Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: Wikipedia Tor]]]
- Forwarded message from Jimmy Wales [EMAIL PROTECTED] - We are not looking for a perfect solution. Yes, Wikis will be vandalized. We're prepared to deal with that, we do deal with that. But what I am seeking is some efforts to think usefully about how to helpfully reconcile our dual goals of openness and privacy. Wikipedia should allow Tor users to register Wikipedia nyms. Then they could block: Tor users trying to edit without a nym; Tor users trying to edit with a nym that has a bad reputation; and they could rate-limit Tor users trying to edit with a nym that has insufficient history to be classified as good or bad; while not blocking Tor users trying to edit with a nym that has a good reputation. This will require some changes to the MediaWiki software that Wikipedia uses. AFAIK, there's currently no way to rate-limit nyms that have insufficient history, and blocks on IP addresses are currently all or nothing. --apb (Alan Barrett)
Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: Wikipedia Tor]]]
- Forwarded message from Jimmy Wales [EMAIL PROTECTED] - We are not looking for a perfect solution. Yes, Wikis will be vandalized. We're prepared to deal with that, we do deal with that. But what I am seeking is some efforts to think usefully about how to helpfully reconcile our dual goals of openness and privacy. Wikipedia should allow Tor users to register Wikipedia nyms. Then they could block: Tor users trying to edit without a nym; Tor users trying to edit with a nym that has a bad reputation; and they could rate-limit Tor users trying to edit with a nym that has insufficient history to be classified as good or bad; while not blocking Tor users trying to edit with a nym that has a good reputation. This will require some changes to the MediaWiki software that Wikipedia uses. AFAIK, there's currently no way to rate-limit nyms that have insufficient history, and blocks on IP addresses are currently all or nothing. --apb (Alan Barrett)
Re: Cash, Credit -- or Prints?
On Tue, 12 Oct 2004, John Kelsey wrote: but there doesn't seem to be a clean process for determining how skilled an attacker needs to be to, say, scan my finger once, and produce either a fake finger or a machine for projecting a fake fingerprint into the reader. ... or a replacement reader that fakes the signals to the rest of the security system. --apb (Alan Barrett)
Re: Cash, Credit -- or Prints?
On Tue, 12 Oct 2004, John Kelsey wrote: but there doesn't seem to be a clean process for determining how skilled an attacker needs to be to, say, scan my finger once, and produce either a fake finger or a machine for projecting a fake fingerprint into the reader. .. or a replacement reader that fakes the signals to the rest of the security system. --apb (Alan Barrett)
Re: For Liars and Loafers, Cellphones Offer an Alibi
On Sat, 26 Jun 2004, Major Variola (ret) wrote: Eventually the cellphones will be able to tell another phone approx where they are. [...] The marketing reason would be to help people find others geographically. At least with GSM, the base station always knows the approximate distance to the phone (this is needed by the GSM protocol, for reasons related to time slot management in the presence of finite speed of light, but it might be possible to hack the phone's firmware to fool it, or to register with fewer base stations than usual). The GSM network's database knows the exact locations of all the base stations. Add a little software to do triangulation from multiple base stations, and the GSM network knows the location of the phone, to an accuracy that depends chiefly on the base station density. Add a layer of user interface software, and you're done. No cooperation from the phone is necessary, except what the phone would normally do in order to register itself with base stations so that it can receive calls. No GPS or other non-GSM protocols are necessary. This is already offered as an extra cost service (branded Look for me) by Vodacom in South Africa. It's targeted at parents who want to know where their children are, and the phrase with their permission is included in current advertising. As the seeker, you send an SMS (text message) to a special number to register your phone as a user of the locator service, and to ask for the location of another phone. The network sends a message to the target phone, and the user must reply to give permission to be located. Then the network sends a text message to the seeker, telling them the location of the target. I don't know whether the target's permission is asked every time, or just once per seeker; I do know that it's not just once globally. In any case, the permission is just a flag in a database, and is not really needed by anybody with back-door access to the GSM provider. --apb (Alan Barrett)
Re: Yodels, new anonymous e-currency
On Tue, 12 Nov 2002, Nomen Nescio wrote: According to this link, http://www.infoanarchy.org/?op=displaystory;sid=2002/11/11/4183/2039, a new form of digital cash called yodels is being offered anonymously: [...] Supposedly, then, this is cash which can be transferred anonymously via IIP or Freenet. Leaving aside the question of trusting an anonymous bank (trust takes time), the sticking point for ecash is how to transfer between yodels and other currencies. Without transferability, what gives yodels their value? I believe that the Yodel bank does not have its own currency, but uses DMT Rands. DMT Rands are alleged to be backed by a basket of gold plus a few fiat currencies issued by nation states. See http://www.orlingrabbe.com/rand.htm for information about the currency, and http://www.orlingrabbe.com/dmt_guide.htm for information about the DMT system and its companions ALTA and LESE. --apb (Alan Barrett)
Re: Yodels, new anonymous e-currency
On Tue, 12 Nov 2002, Nomen Nescio wrote: According to this link, http://www.infoanarchy.org/?op=displaystory;sid=2002/11/11/4183/2039, a new form of digital cash called yodels is being offered anonymously: [...] Supposedly, then, this is cash which can be transferred anonymously via IIP or Freenet. Leaving aside the question of trusting an anonymous bank (trust takes time), the sticking point for ecash is how to transfer between yodels and other currencies. Without transferability, what gives yodels their value? I believe that the Yodel bank does not have its own currency, but uses DMT Rands. DMT Rands are alleged to be backed by a basket of gold plus a few fiat currencies issued by nation states. See http://www.orlingrabbe.com/rand.htm for information about the currency, and http://www.orlingrabbe.com/dmt_guide.htm for information about the DMT system and its companions ALTA and LESE. --apb (Alan Barrett)
