Can Shakespeare solve our messaging app crisis?

The messaging app Telegram announced earlier this week it was stepping up its efforts to thwart terrorism communication. A college literature professor may have the perfect solution for the problem.

messaging apps threats security privacy thought bubbles

Getting the message

The popular messaging app Telegram announced earlier this week it was stepping up its efforts to thwart terrorism communications after the Indonesian government planned to limit access to the service within the country. This was not Telegram’s first dance with the regulatory devil. 

After the Manchester attack earlier this year there was a burst of ISIS communications on Telegram, eliciting demands for so-called ‘back-door’ access to the encryption schemes of popular messaging apps. After the 2015 Paris attacks, Telegram shut down numerous channels used by ISIS to distribute directions, communications, and even a cybersecurity manual to its members.  They are not alone with this problem.

Apple faced Justice Department pressures to crack the encryption on the iPhone used by one of the San Bernardino attackers.  WhatsApp faced similar accusations by Britain’s Home Secretary after the Westminster attacks.  Egypt blocked the messaging app Signal in late 2016 for a time.  Turkey went so far as to arrest people for simply having ByLock on their smartphones after a failed coup attempt. 

Most of these services utilize end-to-end encryption to ensure communications cannot be deciphered, even by the services themselves.  Governments in Europe, Australia, and the U.S. are threatening regulatory actions to ensure the service providers, and court-supported law enforcement agencies, can access these encrypted exchanges. 

In response to this latest regulatory salvo, Telegram CEO Pavel Durov announced a team of moderators would be used to identify ‘inappropriate’ content.  But what exactly does that mean?  Who decides what is inappropriate?  What may be inappropriate in one region may be perfectly acceptable – even preferable – in another.

Homomorphism prepares for its  close-up

Successfully cutting off communications for terrorists, pedophiles, and mass murderers would be a celebrated accomplishment for any messaging service.  But how can they monitor content that is scrambled?  Cyberbullying among adolescents has been difficult enough to stop, and that is done right out in the open.  How does anyone police encrypted communications?

In a previous post, I cited homomorphic encryption as a specialized type of MutiParty Computing, or MPC.  Homomorphic encryption allows parties to analyze encrypted information, while still keeping the information secret.  This is a unique structure of certain types of calculations – they can be manipulated and analyzed, yet still remain protected from prying eyes.

Suppose messaging services used homomorphic encryption as either their main algorithm, or as a pre-step to their current encryption schema?  What if you could identify ‘inappropriate content’ before the message was ever sent, without violating anyone’s privacy?  Sound crazy?  Maybe not.

A Shakespearean solution

Don Foster is an English professor at Vassar College in New York who developed a reputation for analyzing works thought to be written by William Shakespeare.  Foster developed techniques for textual analysis of authorship, making quite a splash with a New York magazine article outing Newsweek journalist Joe Klein as the anonymous author of ‘Primary Colors’, a political roman a clef of Bill Clinton’s 1992 presidential campaign.

Klein denied the accusation for years before finally confirming he was the book’s author.  Foster’s subsequent notoriety brought him more law enforcement work, from the Unabomber to the disappearance of Jon Benet Ramsey among others.

His work on the government’s anthrax investigation named virologist Steven Hatfill as the perpetrator.  When another government scientist was found to be the real perpetrator, Hatfill sued Foster, Vassar College, and several publications for slander.  Foster has since withdrawn from public forensics work, returning to full time academics.

Foster’s investigative techniques appear to have strayed from the linguistics.  He may simply have gotten rushed, or perhaps the media onslaught was more than he was comfortable with.  But we must remember Foster is an English professor; not a mathematician or computer scientist. But what if we took the foundation of his methods and put some modern artificial intelligence muscle behind it? 

We’re not looking for definitive, courtroom-strength evidentiary validation here.  What we want are simply probabilities, what Foster’s best work was founded on.  He determined the probabilities of a work being authored by a particular writer.  The messaging services know who the authors are, so why not flip the analytic method around, and evaluate the message itself?

Could software recognize a message is related to terrorism?  I suspect it could.  I believe the very thing that allowed Foster (and subsequently others) to mathematically describe language to look back and reveal authorship can also look forward to unveil intent.

The FBI used text analysis to quickly sort through tens of thousands of emails related to the Enron prosecution a few years back.  University undergraduates now practice sentiment analysis on Enron’s 500,000 emails so they can help future investigators concentrate only on the exchanges most likely to suggest illegal activity.  Why not do the same with encrypted messages before they are transmitted?

China recently started real time interception of images being shared in messaging apps, something that had previously been thought too big, too complicated to do live.  Assuming the same can be done by messaging services themselves, why not create this service to (a) stop bad guys, (b) respond to the majority of customer wishes and (c) forestall a growing storm of regulators?  If homomorphic encryption creates an opportunity for forensic language analysis of communications that still remain private, messaging services may have the perfect solution to this problem.

A marriage made in heaven?

A homomorphic-correlation hybrid just might provide enough preliminary analysis for outgoing messages to be flagged by messaging services.  Just as Google’s autonomous cars get smarter every day because all of the vehicles feed into an artificial intelligence model, the same method could be used to identify terrorism communication. 

Correlational statistics should uncover these few outliers precisely because they stand out in stark contrast to the banality of everyday communication.  It is the prevalence of innocence that highlight the probability of guilty material. 

Imagine a terrorist, pedophile, or would-be mass murderer’s reaction to getting a notice from Facebook asking “This message appears to have terrorism content.  Do you really want to send it?”  It shines a light not only the writer, but also on the audience the message is addressed to.  This is the beauty of correlations – only the outliers get flagged.  Flagged communications can then be further scrutinized according to the service’s terms of service. 

Sunlight is the best of disinfectants,” is a famous quote by the late Supreme Court Justice Louis Brandeis.  He preceded the phrase by noting “Publicity is justly commended as a remedy for social and industrial diseases.” Before our bullying and cyberterrorism diseases reach epidemic proportions, perhaps our Silicon Valley spin doctors will liberally apply a good digital disinfectant and stop an attack before it can start!

Copyright © 2017 IDG Communications, Inc.

Subscribe today! Get the best in cybersecurity, delivered to your inbox.