Re: On the orthogonality of anonymity to current market demand

2005-11-01 Thread Peter Gutmann
Chris Palmer <[EMAIL PROTECTED]> writes:
>James A. Donald writes:
>
>> Further, genuinely secure systems are now becoming available, notably
>> Symbian.
>
>What does it mean for Symbian to be genuinely secure? How was this determined
>and achieved?

By executive fiat.

Peter.



Re: On the orthogonality of anonymity to current market demand

2005-10-31 Thread James A. Donald
James A. Donald writes:
> > Further, genuinely secure systems are now becoming available, notably
> > Symbian.

Chris Palmer <[EMAIL PROTECTED]>
> What does it mean for Symbian to be genuinely secure? How was this
> determined and achieved?

There is no official definition of "genuinely secure", and it is my 
judgment that Symbian is unlikely to suffer the worm, virus and 
trojan problems to the extent that has plagued other systems.





Re: On the orthogonality of anonymity to current market demand

2005-10-31 Thread Chris Palmer
James A. Donald writes:

> Further, genuinely secure systems are now becoming available, notably
> Symbian.

What does it mean for Symbian to be genuinely secure? How was this
determined and achieved?


-- 
http://www.eff.org/about/staff/#chris_palmer



signature.asc
Description: Digital signature


Re: On the orthogonality of anonymity to current market demand

2005-10-31 Thread R.A. Hettinga
At 10:22 AM -0500 10/31/05, [EMAIL PROTECTED] wrote:
>and doesn't history show that big corporations are only interested in
>revenue

One should hope so.

;-)

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'



Re: On the orthogonality of anonymity to current market demand

2005-10-31 Thread johns
hi

( 05.10.26 09:17 -0700 ) James A. Donald:
> While many people are rightly concerned that DRM will
> ultimately mean that the big corporation, and thus the
> state, has root access to their computers and the owner
> does not, it also means that trojans, viruses, and
> malware does not.

do you really think this is true?

doesn't microsoft windows prove that remote control of computers only
leads to compromise? [especially in our heavily networked world]

and doesn't history show that big corporations are only interested in
revenue- so that if they get revenue by forcing you to pay them fees for
'upkeep' of your digital credentials to keep your computer working they
are going to do that.

the problems 'solved' by DRM can also be solved by moving to an
operating system where you have control of it, instead of an operating
system filled with hooks so other people can control your computer.

and that operating system is freely available ...

-- 
\js oblique strategy: don't be frightened of cliches



Re: On the orthogonality of anonymity to current market demand

2005-10-26 Thread James A. Donald
--
John Kelsey
> What's with the heat-death nonsense?  Physical bearer
> instruments imply stout locks and vaults and alarm
> systems and armed guards and all the rest, all the way
> down to infrastructure like police forces and armies
> (private or public) to avoid having the biggest gang
> end up owning all the gold.  Electronic bearer
> instruments imply the same kinds of things, and the
> infrastructure for that isn't in place.  It's like
> telling people to store their net worth in their
> homes, in gold. That can work, but you probably can't
> leave the cheapest lock sold at Home Depot on your
> front door and stick the gold coins in the same drawer
> where you used to keep your checkbook.

Some of us get spyware more than others.

Further, genuinely secure systems are now becoming
available, notably Symbian.

While many people are rightly concerned that DRM will
ultimately mean that the big corporation, and thus the
state, has root access to their computers and the owner
does not, it also means that trojans, viruses, and
malware does not. DRM enables secure signing of
transactions, and secure storage of blinded valuable
secrets, since DRM binds the data to the software, and
provides a secure channel to the user.   So secrets
representing ID, and secrets representing value, can
only be manipulated by the software that is supposed to
be manipulating it. 

--digsig
 James A. Donald
 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
 3CepcQ59MYKAZTizEycP1vkZBbexwbyiobaC/bXS
 44hfxMF4PBKXmc5uavnegOFFCMtNwDmpIMxLBcyI3



Re: On the orthogonality of anonymity to current market demand

2005-10-26 Thread John Kelsey
>From: "R.A. Hettinga" <[EMAIL PROTECTED]>
>Sent: Oct 25, 2005 8:34 AM
>To: cryptography@metzdowd.com, [EMAIL PROTECTED]
>Subject: On the orthogonality of anonymity to current market demand

...
>That is to say, your analysis conflicts with the whole trend towards
>T-0 trading, execution, clearing and settlement in the capital
>markets, and, frankly, with all payment in general as it gets
>increasingly granular and automated in nature. The faster you can
>trade or transact business with the surety that the asset in question
>is now irrevocably yours, the more trades and transactions you can
>do, which benefits not only the individual trader but markets as a
>whole.

The prerequisite for all this is that when the asset changes hands,
it's very nearly certain that this was the intention of the asset's
previous owner.  My point isn't to express my love for book-entry
payment systems.  There's plenty to hate about them.  But if the
alternative is an anonymous, irreversible payment system whose control
lies in software running alongside three pieces of spyware on my
Windows box, they probably still win for most people.  Even bad
payment systems are better than ones that let you have everything in
your wallet stolen by a single attack.  

...
>However "anonymous" irrevocability might offend one's senses and
>cause one to imagine the imminent heat-death of the financial
>universe (see Gibbon, below... :-)), I think that technology will
>instead step up to the challenge and become more secure as a
>result. 

What's with the heat-death nonsense?  Physical bearer instruments
imply stout locks and vaults and alarm systems and armed guards and
all the rest, all the way down to infrastructure like police forces
and armies (private or public) to avoid having the biggest gang end up
owning all the gold.  Electronic bearer instruments imply the same
kinds of things, and the infrastructure for that isn't in place.  It's
like telling people to store their net worth in their homes, in gold.
That can work, but you probably can't leave the cheapest lock sold at
Home Depot on your front door and stick the gold coins in the same
drawer where you used to keep your checkbook.

>And, since internet bearer transactions are, by their very
>design, more secure on public networks than book-entry transactions
>are in encrypted tunnels on private networks, they could even be said
>to be secure *in spite* of the fact that they're anonymous; that --
>as it ever was in cryptography -- business can be transacted between
>two parties even though they don't know, or trust, each other.

Why do you say internet bearer transactions are more secure?  I can
see more efficient, but why more secure?  It looks to me like both
kinds of payment system are susceptible to the same broad classes of
attacks (bank misbehavior (for a short time), someone finding a
software bug, someone breaking a crypto algorithm or protocol).  What
makes one more secure than the other?  

...
>Cheers,
>RAH

--John Kelsey



On the orthogonality of anonymity to current market demand

2005-10-25 Thread R.A. Hettinga
-BEGIN PGP SIGNED MESSAGE-

At 3:57 PM -0400 10/24/05, John Kelsey wrote:
>More to the point, an irreversible payment system raises big practical
>problems in a world full of very hard-to-secure PCs running the
>relevant software.  One exploitable software bug, properly used, can
>steal an enormous amount of money in an irreversible way.  And if your
>goal is to sow chaos, you don't even need to put most of the stolen
>money in your own account--just randomly move it around in
>irreversible, untraceable ways, making sure that your accounts are
>among the ones that benefit from the random generosity of the attack.
>The payment system operators will surely be sued for this, because
>they're the only ones who will be reachable.  They will go broke, and
>the users will be out their money, and nobody will be silly enough to
>make their mistake again.

Though I agree with the notion that anonymity is orthogonal to market
demand at the moment, I think you lost me at the word "account", above.
:-).


That is to say, your analysis conflicts with the whole trend towards T-0
trading, execution, clearing and settlement in the capital markets, and,
frankly, with all payment in general as it gets increasingly granular and
automated in nature. The faster you can trade or transact business with the
surety that the asset in question is now irrevocably yours, the more trades
and transactions you can do, which benefits not only the individual trader
but markets as a whole.

The whole foundation of modern finance, and several -- almost posthumous,
so pervasive was the homeopathic socialism that we now call Keynesianism --
Nobel prizes in economics are based on that premise, and it has been proven
empirically now for many decades: The entire history of the currency
futures markets would be a good example, though now that I think of it, any
derivative market, since the time of Thales himself, would prove the point.


However "anonymous" irrevocability might offend one's senses and cause one
to imagine the imminent heat-death of the financial universe (see Gibbon,
below... :-)), I think that technology will instead step up to the
challenge and become more secure as a result. And, since internet bearer
transactions are, by their very design, more secure on public networks than
book-entry transactions are in encrypted tunnels on private networks, they
could even be said to be secure *in spite* of the fact that they're
anonymous; that -- as it ever was in cryptography -- business can be
transacted between two parties even though they don't know, or trust, each
other.


For instance, another "problem" with internet bearer transactions, besides
their prima facie "anonymity" (they're only prima facie because, while the
protocols don't *require* is-a-person and-then-you-go-to-jail identity,
traffic analysis is still quite trivial for the time being, onion routers
notwithstanding) is that the client is responsible not only for most of the
computation, but also for the storage of notes or coins, instead of a
central database in a clearinghouse or bank somewhere "storing" various
offsetting book-entries in, as you noted above, "accounts". :-).

Of course, simply backing up one's data off-site, much easier with internet
bearer certificates than with whole databases, solves this problem, and, as
we all know here, the safest way to do *that* is to use some kind of m-of-n
hash,  stored, someday, for even smaller bits of cash :-), in many places
on the net at once. Obviously, we don't need small cash to store big
assets, any more than we need big servers to distribute big files in
BitTorrent, but it will only accelerate, if not complete, the process, when
we get there.


As I have said, too many times :-), about these things, transaction cost is
always going to be the critical factor in any change from book-entries to
chaumian-esque internet bearer transactions. And I believe that,
hand-in-hand with increased security, reduced transaction cost is more a
function of the collapsing cost and the ubiquity of distributed processing
power and network access than anything else.

So, anonymity is, in fact, orthogonal to market demand, primarily because
it's an *effect*, and not a cause, of that demand. As we all do now with
the current proctological state of book-entry finance, the anonymity of a
proposed internet bearer transaction infrastructure will just be a "cost"
that the market would have to bear. :-).

To channel Schopenhauer a bit, like the emergence of industrialism and the
abolition of slavery was before it, once anonymity becomes a "feature" of
our transaction infrastructure, people will eventually declare it to be not
only self-evident all along, but a moral *prerequisite* of any transaction
as well.

To put it another way, it's a pity for acrophobics that the fastest way to
get anywhere these days is to fly, but it is still a physical fact,
nonetheless.


Cheers,
RAH

-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.0.2 (Buil