back to article Remember the Clipper chip? NSA's botched backdoor-for-Feds from 1993 still influences today's encryption debates

More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still having an impact on the modern encryption debate. Known as Clipper, the encryption chipset developed and championed by the US government only lasted a few years, from 1993 to 1996. However, the project …

  1. Yes Me Silver badge
    Headmaster

    Old news is good news

    Key escrow is fundamentally broken and can't be fixed. RFC1984 explains why.

    1. bombastic bob Silver badge
      Thumb Up

      Re: Old news is good news

      A BIG THUMBS UP for the mention of RFC 1984

      1. Tom 38 Silver badge

        Re: Old news is good news

        Can we have 1996 ISOC back please.

    2. Michael Wojcik Silver badge

      Re: Old news is good news

      Valuable as RFC1984 is as a position statement, I don't think it does explain why "key escrow is fundamentally broken". It expresses a position which is fundamentally opposed to key escrow, but while I agree with that position for most applications,1 I don't see how it constitutes an argument that escrow is "broken". In cryptographic research, "broken" is a term of art that implies a rather stronger test than "no sir, I don't like it".

      1There are a number of specialized applications where key escrow is a useful aspect of the protocol, under certain threat models that are reasonable for those applications. Filesystem encryption of organization-owned equipment, where keys are held in escrow by the organization's IT department, is one example. Private communication among private citizens is not one of those applications.

  2. HildyJ Silver badge
    Facepalm

    It just goes to show

    What the intelligence community lacks in intelligence they make up for in stubbornness.

    And don't get me started on politicians being "tough" on a rotating group of "bas guys ".

    1. LDS Silver badge

      Re: It just goes to show

      Put yourself in their place. For years their work was made easier by the large amount of intelligence and evidence they could gather by simply monitoring communications - since the telephone became a easily accessible medium - and then accessing data stored electronically when not on other more accessible media.

      It's quite clear their job will become far more difficult and they will need to adapt and work a lot more, and in more intelligent ways, to achieve the same results.

      Evidently the advantages of encryption outweighs the disadvantages - like the advantages of transport vehicles outweighs the fact they can be used to commit crimes more efficiently than without - and you can't ask for cars able only to make at most 4mph so a cop can follow them by foot, even when they get away with Reg journos laptops. Nor you can ask for any car to be left open so a cop can look inside - when obviously crooks will do the same.

      Authoritarian regimes will solve the issue mandating the installation of "government applications" that will have total access to the system data, and mandating data storage on government approved systems - which will give them access. Trying to game the system will have dire consequences, of course.

      Others may be more subtle - for example there has been a stir when the an Italian minister proposed to extend the "digital identity" system (called "SPID") used to access government services, to other services including private ones (i.e. banking, but not only, even your Amazon access, for example).

      Beyond the big issue of having all eggs in one basket (so if your account is compromised everything becomes accessible at once), you would need to trust a government issued key with the assurance they didn't keep a copy, for matters that should be not within government reach without a warrant - but they did try to make it appealing by extolling the virtues and easiness of a single sign-on system....

      1. jmch Silver badge

        Re: It just goes to show

        "For years their work was made easier by the large amount of intelligence and evidence they could gather by simply monitoring communications"

        I see nothing wrong in forcing law enforcement agencies to either return to their roots and rely on boots-on-the-ground for intelligence gathering. This also implies that limited resources are focused on high-value targets.

        Detailed intelligence gathering including all sorts of electronic real-time high-tech surveillance are always available for a SPECIFIC target and approved by a warrant.

      2. Doctor Syntax Silver badge

        Re: It just goes to show

        "For years their work was made easier by the large amount of intelligence and evidence they could gather by simply monitoring communications"

        It seems that every terrorist incident over the past few years, at least as far as European experience has been concerned, has been committed by someone known to the security services. The problem has been that, through lack of staff time, they have been ignored in favour of other targets. If the services are unable to process what data they have already it seems very unlikely that they'll be helped by having more.

    2. Anonymous Coward
      Anonymous Coward

      Re: It just goes to show

      Quantum Intelligence Community - As soon as someone observes their intelligence, coherence is lost!

  3. vir

    Perhaps Not Actually About Security...

    "the pace of innovation and unpredictability of how technologies will develop makes it incredibly difficult to legislate an approach to encryption and backdoors"

    But that doesn't stop legislators from walking out of a presentation on how the concept of a "secure" backdoor is mathematically impossible - literally arational - and throwing their collective hands in the air and saying that "we can put a man on the moon but we can't figure out a way to read a text message" or something similar. Since it's such a convenient way to cast the tech industry as the "bad guys", the stalwart protectors of child pornography, terrorism, and drug trafficking, I'm not entirely sure that the legislators don't view this perennial conversation as a way to burnish their tough-on-crime credentials and get an easy jab in at Silicon Valley.

    1. elDog

      Re: Perhaps Not Actually About Security...

      It's also about telling the little people (us) that the gummint is serious about security, while being totally willing to subvert it for their own porpoises.

      1. Jimmy2Cows Silver badge

        Re: Perhaps Not Actually About Security...

        Well that sums up every government everywhere. They want their stuff secured, everyone else's stuff crackable. And of course that's impossible, as any halfwit can see.

        1. DJV Silver badge

          "that's impossible, as any halfwit can see"

          Well, that explains why every politician/minister etc. is only a quarterwit or, more likely, far less!

          And, going by the complete numpties currently in power on both sides of the pond, it probably takes a collection of at least 6 of them combined together to accumulate as much as a tenthwit!

          1. Yet Another Anonymous coward Silver badge

            Re: "that's impossible, as any halfwit can see"

            Remember that the intelligence of a group of politicians decreases with the number present.

            It's probably quantum

          2. Doctor Syntax Silver badge

            Re: "that's impossible, as any halfwit can see"

            "And, going by the complete numpties currently in power on both sides of the pond, it probably takes a collection of at least 6 of them combined together to accumulate as much as a tenthwit!"

            I see you're an optimist.

    2. JCitizen Bronze badge
      FAIL

      Re: Perhaps Not Actually About Security...

      Seems to me the easiest solution is to do just what criminals do when they want information on a target that uses encryption. Simply get a virus/malware on the target system, and surveil the subject that way. All the LEOs would have to do is get a court order to place this "malware" on the target's system to gather the required information. Time limits could be ordered by judges, and the malware could self destruct along that court's guidelines. Am I missing anything here? Encryption has not stopped nation state bad actors, why should it stop the Law Enforcement Officers?

  4. Old Used Programmer Silver badge

    Same old, same old...

    Require the government--internally, including FBI, NSA, etc. and military--to use the same encryption they want to foist on everyone else.

    1. bombastic bob Silver badge
      Unhappy

      Re: Same old, same old...

      good luck with that - politicians *ALWAYS* exempt themselves [and their pet agencies] from the restrictions they place on "the rest of us"

      1. A.P. Veening Silver badge

        Re: Same old, same old...

        I am perfectly willing to grant them exemption, if they don't want to, they don't need to use encryption at all.

        1. Yet Another Anonymous coward Silver badge

          Re: Same old, same old...

          And grant the ability to all other countries. The Saudis need to track terrorist journalists using American phones so they need access, same for our friend Putin

          1. A.P. Veening Silver badge

            Re: Same old, same old...

            Don't forget the North Koreans, they need to track CIA "officers".

  5. Anonymous Coward
    Anonymous Coward

    here we go again

    "In the latter case, however, the lessons appear to have been forgotten, ..."

    This is what disturbs me a lot. It's only 25 years and every MP seem to have forgotten the lessons of Clipper.

    So, 25 years after, same problem, same proposed solution and ... same outcome !

    1. bombastic bob Silver badge
      Mushroom

      Re: here we go again

      the same idiots whine about GUN CONTROL too, same logic.

      Only now, in SOME places, it's even *KNIFE CONTROL*. Go fig.

      Nothing like a "solution" in search of a "problem" to EMPOWER POLITICIANS and CONTROL OUR LIVES EVEN MORE...

      Just keep the source files for *STRONG* public key encryption available to EVERYONE AROUND THE WORLD, and make it SO easy to use with FREE open source applications, specifically ones that do not track nor advertise, that the genie can NEVER be put back into the bottle, and ANYONE can have strong, un-crackable encryption IN SPITE OF *THEM*.

      posting to USENET, open source OS projects, and the various www archive servers is a good start...

      [at one time the BEST encryption resources were FTP sites in FINLAND - back in the 90's]

      it would be somewhat trivial to write an Android application to provide strong encryption for use in a mounted file system using existing algorithms, let's say PGP and IDEA for starters. All it would need to do is look like an external storage device plugged in via USB. Not that hard to do with Linux. I think there are already file-baed mountable file system drivers already for Linux. Just adapt one of those... run it in userland (like Fuse FS) and voila!

      dunno if you'd have to jail-break a phone to do that... but it would certainly be possible if you did.

      /me has experimented with native libs on Android already. The next step is a userland file system like Fuse FS and the ability to mount them. Then *ANY* application could store files in an encrypted file system with strong un-crackable non-back-doored protection, a HUGE hash-based key, and maybe even biometrics and/or bibliograhical pass phrases - your favorite book chapter X and paragraph N, as an example!

      1. TriathlonMan

        Re: here we go again

        I know I shouldn't rise to your trolling, but after your misleading leading statement, you actually made some good points. Gun control has been demonstrated to be effective in reducing death rates everywhere it has been introduced, even in the US. Your opinion doesn't change the facts.

        1. Anonymous Coward
          Anonymous Coward

          Re: here we go again

          Fake news from someone who is unaware of John Lott's book -

          "More guns, less crime".

          Gun deaths have gone down when things like "must issue" concealed carry has been put in law.

          Fact, checkable - and not in dispute by anyone in touch with the real numbers.

          The tools don't control the motivation of sick humans either way. There was even a move to ban glass beer mugs on that side of the pond due to their use to disfigure, and north, one to ban baseball bats. How far does it have to go before admitting humans are messed up and once even used rocks and sticks to do harm to one another -

          1. Old-dog

            Re: here we go again

            John Lott work Is a biased, unreliable one.

            ”Fabricated evidence in the first edition, cited as "national survey" which the author admitted could not be sourced, see Adam Winkler in "Gunfight". Author was also a Olin Foundation recipient, a paleo-conservative foundation. This being the third edition, I'm hopeful that these errors were corrected but I'm not sure, hence the one star."

            1. Anonymous Coward
              Anonymous Coward

              Re: here we go again

              Mr. Lott's book is chock full of undeniable facts and is a great read. It relies on far, far more than one "national survey" (which is hardly "fabricated evidence"). It is not "biased" nor is it "unreliable" and using the writings of a leftist California lawyer to attempt to prove otherwise is simply intellectual dishonesty.

              But, the article was about Clipper and its affect on today's encryption arguments. The Clipper chip was pushed quite hard by the Clinton administration. The scheme was faulty then and continues to be faulty today. The only people who push Clipper-like systems and techniques are the mass surveillance types that can't stand people having private thoughts and seek to control everything and everyone.

          2. Adelio Silver badge

            Re: here we go again

            Well the USA seems to have many times more gun deaths that the UK, taking into account the population size.

            I think the UK has about 60-80 deaths for the WHOLE of the UK per year. U.S.A about 39,000. Now the UK has a population of 63 milion and the USA abour 260 million. So you figure the stats. The statement that guns saves lives seems to be a load of BS.

            Now If Americans are happy with the death rate (at least it keeps the population down) then so be it. but NEVER try and make out that "Guns save lives".

            I am not saying "ban all guns" but as people in the USA keep spouting "It not the guns that kill it's the poeple". True so why allow so people who clearly should not be allowed to have a gun the "rtight" to hold one. Being able to own a firearm, (which is a VERY dangerous weapon who sole purpose is to KILL) should be a privilege NOT a right!

        2. scrubber
          Headmaster

          Re: here we go again

          "Gun control has been demonstrated to be effective in reducing death rates everywhere it has been introduced"

          Not in the UK where we have been increasingly restricting gun ownership while homicide rates have increased from 300ish per year in the 1960s to 800 per year in the 2000s. Figures are from the ONS. Correlation clearly does not equal causation, and it is very possible that homicide rates would have been even higher with less gun control, but we should be careful making blanket statements.

          1. Adelio Silver badge

            Re: here we go again

            Overall homicide rates are a different thing to total gun deaths and suicide by gun deaths.

            so we have 800 homicides in the UK per year, the USA has for GUN crimes alone (2017) 23,854 were by suicide and 14,542 were homicides.

            UK Homicides per 100,000 - 1.20 total = 803 (2017)

            USA Homcides per 100,000 5.30 total 17,284 (2017)

            However you slice it the USA is a lot less safe as a place to visit or live than the UK.

            Note: I have been to the USA only once (Mainly N.Y.) and ALL the people were freindly and I will be visiting again. It is just the American obsession, because that is what it is, an obsession, with owning guns and sometime LOTS of guns that is unsettling. I have no idea how many people have been "saved" by owning a firearm in the USA but i am sure a lot more have died because of one.

            1. Charles 9 Silver badge

              Re: here we go again

              You HAVE to consider overall rates because removing low-hanging fruit can simply make people seek other trees. Consider that neither the UK nor the US are very high in the per-capita suicide rates overall while two of the worst (Japan and South Korea) have strict gun-control laws. If they can't shoot themselves, they'll throw themselves in front of cars and trains, off of buildings, or just poison themselves. Frankly, crime rates and suicide rates can probably correlate more to environment and culture than anything else (the countries with the highest suicide rates, for example, are either broken socially or have crazy high social standards for success--for overall homicide rates, look for hotspots like southern California that inflate the stats for the rest of the country).

            2. JCitizen Bronze badge
              Alert

              Re: here we go again

              The 2nd Amendment isn't about the abuse of people's rights, it is about the undeniable reason to have that right - just because dirt bags abuse them doesn't excuse removing them. It is about having the tools to avert tyranny, and that can happen quickly in history - the US came close during the Great Depression; it could tip over in the future - in fact many think Trump is the US version of Hitler - no US citizen wants to give up all their rights just to be safe - it ISN"T worth it!

              Besides this fact my friends and relatives across the pond tell me it is easy peasy to get an illegal firearm. What good was having the law if any bad guy can get a gun if he wants too? There is a data map of the world that shows that the US is not the dangerous place in per-capita deaths by violence committed by firearms that many would have you believe. In fact it is the more dictatorial countries that not only outlaw personal firearm possession, but will do so violently at the drop of a hat. Many of them are a hot bed of violence by firearm, compared to the rest of the world.

              https://jaymans.files.wordpress.com/2015/03/violence-map.png

      2. jmch Silver badge

        Re: here we go again

        " GUN CONTROL too, same logic.

        Only now, in SOME places, it's even *KNIFE CONTROL*. Go fig"

        Straw men, much? Not really comparable!

    2. bombastic bob Silver badge
      Devil

      Re: here we go again

      25 years ago there were FTP sites in Finland that had source code and various white papers [in English] on encryption methods.

      Dur, dur-dur-dur. Dur-dur. Dur-dur (can't touch this)

      I propose something very very similar, "in the cloud" or just EVERYWHERE in EVERY open source OS distro that exists, as a free GPL'd application with no back doors or tracking, etc.. kinda like libdvdcss [which for some reason is no longer easily available for windows... but certainly there for Linux and FreeBSD!!!]

      1. Charles 9 Silver badge

        Re: here we go again

        What's to stop the open-source projects just getting sabotaged on the sly?

        And, BTW, that riff really belongs to Rick James (She's a Super Freak, Super Freak, so Super Freaky...).

    3. Anonymous Coward
      Anonymous Coward

      Re: here we go again

      Politicians are never interested in learning from the past - just pushing regardless on with their own interests

      Remember we had one secretary of state for Northern Ireland who admitted she didn't know anything about the Good Friday agreement

    4. Mike Richards Silver badge

      Re: here we go again

      I'd put good money on 99% of them never having heard of it.

      And for the remaining 1% to say that technology has moved on so much that everything must have changed.

    5. Doctor Syntax Silver badge

      Re: here we go again

      "every MP seem to have forgotten the lessons of Clipper."

      They can't forget what they never knew.

      1. Yet Another Anonymous coward Silver badge

        Re: here we go again

        No they learned the lesson that they couldn't get it past a president and congress that were susceptible to reason - that little impediment no longer applies

  6. John Sager

    MPs haven't forgotten. They have never known in the first place. They are also unlikely to learn, as it's boring tech stuff and they are so busy.

  7. Terje

    Politicians have forgotten that it's not there job to give police etc anything they want but to tell them they can't have it and have to make do with what they have. No police force (or similar) in history have ever thought they have had enough rights and always complain that they need to be allowed to do X or that no one should be allowed to do Y because it makes it harder for them. if they are allowed anything they want we would end up with random people dragged off the street and tortured just because they maybe knows of some wrongdoing somewhere far sooner then anyone can imagine. The job of politicians is to tell them that they can't have everything they want and make sure they do get a painful smack if they step out of line.

    1. Uncle Slacky Silver badge
      Big Brother

      Police work is only easy in a police state.

      1. BebopWeBop Silver badge
        Devil

        Not even there.

  8. Chronos
    Facepalm

    The point

    The argument boils down to simply this: They (collectively) have an abysmal record with keeping anything secret and any backdoor would compromise a static system to the level of the vigilance of the lowliest .gov spook with an IQ in double figures, an appointment with Ms Whiplash and a pen drive left in a taxi.

    It. Won't. Work. You either have total (to the extent the current technology allows) encryption or you have none.

    We also don't trust 'em but that's not a technical reason. Remind me again how many rozzers/CSOs have been found misusing the PNC and then try to tell me that this proposal would not be used on anyone whose face doesn't fit - before it falls over, leaks and ruins everything anyway.

  9. Adair Silver badge

    In the end ...

    isn't this a philosophical issue, and a long running one?

    After years of bitter violence and fear across Britain and Europe Elizabeth I had the wisdom to say, "I have no desire to make windows into mens' souls" and gave people space (relatively) to think and believe as they wished, without 'the state' feeling the need to intrude or to 'know'.

    Politicians and societies need to make fundamental decisions about the boundaries of 'state' interference and knowledge, accepting that there are places they will not and should not go, and accept the cost of doing that for the sake of the greater good.

    On the whole we seem to lack politicians (and others) with the capacity or the will to be big enough to step back and consider the bigger picture and put issues of the day into some kind of context.

    Nah, power, money, fear and loathing - much more fun.

    1. A.P. Veening Silver badge

      Re: In the end ...

      Thanks for bringing that up, as you posted it is also a philosophical issue (next to the technical impossibility) which a lot of politicians also don't get.

    2. Charles 9 Silver badge

      Re: In the end ...

      "Politicians and societies need to make fundamental decisions about the boundaries of 'state' interference and knowledge, accepting that there are places they will not and should not go, and accept the cost of doing that for the sake of the greater good.

      On the whole we seem to lack politicians (and others) with the capacity or the will to be big enough to step back and consider the bigger picture and put issues of the day into some kind of context."

      Because can you say political suicide? What do you do when the voters demand unicorns?

      1. Adair Silver badge

        Re: In the end ...

        'What do you do when the voters demand unicorns?'

        Tell them politely to STFU, treat them as adults and explain simply and clearly that unicorns are fantasy beasts, and that for the well being of as many as possible we will be doing this, in this way because we have sat down and listened and thought and are determined to discharge our responsibility to serve the needs and well being of the people of the nation (regardless of whether they voted for us or not).

        Some will not like it.

        But then you can't please everyone.

        1. Charles 9 Silver badge

          Re: In the end ...

          "Some will not like it.

          But then you can't please everyone."

          But if you don't, you end up with people like Donald Trump up top. See the problem? If the voters demand unicorns and you tell them STFU, the next person to come along with a horn glued to a horse gets people voted out, and then you get what we're seeing now: solid proof that your approach doesn't work.

          1. Adair Silver badge

            Re: In the end ...

            There's no arguing with stupid. We either have a system that ensures some kind of dictatorship (benign or otherwise); or allow that 'stupid' will occasionally/often win the day and live with the consequences.

            As far as I am concerned, the latter is preferable, but that doesn't excuse 'politicians' from a duty of honesty, integrity, truth telling, and being 'servants' to the general well being, not masters (which obviously takes us off into dictatorship territory).

            Trump et al maybe the embodiment of lowest common denominator politics, but at least we all get to experience the consequences and have the 'freedom' to respond and do something about it (however much we may wring our hands and pound our keyboards in outraged disgust and despair).

            1. Charles 9 Silver badge

              Re: In the end ...

              "We either have a system that ensures some kind of dictatorship (benign or otherwise); or allow that 'stupid' will occasionally/often win the day and live with the consequences."

              Consequences including taking the rest of us with them. Thus why you can't escape American imperialism or Facebook: because you get caught up by Stupid even without your intervention. So I say you MUST find a way to argue with Stupid. Otherwise, you're basically conceding we're stranded up the mountain, staring up at the avalanche and realizing the only option left is to curl up and pray.

              1. Adair Silver badge

                Re: In the end ...

                "... conceding we're stranded up the mountain, staring up at the avalanche and realizing the only option left is to curl up and pray."

                You've nailed reality there, I think. After ten thousand years plus of human civilization there is no evidence that we are any better at dealing with stupid (including in ourselves) than we ever have been. It's that 'human condition' thing.

                Pray - yes, that conversation is always worth having. Curl up - never! Stand and face the avalanche and keep heading in the opposite direction. Stupid is as stupid does, but it is a choice. Jeremiah never gave up speaking the truth, even as stupid carried him away to the doom he was warning about.

                1. Charles 9 Silver badge

                  Re: In the end ...

                  If a tree falls on someone's head and no one else is around, does anyone really give a soaring screw?

                  Or, to put to mind Rincewind, "You still wind up dead."

    3. Anonymous Coward
      Anonymous Coward

      Re: In the end ...

      It goes further back than that.

      When the government is quite unobtrusive, people are indeed pure. When the government is quite prying, people are indeed conniving. - Lao Tzu

  10. Captain Scarlet Silver badge
    Paris Hilton

    The FBI is the only organization on Earth

    I thought GCHQ also was complaining that current encryption methods were to strong?

    Feel correct me if what I remember is incorrect.

    1. Anonymous Coward
      Anonymous Coward

      Re: The FBI is the only organization on Earth

      iirc the NCSC is actually keen on encryption and are probably as frustrated with the numpties in westminster as we are

    2. Peter2 Silver badge

      Re: The FBI is the only organization on Earth

      The chaps from GCHQ that briefed parliament at one point appeared utterly unconcerned about the uptake of encryption by way of VPN's etc when questioned.

      This leaves two possibilities. Either GCHQ had sent somebody utterly unbreifed who didn't know this would be a problem, or that they had sent somebody fully briefed that knew that this wasn't a problem.

      Just imagine that GCHQ had a way to break current encryption. Would they be admitting this, or claiming that current encryption was unbreakable? My general view is that it doesn't really matter that much to me, while i'm not 100% certain that GCHQ can't break my encryption i'm not actually doing anything that I need to protect from the government in any way.

      1. terrythetech

        Re: The FBI is the only organization on Earth

        " i'm not actually doing anything that I need to protect from the government in any way."

        Until something you are doing is no longer liked by the government. You seem to be veering towards the nothing to hide argument. We all have something we would rather not be public I suspect. I don't think I have anything that the government might be interested in, but I still don't like that they want to break encryption that I need for e.g. accessing my bank account.

  11. Christoph

    There was another problem with the Clipper chip. How do you persuade people in other countries to use computer kit that the US can spy on at whim?

    "Only the government can decrypt it" - which government? If you mandate it in your country, what do you do about visitors? Force them not to use their own tech?

    Even if you use it among the 'friendly' Five Eyes, they are promptly going to spy on each other.

    What do big international firms do? Their executives are flying from country to country carrying kit that contains extremely valuable information. Which governments where and when can grab that for industrial espionage?

  12. Venerable and Fragrant Wind of Change

    Dilbert

    Some of the people on the Clipper team were so alarmed they secretly briefed opponents of the project, alerting them to insecurities in the design, The Register understands.

    Some of us remember who was that clipper team.

    More seriously, whistleblowers like this are our best safeguard against covert snoops. Which is why govt/TLAs put so much effort into vetting and intimidating people working on sensitive projects, and sometimes get upset at projects and technologies outside their control.

  13. Doctor Syntax Silver badge

    Govts. seem to want the tech industry to develop this magical system for free.

    They have the option of putting their our money where their mouth is and offering the tech industrymoney to develop a workable scheme. Perhaps an initial competition for a contract to develop it. The bulk of the money would only be paid when the result had passed scrutiny by industry experts - who would also scrutinize the competition offerings.

    If they can't get a workable system out of it they might finally reflect on what it was they were wanting and why nobody in the industry has attempted to do it on their own initiative.

    1. DCFusor

      I think it's well established that they are not able or honest enough to be the ones who decide what workable is. As has been shown many times, "Industry experts" can easily be chosen to promote whatever view you want promoted.

      And once money is allocated, the fact that something, however flawed, will be adopted is right around 100%.

  14. Anonymous Coward
    Anonymous Coward

    Backdoors, government approved encryption - all futile....

    .....because anyone with communications to keep secret has some options:

    1. Avoid electronic communications - couriers, dead letter boxes, and so on.

    2. Use private cipher schemes BEFORE the messages enter an electronic channel.

    3. Use channels which do not have end points which are identified with individuals (throw away email addresses, burner phones, comments in El Reg, and so on).

    And before anyone comments that item #2 is widely thought to be "weak" or "very weak", remember that the spooks will take time (maybe a long time) to figure out a private cipher, while the users of the private cipher get real time messaging. Take a look the Beale Papers....one of them still hasn't been deciphered after more than a century!

    See below for a combination of items #2 and #3.

    *

    0Ddq0SrK0nRN0YKN0KjG0aHG1Y391l4f0I9900=8

    0OB103OD1fnI1WZR0j9m1EBD0uBd053h0dn503CD

    0p=B0w9m01fd0a6o0iUJ08gx05gm0G4G06Rx0XQu

    0kWw0XL213TH0OIY1jSu05fB0cFH0WsO1gtw1MFQ

    1OC008$w1L$$1l9W0$rm1ffe00eR0gij06O20piK

    0s=N1ZoL194x0x4g1LWO1CKU1GS10zqb0uWL0k34

    0bb70eI809VQ0jZZ0Ih61KM80DvO14$70PaF1Xup

    15N81WgE03Qh08lW0SOb1bII1fU70SeS006O1W5B

    0zpa07TQ06VS0UaJ0lTp1BCr0f=K14cG11ck1diy

    0iRP0FfH0$en0dlN0qwh1PVK0V8i0TCw0FuD0aoC

    0GYr04xV11Ub0FJt0r7H0T8k1StS0yB50lNA0Xd0

    0VQR0yUx12hd1guB0yXa1hbD0W0Z0W11184$01vE

    1Ome

    *

  15. Frumious Bandersnatch

    what the ...

    Blazes?

  16. TXITMAN

    Found a workaround years ago

    Just invite the Facebook and Google teams to the White House. Once they get their visit arranged the three letter agencies are paired with the appropriate teams at these companies to do the spying by proxy.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021