clapper finally said, “Oh, you mean those phone records,” and ushered in a new era of slightly less bulk metadata collection. But he still made the most of his speaking opportunities to pin the woes of the terrorized world on Snowden, noting his leaks “sped up encryption adoption by seven years.” It was an oddly precise estimate, especially given the contradicting evidence showing terrorists hadn’t really changed their communication methods in response to the Snowden leaks.

Clapper is no longer the Intelligence Director, but he’s still beating the encryption drum during interviews. And it appears he’s aligned himself with another former government employee, James Comey. Speaking to the National Press Club in Australia, Clapper called for both harder nerding and tech companies being a (possibly compelled) source of light in the growing darkness.

As governments around the world face the ongoing threat of extremism, former US Director of National Intelligence James Clapper says tech companies have a social “responsibility” to take better care of what appears on their platforms.

[…]

“I do think there is a role to play here in some screening and filtering of what appears in social media,” he said.

“In the same way that these companies very directly capitalise on the information that we make available to them and exploit it, it seems that that same ingenuity could be applied in a sensitive way to filtering out or at least identifying some of the more egregious material that appears on social media.”

How social media companies are supposed to auto-filter all terrorist content is, of course, left unexplained. When companies like Facebook can’t even filter human breasts without screwing it up, it’s a stretch to say the problem of terrorist content and communications is just a coding breakthrough away. Considering the vast amount of content posted everyday on major networks, it’s not as simple as applying a bit more mental elbow grease. Much of this is relegated to algorithms, simply because there’s not enough manpower in the world to handle the input of billions of social media users.

Clapper also called for tech companies to “work with” law enforcement to provide access to encrypted communications.

Clapper suggested that cooperation could mean “law enforcement particularly would be allowed access to encryption” if it could be done in a “safeguarded way.”

“I hear the argument about if you share once with one person and it’s forever compromised. I’m not sure I really buy into that,” he said.

It really doesn’t matter whether Clapper “buys” this or not. It’s a fact. And it’s a fact that’s been demonstrated in explicit detail by the leak of NSA software exploits. A hole is hole — one that can be used for good or for evil. The world’s top intelligence agency can’t even keep its exploits secure. How are we expected to believe law enforcement agencies are going to keep these backdoors from being discovered and exploited?

Clapper grooved on the Comey vibe during this talk, acting as though tech expertise is some sort of dark art used deliberately to stick it to The Man. Anyone who uses the phrase “miraculous technological things like iPhones” shouldn’t expect to have their assertions taken seriously. It suggests the person making them still has trouble distinguishing between innovation and magic. Consequently, it’s these sort of people who continually claim “safe” backdoors are possible, rather than being the mythical deus ex machina they actually are.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “James Clapper Says Nerd Magic Can Solve Terrorist Content Filtering, Create Safe Encryption Backdoors”

Subscribe: RSS Leave a comment
50 Comments
Ninja (profile) says:

Sounds like s bad nerd “Adventure Time” plus acid trip. Magic Nerds, Magic Keys and Magic Terrorists.

(I should try this at least once in my life)

And it’s both amusing and sad that every single nerd, security expert and otherwise much more tech-savvy person out there has already told him it can’t be done and he keeps insisting. He’s not even listening, he’s dead set in his Magic Key theory. We should nerd harder to create mechanisms that can’t be intentionally broken at all (ie: you can’t insert backdoors without making it unusable) so people like him can’t screw the rest of us.

Anonymous Coward says:

Re: Re:

It’s just another case of actual motivations versus stated mission.

What if you could have access to/control over the entire digital existence of your friends/neighbors/lovers? Of your co-workers/bosses and their bosses? Of your business competitors? Of your personal rivals?

What couldn’t you do with all that information so as to force your interests over theirs?

  • See/mitigate their probable next moves in real time.
  • Effectively disappear any of their ideas that challenge your own.
  • Make appear damning evidence of wrongdoing on their digital property.
  • Access all manner of blackmail material (not just of them, but of anyone they might care about) to control their behavior.

Don’t ever be confused by these professional liars’ words versus their actual mission. Especially when their end-game motivations couldn’t be more obvious.

Ever notice how mass surveillance apologists/promoters like Comey/Clapper/May/Macron and their ilk always frame the discussion in terms of the legitimate mission of "stopping the bad guys". But they only ever pay a passing lip service to WHAT ELSE could (i.e., almost certainly will) be done in abuse of all this private information on everyone. They just give vague reassurances to the public of the legitimate use scenario by describing a unicorn fantasy dreamland of strict oversight and proportional response – when it’s plain to see our intelligence communities operate without effective oversight and out of reach of the law.

Mass surveillance is primarily about crushing any challenges to established financial-power interests. Period. No matter if those challenges might come from "terrorists", political/personal/business competitors, or just from citizens legitimately challenging corruption/malfeasance by corporate/government/institutional officials.

TKnarr (profile) says:

If Mr. Clapper’s so sure it’s possible, I’ll be happy to work on the problem for him. My rates start at $200/hour assuming a minimum of 2080 hours (a 1-year contract at 40 hours/week), with rate adjustments for travel, out-of-office work and work in excess of 8 hours/day or 40 hours/week to be determined. An initial estimate is it’ll take quite a bit more than just one year for the work, but I should have a good handle on the time required by the end of that first year and he can decide then whether it’s worth it to him to pay for the time required.

Oh, he wants me to do this for free? Well, I suppose I could. He’ll have to take a number and get in line behind the other 7,936 people who’ve asked me to do pro bono development for them over the years, though.

ECA (profile) says:

Dont know..

HOW much of what these folks say, is true or not..
They have been preaching this for along time.
They have been SAYING and TELLING us they can break anything, and built a FEW major intercept locations designed to Crack and break and monitor What goes on, On the internet..

I do know, and have a good amount of experience with computers, hardware and software released to consumers and some of the OLD LARGE computers.

Saying things about how this stuff works from THEIR SIDE, shows me that Most of them have never even taken a computer class.
I have said many times that searching the net and de-crypting ANYTHING hidden would be a monstrous undertaking.. They tried it 1 time in the past and FILLED a 20×20 room 3 foot deep in 1 day. enough information/data to take 3-5 years to sort, unless you had ENOUGH people to do the job. This is an OLD idea of using 1/2 the nation to watch over the other 1/2, and those 1/2 watching the others, watching them..
Over the last 10 – 15 years..The internet has grown Huge. And communication in many forms happens, from programs talking to programs to Data being sent back and forth, from OPEN channels of TXT communication, to Naked pictures.. There are Many peograms from Games to Chat programs that let people communicate with each other..BEING ABLE to find and use/monitor ALL those channels would be a task. All the different chat programs and Languages involved would make it a Task and 1/2…
NOW take a abit more information, that the INTERNET was not designed around GRAPHICS and BROWSERS..those are secondary, and even Further down the line..the OLD internet is a strange place for many. And lots of Keyboard typing.. What you see NOW days with Browsers is about 1/100th of what is behind your browser.
IF someone wants to Create a Private chat..it isnt to hard. Monitoring “ALL” of this, is a Task from hell..You woiuld need Monitoring on Every computer from Point to point, to even trace this..From the Beginning to the END of a chat channel. Even in the USA you will travel between 4-16 Computer systems to GET ANYWHERE.. Iv experienced SOME of the monitoring done in the past, as playing games or chatting CAUSES LAG, Esp when you hit International Borders..

Example: Look at China and North Korea..TRYING to block ANY AND ALL data..Then trying to monitor it. With all the internet, all the cellphone, all the FORMS of communication there is only 1 way to BLOCK IT ALL.. DONT connect to the system, and RUn an EMP field around the country so no one can communicate with a Satellite.. And a waste of power/energy, and resources..

Every time I hear about a Server break-in, I laugh. WE/CORPS keep trying to cut corners and Limit the number of people they PAY to do a job, and AUTOMATE things..Let the computers do it. Critical thinking IS NOT what a computer does, a Computer is only YES/NO.. There are other ways for a computer to decide, but that is the easiest. And as with being a SNEAKY THIEF, its easy to bypass most of the Alarms.. When you have a HUMAN to bypass, you have someone that can THINK/FIGURE out what MIGHT BE HAPPENING..
I laugh because of HOW advanced we are NOW, and WHY things are NOT done to track and verify WHO is on the other end of a Servers connection.

NOW, back to Encryption..
IF I wanted to HIDE something on the net for 1-many..It would not be hard. NO direct communication involved. AS easy as an Advert/POPUP, that goes around the world. And only a FEW know HOW to see/read it..
How about a designed SITE with Updates, and a Picture that has encoding in it.
Or setting up on a remote server ANYWHERE in the world a FAST burst of data that is triggered (at a time/instance/something happening) and sent to Any place/Everyplace.. If you dont know this trick, Lookup Zombie machines/computers..GREAT for DDOS..

TRACKING and decoding everything on the internet, would take 1/2 the power of the internet.. GET the other countries to help and use THEIR resources to do the job, OR create a BIG/LONG connection to EVERY server on the net.. THEN decode the graphic interface of 5-7 computer languages used AND the old internet.. LET computers SORT it, and HUMANS examine it, and …….. 3-5 to 10 years AFTER the fact..

I dont need to continue, it just gets More and more complicated on WHAT/HOW can be done..ANYTHING can be done, but how much time do you have.

As with ALL WAR, you need people on the ground, to identify the bodies.. Unless we can get someone to Knock on the door and arrest someone, a computer can only Point a finger OVER HERE/THERE/SOMEWHERE ELSE..

Ingot9455 says:

Re: Dont know..

Ah, but once you detect that there is an encrypted transmission, then you hack the beginning point and the end point. That’s how you capture the information at input, before it’s encrypted.

Then your enemy has to keep an offline computer where he does his typing, and does the initial encryption, to feed it into the computer that you’ve cracked and thereby only upload an encrypted file into the transmission.

Then you devise a virus that infects the flash drive that people use to transmit the file from the offline computer to the online computer, like Stuxnet did to the Iranian centrifuge control machines, so that you can infect the offline system and carry the cleartext information to your cracked beginning point.

Then….

Personanongrata says:

James Clapper is a War Criminal

"I do think there is a role to play here in some screening and filtering of what appears in social media," he said.

It isn’t social media that pushes people into committing acts of terrorism.

Terrorists and their sympathizers are but a symptom of the problem not the root cause.

Governments (ie the powerful) that humiliate, emasculate, coerce, militarily occupy, levy sanctions responsible for the deaths of hundreds of thousands of innocents, kidnap, indefinitely detain people with out charge, torture, assassinate and any other of the dirty deeds employed by those in power to keep the down trodden on their knees are directly responsible for the scourge known as terrorism.

If there were any justice to be found in this universe Mr. Clapper and his cohorts would be dragged before a jury of their peers to answer for their war/Constitutional crimes but as we have seen with Mr. Clappers perjury before congress there are at least two separate systems of justice in the US – one system for the politically connected criminals ensconced within government and another for the great unwashed (ie you and I).

More bombs, mass surveillance and the unicorn solution of compromised encryption algorithms is not the solution – they will only deliver the same bloody results.

Removing the occupying armies and the central banks responsible for the neo-colonialism and the deaths of millions of innocents in the Middle East and Africa would be a good place to start.

Anonymous Coward says:

Re: James Clapper is a War Criminal

would be a good place to start.

If people would realize that’s not the intent to begin with, that those in power just want more power, those with money just want more money, and those with control just want more control, you’d be halfway to fixing the real problem.

They don’t do this to play theatrics, they know the vast numbers of sheep won’t do anything about what they do, this is specifically designed to find the other 1%’ers who WILL do something about it, before they become a threat to those in power, so they can be dealt with. The rest is just a show for the powerless 98% that standby while any hope of salvation evaporates before their eyes.

Yes, "Never attribute to malice what can be attributed to stupidity", but at the same time: "Never attribute to stupidity, what should be attributed to malice." If they have done anything in these last few decades, it’s prove that they are not stupid, we are.

That One Guy (profile) says:

At least be consistent you dangerous fools

What really annoys me is how they’re not even consistent in their message.

On one hand they say the tech people are brilliant and know what they’re doing, so clearly they should have no problem doing this, yet at the same time they basically call everyone in the field lying idiots by dismissing the repeated statements about how they’re not just asking for the difficult, not the extremely difficult, but the impossible.

So which is it, are the ‘nerds’ lying buffoons who clearly don’t have the knowledge to be able to do it, or are they brilliant individuals who are smart enough to know that you’re asking for the impossible?

At this point my assumption is that both of them know that they’re asking for the impossible, and that even trying poses a huge risk to the public, but they don’t care, either from a stubborn refusal to admit to being wrong(the better option sadly enough), or because they simple do not care about the threat what they’re asking for would pose to the public.

Anonymous Coward says:

Re: At least be consistent you dangerous fools

So which is it, are the ‘nerds’ lying buffoons who clearly don’t have the knowledge to be able to do it, or are they brilliant individuals who are smart enough to know that you’re asking for the impossible?

It’s perfectly possible to believe that people are extremely intelligent and also lying to you. There’s nothing requiring that liars also be idiots. Particularly when your rhetoric is, in part, based on the narrative that the tech people are the enemy of law enforcement and national security. Then it becomes easy to claim that all of these really smart people can do this, but they claim they can’t because they hate us and therefore we need to pass laws forcing them to do this.

Do these people actually believe that? I wouldn’t bet on it.

That One Guy (profile) says:

Re: Re: At least be consistent you dangerous fools

Fair enough, I’d forgotten just how antagonistic the relationship they’ve got towards the tech industry can be/is, so I suppose it is possible to think that the tech people can do it and are just lying about it, if you assume that everyone in the field is lying.

I don’t believe that’s what they actually believe, but I concede that it is possible for both positions to be true in a fashion under the right mindset.

JoeCool (profile) says:

Re: Re: Re: At least be consistent you dangerous fools

90% of the problem is that these people have one segment of the tech industry not only telling them it’s possible, but trying to get them to buy their snake oil. I’m referring to the bullshit/con-artist “techs” who sell old ladies subscriptions to a web-based “security” app that magically monitors and clears their computers of anything harmful. There’s always SOMEONE willing to sell-out their fellow man for an easy buck, and selling it to the govt idiots has always been one of the easiest sells. People like Clapper simply aren’t smart enough to distinguish bullshit from truth, especially as they have had so little to do with the truth over the years.

Lawrence D’Oliveiro says:

Why Don’t The NSA Do It?

If the Government is so keen on a workable back-doored encryption system, why don’t they come up with one? The US Government employs the NSA, which (allegedly) has the largest and brightest pool of crypto talent on the planet. If anybody has the necessary hashtags to come up with such a scheme, wouldn’t it be them?

Maybe President Trump can issue an Executive Order to that effect—could that be the missing sprinkling of magic pixie dust that is needed to kick-start the process?

Anonymous Coward says:

Re: Why Don't The NSA Do It?

If the Government is so keen on a workable back-doored encryption system, why don’t they come up with one?

They did!

That gave us:

  • the Clipper chip;
  • 40 bits export grade ciphers;
  • that broken random number scheme bribed into a NIST standard;
  • Intel RDRAND instruction that can’t be audited;
  • Intel Management Engine that can’t be disbled.

I’d say they are making progress…

That One Guy (profile) says:

Re: Re:

Well obviously after they break real encryption and force people to use the Government Approved ‘Encryption’ the next step is to make using any working encryption illegal, once and for all stopping the ability for terrorists to have private, long-distance conversations. I mean really, terrorists might have no problem murdering people for their aims, but it’s not like they’d break the law in order to use working encryption.

It’s a fool-proof plan really, and all it will cost will be the safety and security of the entire country, a sacrifice they are more than willing to have the public make.

Ed (profile) says:

Ned to try a new narrative

It is obvious that our glorious leaders just don’t buy the “it can’t be done” argument. Time for a new argument from the tech community.

I suggest this; There is no unbreakable encryption, the problem is encryption that takes 10 billion years to break using current technology. An obvious solution presents itself – make computers 100 billion times faster. Then encryption can be broken in a little over a month.

We need to call on governments to invest billions of dollars in basic research, so that we can make computers faster and fight terrorism!

This would have the advantages that it shifts the narrative into something our glorious leaders can understand ($$) and that more basic research tends to benefit everyone.

Omit to tell them that, when they actually develop the new quantum supercomputer, I will just add a couple of digits to my passwords and they will have to start all over again.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...