Richard Clark: the President should create customs inspections for data leaving American cyberspace

Zartan sez, "This might be the single stupidest thing I've read all year. Richard Clark advocates that the president take action to 'increase cyber security' in the absence of congressional action, including literally hilarious (if not so scary) ideas like the following: 'If given the proper authorization, the United States government could stop files in the process of being stolen from getting to the Chinese hackers. If government agencies were authorized to create a major program to grab stolen data leaving the country, they could drastically reduce today’s wholesale theft of American corporate secrets.' 'Under Customs authority, the Department of Homeland Security could inspect what enters and exits the United States in cyberspace... And under the Intelligence Act, the president could issue a finding that would authorize agencies to scan Internet traffic outside the United States and seize sensitive files stolen from within our borders.' I would love to know how he would propose Homeland Security could 'inspect' what is leaving the US in 'cyberspace' and 'seize' sensitive files outside our borders. Unfortunately this guy is somewhat influential."


  1. The customs and border protection folks who already do this, have not responded to my questions about proactive defense of stored media.  If my USB devices attack devices that are unknown to them is that illegal or does it require disclosure at a border?  No answer yet.  My understanding legally is that it is impossible to charge such a thing with a crime.  But who knows.

    1. I propose counter-legislation that all legislators need to pass a basic competency on how the Internet and modern technology work.

        1. It’s true. Although… my new legislation is targeted at Internet Idiots. Yes, I agree we need a bill with a few co-sponsors regarding BLANKET IDIOCY, but then I am afraid that would include the Supreme Court and they would surely strike it down.

  2. I thought it was the start of a trend when some folks started running their April Fools Day jokes a day or two before April 1st, but the NYT is clearly pushing in the opposite direction and printing their hilarious satire a day or two afterward.  Soon we’ll be calling it April Fools Week.  Bonus points to the editors for somehow persuading Richard A. Clarke to sign his name to such an obvious hoax!

  3. American companies have already done a largely-successful beta of the technology required for this — the Golden Shield Project. A US implementation, sadly, doesn’t seem that far fetched.

    1. The Golden Shield is the name for the Great Firewall of China. I don’t know if American corporations have a similar project but I doubt they’ve given it the same name!

      More to the point, the Chinese system is not designed to stop data from going out, it’s designed to stop the Chinese from bringing data IN! What Clarke is suggesting is vastly different, it basically involves a manual inspection of every file being passed on to a non-US IP! It’s the most naive thing I’ve ever read from such a high-ranking US government official (and an MIT graduate as well!) Setting aside the sheer impossibility of checking every packet of data being passed around the internet across national borders, the fact that a determined hacker could sidestep this using a US-based proxy and a VPN, and the fact that data could be encrypted to make it harder to know what’s being transmitted, it’s incredibly naive to believe that government spooks would be able to tell legitimate data transmissions from hacks (an email with product specifications from a US company to their Chinese partners?) and that they’d even be able to identify corporate espionage when they see it (because it clearly all comes in emails entitled “Top Secret Corporate Research! Do Not Open!”)

      1. “The Golden Shield is the name for the Great Firewall of China. I don’t know if American corporations have a similar project but I doubt they’ve given it the same name!”

        I think you missed some intentional irony in the post you responded to.  He’s making an allusion to US companies helping to build the Great Firewall of China.

  4. So we’re going to protect against Chinese hackers by adopting the Chinese government’s internet policies?  Is this like giving up your freedom to protect your freedom?

    1. You see… if we become China then there’s no longer any reason for China to hack itself, amirite?

    2.  We’re just testing the validity of the hypothesis “They hate us for our freedoms” by systematically removing them and seeing if they still hate us. I wonder where the control group is housed?

    1. Naw, just extreme ignorance. Dick is probably under the impression that the interwebs is a series of tubes, filled with lots of Manila file folders. The government can get one of those amusement-park claw things to grab the folders as they whizz by.

      …and in other news, The Bad Guys™ continue to use VPNs, stenography, and good ol’ file encryption to thwart government efforts at snooping and censorship.

        1.  Yes.  Who then resigned in 2003, claiming that the Bush Administration (and to a lesser extent, Clinton Administration) had not done enough to crack down on both terrorists and cybersecurity before 2001, and that this allowed 9/11 to happen.

          Thanks to partisanship, people who disliked GWB adopted him as some kind of hero, without stopping to notice that what he was really saying was that Bush and America were too soft on terror and we needed to step up our response.  Any line of attack against a political opponent, though.

          1. Thanks to partisanship, people who disliked GWB adopted him as some kind of hero, without stopping to notice that what he was really saying was that Bush and America were too soft on terror and we needed to step up our response.  Any line of attack against a political opponent, though.

            Yeah, Clarke could not possibly have ever been right about anything ever because his politics are different from yours.  Good thinking.

  5. The cloud is magic — it slices, dices, makes julienne fries, and even gets those pesky red-wine stains out of your shirts. I’m sure the bright sparks who gave us the TSA will be equally up to the task of seizing intangible objects from the Series of Tubes.

    To the cloud!

    1. Nail on the head TSA needs to be expanded into becoming the Internet Border Patrol. When Phase 1 fails to be effective, Phase 2 can explore requiring servers to be inside full body scanners at all time in an attempt to see catch the naughty bits.

  6. This is nuts. In spite of his job positions in Republican administrations, I actually liked Clarke. He had a much better understanding of the terrorist threat before 9/11 than anyone else in the Bush administration and was chastised for it. He was the only one who seemed to have it right. Too bad.

    1.  Err, his position all along was that the Bush Administration wasn’t doing enough to stop terrorists, and he always included “cyberterrorists” in that.  How did he ever have it right?  Praising him was like praising the FBI agents that thought that “obviously” any Muslim taking flight lessons should have been locked up, and that would have prevented 9/11.

      People who mindlessly cheer on “the President ought to be tougher on terror” are as ridiculous when they’re doing it because they hate Bush as when they do it when they hate Obama.

      Having it right would have been admitting that sometimes rare events happen.

      I blame idiots like Clarke who asserted that with only more military and intelligence and control, we could have prevented 9/11, with instilling the paranoid ethos that led to the TSA, scaring both Republicans and Democrats.

      Yet so many people cheered him just because he was anti-Bush.

      1. I did NOT cheer him on because he was anti-Bush ( I, myself, certainly knew Bush was an idiot). At the time, Clarke was the only one who seemed to have a clue. I followed our government’s reaction to the events with horror. I utterly resent the Draconian measures being taken against terror by officials who crush our liberties out of fear and misunderstanding on a global scale. Richard Clarke was a person who suspected what was likely coming and was ignored, even detested, by the Bush White House. In no way do I support the official reactions to terror or the ongoing misdirected efforts that hurt us.

      2. I blame idiots like Clarke who asserted that with only more military and intelligence and control, we could have prevented 9/11,

        Clark didn’t tell them to shut down the USA, he just wanted them to not ignore the dire threat (which it was and which they did).

        Clark also was one of the few people that tried to tell idiot Bush that Iraq wasn’t responsible for the attack but it fell upon deaf ears.

        I’m not going to defend Clark on everything, but, geez…  You have a very skewed perception of what the man did with Bush, etc. before and after 9/11.

        Let’s face it.  He warned the Bush administration with an urgent, specific memo that was ineptly (or otherwise) ignored.

        Don’t believe?  It’s been declassified.  You can read the original yourself here: 

        What did Bush do?  He went on a MONTH long vacation…  I’m not saying they should have done everything he said in that memo, but at least do something when it’s that URGENT.  Not to mention the multiple other warning via the CIA, etc.

        The CIA director later testified that not once did Bush discuss the warnings with anyone during his month long vacation before the attacks.

        He warned the Bush administration that Iraq was NOT responsible which was ineptly (or otherwise) ignored.

        What did Bush do?  Invaded Iraq.

        We didn’t “cheer Clark on” because he was anti-Bush.  That’s simplistic horseshit.  We listened to the man because of his honesty.  Which was an incredibly rare thing to come out of the Bush administration, that’s for sure.

        Some of many sources:

        And, you’re pissed at Clark, huh?

  7. As most of the relevant material that I read online is produced in these United States of America this is not such a bad idea.

    I’ve often thought that we need a hard stop air gap between our network and that of our enemies, namely China and Russia. Fully integrating the internets of the USA, GB, Australia, Ireland, and New Zealand and perhaps the rest of NATO while time lapsing the rest of the world wouldn’t really affect anyone except criminals.

    Equating this sort of network protection with MAFIAA nonsense is pretty thinly supported by the facts on the ground.

    1.  Can’t tell if trolling, or genuinely stupid…

      But, on the other hand, transmitting those time lapsed exabytes of data from Evil Rest of World-er-net the Red White and Blue Unicorns and Rainbownet across the air gap will remedy the chronic unemployment of typists in the YouEssAy. And all those emails from Apple and co to their Chinese factories will do wonders for pigeon post shares.

    2. you’re under the assumption that the UK WANTS to be included with the US? lol. With your crumbling civil liberties, your 1950’s approach to women, homosexuality, race and religion – the sooner you close off behind that there wall y’all, the sooner it will be safe for us to come out and play.

  8. It’s much more politically correct to talk of ” customs inspections” and “seizing sensitive stolen files” than it is to talk of the ‘Great Firewall of America’ and ‘hacking’. They amount to the same thing though – cutting the US off from the world (or as they see it, the world from the US) and undertaking cyberattacks on foreign countries.

    Imperial ambitions.

  9. CyberSecurity the new battle cry to cover up spying on the American people.

    You too can be a CyberSecurity expert, just dream up something wild involving a computer and attach it to a pile of cash to be delivered to a congresscritter.

    I swear with enough money we could get them to pass laws outlawing famous movie computers & robots.
    The Anti-GORT bill of 2012 will keep us safe from alien invaders stealing our precious copies of Ke$ha’s newest single!!!!

  10. Is it possible that he has had an undiagnosed stroke or something? He can’t possibly misunderstand the technical ground of data networking thoroughly enough to believe what he seems to be saying here.

  11. If you do that, how will the Asians be able to watch on YouTube and laugh their  pointy hats off at the USA as it slides backwards into the middle ages?

    Seriously – is the CDC in on this? There is an uncontrolled epidemic of stupidity surging through the republican party and south of your country. I believe it’s airborne, spread at rallies and debates. Patient Zero seems to be some poor fellow called George, but the real typhoid Mary seems to be some virulent old Australian codger called Murdoch.

  12. You just put a clear section in the internet tubes and have a person monitor what’s going on, if some stolen documents (they flash red) are seen, the pipe is closed off and the data removed.

    1. satn, the sad thing is that your idea is probably fairly close to what Richard Clarke is imagining.

    2. On busy days it could get pretty madcap, like Lucy and Ethel in the bottling plant. Packets would end up spilling all over the floor.

  13. There is no “might be the the stupidest thing” .. It is, without a doubt, the single stupidest thing a seemingly intelligent person has ever said !!  EVER !!

    1. Steve, I am the original poster and tend to agree, but as I was posting I thought that I must have read something from Rudolph Giuliani or Dick Cheney in the 2000-2008 period that was stupider but I had forgotten.  So, I included the modifier.  Regardless, this is a remarkably high plane of stupidity.  

      1. edit – you said “seemingly intelligent person” which would exclude Giuliani and Cheney.  Never mind, carry on.

  14. Is this just another example of obvious stupidity by the ruling class, or is Mr. Clarke floating a trial balloon excuse for why there needs to be a Great Firewall of America?

  15. If given proper authorization, NASA could make the acceleration due to gravity at Earth’s surface to be 16 ft/sec^2. Unfortunately, objects would continue to accelerate at 32 ft/sec^2, blithely ignoring the governmental decrees.

    This suggestion is right down there in that category.

  16. Your post advocates a
    ( ) technical (x) legislative ( ) market-based ( ) vigilante

    approach to increase “cyber security.” Your idea will not work. Here is why it won’t work.
    (One or more of the following may apply to your particular idea, and it may
    have other flaws which used to vary from state to state before a bad federal
    law was passed.)

    (x) Crackers can easily bypass it
    (x) File transfers and other legitimate uses would be affected
    ( ) No one will be able to find the guy or keep him out
    (x) It is defenseless against cryptography
    ( ) It will stop script kiddies for two weeks and then we’ll be stuck with it
    (x) Users of Dropbox will not put up with it
    ( ) Apple will not put up with it
    ( ) The police will not put up with it
    ( ) Requires too much cooperation from site owners
    (x) Requires immediate total cooperation from everybody at once
    (x) Many users cannot afford to lose business or alienate potential employers
    (x) Crackers don’t care about TFTP
    ( ) Anyone could anonymously destroy anyone else’s career or business

    Specifically, your plan fails to account for

    ( ) Laws expressly prohibiting it
    ( ) Lack of centrally controlling authority for TCP/IP
    (x) Open VPNs in foreign countries
    ( ) Ease of hiding signal in all that noise
    ( ) Asshats
    (x) Jurisdictional problems
    ( ) Unpopularity of weird new requirements
    (x) Public reluctance to accept weird new ways to send pictures to Grandma
    ( ) Huge existing software investment in IP
    ( ) Susceptibility of protocols other than FTP to attack
    ( ) [Un]Willingness of users to install OS patches from
    (x) Zombie Armies of worm-riddled Windows XP boxes
    ( ) Eternal arms race involved in all filtering approaches
    ( ) Extreme profitability of trading pirated goods
    (x) Darknets
    ( ) Wetnets
    (x) BitTorrent
    ( ) Joe jobs and/or identity theft
    (x) Technically illiterate politicians
    ( ) Extreme stupidity on the part of people who do business with Russian/Chinese gangs
    ( ) Dishonesty on the part of the gangs themselves
    ( ) Bandwidth costs that are unaffected by client filtering
    ( ) Internet Explorer

    and the following philosophical objections may also apply:

    ( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
    ( ) Any scheme based on opt-out is unacceptable
    (x) Technical protocols should not be the subject of legislation
    ( ) Blacklists suck
    ( ) Whitelists suck
    ( ) We should be able to talk about Viagra without being censored
    ( ) Countermeasures should not involve wire fraud or credit card fraud
    (x) Countermeasures should not involve sabotage of public networks
    ( ) Countermeasures must work if phased in gradually
    (x) Sending unencumbered packets should be the norm
    ( ) Why should we have to trust you and your filters?
    ( ) Incompatiblity with open source or open source licenses
    (x) Feel-good measures do nothing to solve the problem
    ( ) Temporary/one-time mac addresses are cumbersome
    (x) IPv6
    (x) I don’t want the government monitoring my traffic
    ( ) Punishing crackers and griefers that way is not slow and painful enough

    Furthermore, this is what I think about you:

    ( ) Sorry dude, but I don’t think it would work.
    (x) This is a stupid idea, and you’re a stupid person for suggesting it.
    (x) Adults talking; children be silent!

    1. Nice!

      If you have some more free time, the internet could also use a more general one for cognitive biases and logical fallacies.

  17. It strikes me that a lot of the people making policy might see the internet as something new, and therefore not particularly important. In part, because they tend to be older, and they didn’t usually use it or study it when they were young, and they tend not to be experts in anything but influence-peddling.

    And the same principle might explain why the people making policy seem to be in denial about global warming, overfishing, and peak oil. I remember that global warming was pretty much established fact by the ’80s. But these people are stuck on the idea that ‘global cooling’ was ‘fact’ in the ’70s even though it was something the news media invented while the scientists debated the evidence. It’s like these people can’t see anything more recent as being as real as something from the ’50s or ’60s or ’70s.

    1. I wonder if perhaps the big thing they are confusing the issue with in their addled and belligerently confused memory is Carl Sagan talking about nuclear winter back then.

  18. So if you write a few books, shout really loudly, and are profoundly ignorant about just about everything, and most especially about the topic that you’re supposedly an expert in, the NYTs will let you write an editorial?  

  19. Maybe they’re just putting something this absurd out there so they can make a list a couple of days later of everybody who yelled about it.  These are the people whose voices they’ll need to neutralize before they do it.  Sorry people — you’re all on the list.  Wait!  Now I am too.  Damn… 

  20. So, let me get this straight.  This guy…lives in this century?  And is in a position of power?  With this little of a clue?

  21. It’s a series of tuuuuubbbbeeeessss!!!!111!!1

    Thanks for the morning chuckle, Mr. Clark.  Now, get back to the hard work of being irrelevant.

  22. Ummm… Mr. Clark? Have the Chinese not heard of ssl? Better hope no Chinese read this comment, because now they have, and your plans have been foiled.

  23. Even if everything were transmitted in the clear, with convenient identifying labels like “STRATEGIC PLAN,” you can’t tell if a thing is stolen by looking at the thing.  You have to figure out who’s in possession of it, figure out who the owner is, see if those two people are different or if perhaps the owner gave permission to someone else to use it, bla bla bla.  You’d literally have to create an access list for every document in your business, and then hand the access lists (a mountain of data perhaps larger than the data being inspected) over to the government.

Comments are closed.