Re: Ross's TCPA paper
anonym n : Mr. and Mrs. John Smith when signed in a motel register. On Sun, Jun 30, 2002 at 09:55:58PM -0400, R. A. Hettinga wrote: More to the point, there is no such thing as an anonym, by definition. -- Barney Wolff I never met a computer I didn't like.
Re: maximize best case, worst case, or average case? (TCPA
Quoting xganon [EMAIL PROTECTED]: So DRM systems are evil? Why? What makes them evil? There is no justification offered for this claim! Are we all supposed to accept it as obvious? I consider DRM systems (even the not-secure, not-mandated versions) evil due to the high likelyhood they will be used as technical building blocks upon which to deploy mandated, draconian DRM systems. DRM systems inevitably slide toward being more mandated, and more draconian. DRM-capable TCPA-type systems are evil by the same argument, even if not used for DRM. The primary reason they are evil is not the stated goal of DRM systems (copy protection in various forms), but the ease with which they could be used to eliminate cypherpunk applications. How can any software which people adopt voluntarily be evil? If Alice releases music with DRM restrictions, and Bob runs DRM compliant software to play it, which of them is evil? Is it Alice, for releasing her music with restrictions? Is it just because she encoded them in a file format, or is it evil to release any creative product and ask people not to copy it freely? Or is Bob evil, for voluntarily choosing to run DRM compliant software in order to listen to Alice's music? Or perhaps the software developer is the evil one, for giving people more options and choices in the world? If DRM systems were truly general purpose themselves, capable of being used for good and bad purposes, I would agree they are not inherently evil. However, because they never do anything but remove power over bits from people who would otherwise have complete control over them, I can't think of any good they could possibly accomplish. Taken in the context where if a technical solution exists, lawmakers will mandate it even if it isn't necessary, sometimes technologies which are not innately evil are so dangerous as to be necessarily rejected to avoid a legislative consequence. If, for instance, a perfect control chip were possible so that firearms could never be used to kill an employee of the US Government, even if this technology were optional, I would consider it evil, as it both prevents a possibly-acceptable use of the technology, and removes power from whoever controls the technology at the time. I wouldn't consider an electronic payment system which prevents counterfeiting of currency to be evil in the same way as a DRM system is, because the electronic payment system technology is not trivially transformed into a gatekeeper on the use of secure private computation. Are we to read this as an endorsement of the wanting-widespread-piracy standpoint? Is the implicit assumption here that widespread piracy is GOOD??? Well, that would certainly explain why DRM is evil in Ryan's eyes. Copyright is legal enforcement of restrictions on the possessor of bits. As such, I consider it morally bad. Additionally, it has outlived its practical utility (which I agree it had at one point). I support technologies which enable end-users to defeat restrictions placed on them by content creators, governments, or others. Defeating legislative solutions to problems also serves the useful social purpose of reducing confidence in people's minds that the government can control anything at all. Defeating purely technical restrictions on how you can use something is hacking at its most pure form. This is not really on the axis of good vs. evil; it is simply an example of man's desire to control the world around him. Admittedly, defeating fundamental physical limitations on what something can do is a lot more rewarding than defeating restrictions artificially imposed by another person, but it's still a worthwhile challenge. If so, in Ryan's ideal world, every creative artist has no choice but to do nothing, or release their works with permission that anyone can copy them for free. This is not just an unfortunate consequence of technological reality, in this view. It is an outcome to be desired and even fought for, to the extent that voluntary technologies which would give people other options must be opposed from the beginning. I think those who create should be free to use technical, social, or other non-coercive means to accomplish their goals. However, creating technologies which can be easily legislatively mandated, or relying on legislative solutions to business problems, is wrong. While I'd certainly prefer a world where creation of worthwhile content is rewarded and encouraged, I would far prefer if every artist starved rather than a world where general purpose computing is restricted at all. The military applications of computing are far more important than art or culture. -- Ryan Lackey [RL7618 RL5931-RIPE][EMAIL PROTECTED] CTO and Co-founder, HavenCo Ltd.+44 7970 633 277 the free world just milliseconds away http://www.havenco.com/ OpenPGP 4096: B8B8 3D95 F940 9760 C64B DE90 07AD BE07 D2E0 301F
The Hot New Field of Cyberlaw Is Just Hokum, Skeptics Argue
I think, frankly, that the only way to answer the arguments made below is with financial cryptography. Like I've said before, if it's encrypted, and only I (not Bill Gates and I :-)) have the key then it's my property. The same can be said about the abstractions of financial assets represented by bearer certificates created with financial cryptography protocols like blind signatures. Otherwise, yes, I do believe that Cyber-law is just meat-law by other means. One need only think about the Adult Action case, where an extradited defendant is now rotting in a Kentucky jail for the contents of his California server, or the American who foolishly went home to stand trial for his Antiguan net-gambling business to understand that. Until we have some kind of technological equivalent of the Treaty of Westphalia, sundering once and for all the power of nation-states on the internet in the same way that that treaty broke the power of religion in international relations, we will eventually end up in some kind of Heller/Randian legal singularity where everything, everywhere, will be illegal, all the time. :-). The solution to the legal paradox is not legal, it's physical: Write software, not legislation. Write code instead of Code. Cheers, RAH http://online.wsj.com/article_print/0,,SB1025481262421276800,00.html The Wall Street Journal July 1, 2002 BOOM TOWN By LEE GOMES The Hot New Field of Cyberlaw Is Just Hokum, Skeptics Argue Is there really a cyberspace full of cybercitizens who need only be accountable to their own cyberlaws? A loose-knit group of law professors is bucking one of the big fads in the legal field by calling that whole idea cybersilly. Law involving the online world is hot right now. Law schools trying to stay current have courses in it, which tend to be popular with a generation of law students reared on Wired magazine and Napster. Experts in so-called cyberlaw typically have technology-friendly legal views, and are thus frequent guests at the tech world's many conferences. They're also quoted all the time in media accounts of online legal disputes. Cyberskeptic or buff? Write to Lee Gomes at [EMAIL PROTECTED] There is, though, a much less well-known but equally determined group of legal experts -- let's call them the cyberskeptics -- who are deeply troubled by just about everything about this trend. The skeptics start by questioning the very existence of cyberspace, which they say is no more real than a phone space involving all the people on the telephone at a given time. They go on to argue that something happening online shouldn't be treated any differently by the law than if it occurred on Main Street. You can usually find the skeptics in law journals rather than at tech conferences. Orin S. Kerr, of George Washington University Law School, for example, is wary of courts looking at Internet legal issues from the perspective of users, who may indeed think of themselves as cavorting about in cyberspace. A more productive approach, he says, might be to look at what is happening in the real world, where one usually simply finds a group of computers connected to each other and passing along data. Timothy Wu, a professor at the University of Virginia School of Law, writes that there is no single Internet, but instead, many different Internet applications that all need to be discussed differently. Jack Goldsmith, of the University of Chicago law school, defends a decision two years ago by a French judge who said that Yahoo couldn't sell Nazi memorabilia in France, which bans the material. Netizens pounced on the ruling as an affront to their brave new digital world. But Prof. Goldsmith says that Yahoo, since it has a subsidiary in France, should no more be immune to French laws than General Motors is. More importantly, he says, the French judge went through with the ruling only after determining that it was feasible, through various screening technologies, for Yahoo to prevent its French visitors from seeing the ads but still display them to others. While the skeptics emphasize different points, they all have as a core principle a rejection of the notion of Internet exceptionalism, or the idea that the Internet is a new, unique thing that requires its own special laws. The steam engine ... probably transformed American law, but the 'law of the steam engine' never existed, writes Joseph H. Sommer, counsel at the Federal Reserve Bank of New York, in a law review article called Against Cyberlaw. He also fretted that the cyberbuffs are afflicted with insufficient perspective, disdain for history, unnecessary futurology and technophilia. The skeptics have no particular beef with computer and Internet technology. Most, in fact, are avid users. They just think that it shouldn't be pandered to. And they certainly deride the ideas behind the Declaration of Independence of Cyberspace, which is posted on many Web sites and poses a hands off challenge to government. The dispute between
Re: Ross's TCPA paper
R. A. Hettinga wrote: At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote: No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot. More to the point, there is no such thing as an anonym, by definition. Hmm. So present the appropriate definition? Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff
Re: Diffie-Hellman and MITM
hi, Thanx Mark, I was also wondering on the line of hash functions too,me 2 dont see how it works securely. Nor does the interlock protocol look secure to me. Regards Data. --- Marcel Popescu [EMAIL PROTECTED] wrote: From: gfgs pedo [EMAIL PROTECTED] One solution suggested against the man in the middle attack is using the interlock protocol This is the one I vaguely recalled, thank you. All mallory would have to do is send the half of the (n th) packet when he receives the half of (n+1)th packet since the 1 st packet was faked by mallory. Interesting attack... assuming that a one-block delay doesn't look suspicious. What if every message except the very first one has a hash of the previously received message? A - (M -) B: half 1 of message A1 B - (M -) A: half 1 of message B1 | hash (half 1 of message A1) A - (M -) B: half 2 of message A1 | hash (half 1 of message B1) B - (M -) A: half 2 of message B1 | hash (half 2 of message A1) A - (M -) B: half 1 of message A2 | hash (half 2 of message B1) ... and so on Nah... won't work; since M captures A1 and B1, he can compute the hashes for both the initial bogus message and the (delayed) genuine ones. Same if they try hasing all the previous messages. What if they send the hash of the *other* half? (The program splitting the messages already has the full ones.) A - (M -) B: half 1 of message A1 | hash (half 2 of message A1) B - (M -) A: half 1 of message B1 | hash (half 2 of message B1) A - (M -) B: half 2 of message A1 | hash (half 1 of message A1) B - (M -) A: half 2 of message B1 | hash (half 1 of message B1) ... and so on Nope, no good... M fakes the first message in both direction, and then he always has a good one, so he can compute the hashes. The only thing that might, as far as I can see, succeed (with a high probability) would be for everyone to hash the *next* half - meaning that, together with half 2 of message N, there will be the hash of half one of message N + 1. However, I don't see how this would be possible for an interactive communication... Thanks, Mark __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
Re: Ross's TCPA paper
At 11:30 PM -0400 on 6/30/02, Barney Wolff wrote: anonym n : Mr. and Mrs. John Smith when signed in a motel register. No. Pseudonym(s). Subclass Alias. An anonym (literally, no name, right?) is not signing the book at all, and, thus, as nyms go, can't exist except in your mind. Somewhere St. Anselm is smiling... I'd be tempted to say that an anonym is it's own antinym and thus can't exist, but that, as James Coburn said in a movie recently, would be just plain mean... :-). Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Ross's TCPA paper
My use of anonym was a joke. Sorry if it was too deadpan. But my serious point was that if a pseudonym costs nothing to get or give up, it makes one effectively anonymous, if one so chooses. On Mon, Jul 01, 2002 at 11:37:28AM +0100, Ben Laurie wrote: R. A. Hettinga wrote: At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote: No, a pseudonym can be linked to stuff (such as reputation, publications, money). An anonym cannot. More to the point, there is no such thing as an anonym, by definition. Hmm. So present the appropriate definition? -- Barney Wolff I never met a computer I didn't like.
Anonyms, Pseudonyms, and Fists (was Re: Ross's TCPA paper)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 11:37 AM +0100 on 7/1/02, Ben Laurie wrote: Hmm. So present the appropriate definition? Well, like I said, (and to be completely pedantic about it :-)), it seems to me that logically there's no such thing as an anonym even though you could do pseudonymous things that are, prima facie, and probably functionally, anonymous. The closest thing might be a string of single-use keys, pseudonyms, as we've said, or, in the Mr. and Mrs. Smith of motel register fame (or user cypherpunks, password writecode), everyone using the same key, to using a key, or name as we (and now a dictionary somewhere, though my spell-check dictionary flags it :-)), have also said, is to create an *alternate* name or key for yourself, which is, by definition, a pseudonym, even if it is used once, and unlinked to any other event somehow. And, to throw a curve into the whole discussion, there's also the fist everyone uses on the net, like the fist that people had when keying Morse Code. Or, more recently, the words, syntax, semantics, concordance, whatever, that they use when writing or talking. That stuff has has been used in literature -- to apparent lesser effect more recently with Shakespeare, and to greater effect with Joel Klien, for instance. Or the way we buy or things in an electronic market, or by mousing around the web. That kind of stuff, as Carl Ellison has noted, is probably as good a biometric as there might ever be, given enough data, so certainly a persistent pseudonym can't be anonymous in the sense of unlinked behavior to itself. Frankly, since we still live in a world of physical IP addresses, and apparently, given the ZKS experience, a still uneconomical way of mixing those addresses, traffic analysis, as usual, is still quite a bitch. Only when we can change the economics of pseudonymity will we have anything approaching anonymity, in other words. If it's cheaper to do things anonymously -- especially financial things, which are at the core of most traceable, most linkable, literally accountable, transparent activity, right now -- then we'll get closer and closer to anonymity. So, maybe there isn't such a thing as an anonym, even though we know what anonymity is. We can make generalizations about anonymity all the time. The ultimate generalization being that anonymity, like security and cryptography themselves, is more of an economic asymptote than anything else. Something like perfection; as Anselm said in trying to prove the existence of God before the concept of calculus and limits would have shown him the error of his ways :-), something that we can conceive in our mind, if not actually see in reality. We can probably get close enough to be free, however, even in a world of ubiquitous optical supervision of private property. Dramatically freer than we are now, certainly, which is all that matters. Cheers, RAH -BEGIN PGP SIGNATURE- Version: PGP 7.5 iQA/AwUBPSBYzMPxH8jf3ohaEQKAVACfYeUm0QMu3PIcj9IacILb4S5t87AAoIZJ B51jtZMJN0l+bOITjKVqK5Rn =dZrT -END PGP SIGNATURE- -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Ross's TCPA paper
Barney Wolff wrote: My use of anonym was a joke. Sorry if it was too deadpan. But my serious point was that if a pseudonym costs nothing to get or give up, it makes one effectively anonymous, if one so chooses. Well, yeah, I'd say that single-use pseudonyms are, in fact, the definition of anonyms. Zero cost is not required, of course, except to make anonymity, err, zero cost. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff
on 'evil' as an abbreviation (Re: maximize best case, worst case, or average case?)
At 07:25 PM 6/30/02 -0500, xganon wrote: Ryan Lackey provides a detailed analysis, but he gets off to a bad start right at the beginning: DRM systems embedded in general purpose computers, especially if mandated, especially if implemented in the most secure practical manner (running the system in system-high DRM mode and not allowing raw hardware access to anything at any time on the platform...are evil. So DRM systems are evil? Why? What makes them evil? There is no justification offered for this claim! Are we all supposed to accept it as obvious? Evil = bad = counter to our goals. One of our goals is to have general-purpose computers widely available. A DRM layer between us and the hardware is counter to that goal, ergo, undesirable from this perspective. Its like a governor in a car. Do you want one in yours? Are you willing to pay for the decreased driving flexibility and decreased reliability (extra parts, after all) of your car? What makes you think you can require one in mine? Speaking only for myself
Re: on 'evil' as an abbreviation
Evil = bad = counter to our goals. One of our goals is to have general-purpose computers widely available. A DRM layer between us and the hardware is counter to that goal, ergo, undesirable from this perspective. Its like a governor in a car. Do you want one in yours? Are you willing to pay for the decreased driving flexibility and decreased reliability (extra parts, after all) of your car? Sure, I might put a governor in my car if it would lower my insurance rates. And I might use a DRM system if it let me download music and video that I wanted, while remaining compliant with the creators' wishes. What makes you think you can require one in mine? We're talking about voluntary systems here. Ryan said that DRM was evil even if voluntary.
Re: maximize best case, worst case, or average case? (TCPA
Robert Hettinga writes: All they have to do is auction the first copy off for a lot of money, cash, and let the market take care of the rest. That, by the way, is what people do now, of course, with advances, record contracts, and so on. Brilliant. Let the market solve the problem. Why bother with the auction part, then? If the market's going to solve the problem for the 2nd guy to hold the copy, why not let it solve the problem for the 1st? The fact is, quoting this mantra is simply a way of avoiding the hard issues. You've got to show *how* the market is going to solve the problem. Why would content creators get a lot of money, cash? Obviously, only if your #2 guy knows that he is also going to get a lot of money for it. So you haven't taken a step towards solving the problem; you have simply handed the problem off from #1 to #2. The fact is that the market can't solve this kind of problem. That's right, markets are not perfect. They do fine for ordinary, private goods. But information objects, absent successful DRM restrictions, are effectively public goods. That is, you can't restrict their dissemination. If you try to provide such goods only to a small group of people, you've effectively given them to everyone. This idea of digital content as a public good is developed in detail at http://www.tidbits.com/tb-issues/TidBITS-602.html#lnk5. Markets do not handle public goods well. It is a standard theorem of economics that they underprovide public goods. There is no way to charge for goods that everyone can get for free, and ideas like Kelsey and Schneier's Street Performer protocol don't work because of free riders. The traditional way to provide for public goods is by government. If we don't get DRM, that's probably what we will end up with: government subsidies of the arts. Most musicians and other artists won't be able to make enough money to live on even if their works are relatively popular. The government will have to tax consumers and distribute the proceeds to artists (and the RIAA, etc) in order to protect the content industry. This is the true alternative to DRM. Anyone who respects the power of markets should understand that DRM is the key to allowing markets to function with information goods. If you oppose DRM, you are working to insure that creative content will become a public good. And if you understand econmics, you will see that this is an outcome to be avoided if at all possible.
Re: Ross's TCPA paper
[Repost] Bear writes: A few years ago merchants were equally adamant and believed equally in the rightness of maintaining their right to not do business with blacks, chicanos, irish, and women. It'll pass as people wake up and smell the coffee. Unfortunately that won't be until after at least a decade of really vicious abuses of private data by merchants who believe in their god-given right to snoop on their customers. My God, how low the cypherpunk list has sunk. Here we have someone not only demanding that merchants be forced to deal with pseudonymous customers, he invokes civil rights laws to support his argument! Where's Tim May when we need him? His racism is odious but at least he's not trying to force other people to follow his beliefs. I'm sure he'd have a thing or two to say about our wonderful civil rights laws and Bear's proposal to extend similar regulations to cyberspace. Here's a clue, Mr. Bear. The cypherpunks list was founded on the principle that cyberspace can enhance freedom, and that includes freedom to associate with whomever you choose. Racism is evil, but the solution must lie in people's hearts. Pointing a gun at them and forcing them to act in a politically correct manner (which is what civil rights regulations really do) is no solution to the problem. So yeah, I think that the right to privacy implies the right to use a pseudonym. For any non-fraudulent purpose, including doing business with merchants who don't know it's a pseudonym. And I think that's a constitutional right, whether the merchants happen to like it or not... And of course any reference to the constitution betrays utter cluelessness when talking on an international mailing list about technology which spans national borders. Unless you are prepared to be bound by the Iraqi constitution, Mr. Bear, don't ask us to be governed by yours.
Re: maximize best case, worst case, or average case? (TCPA
On Mon, Jul 01, at 10:10PM, Anonymous wrote: | Brilliant. Let the market solve the problem. Why bother with the auction | part, then? If the market's going to solve the problem for the 2nd guy | to hold the copy, why not let it solve the problem for the 1st? The fact | is, quoting this mantra is simply a way of avoiding the hard issues. | You've got to show *how* the market is going to solve the problem. | Why would content creators get a lot of money, cash? Obviously, only | if your #2 guy knows that he is also going to get a lot of money for it. | So you haven't taken a step towards solving the problem; you have simply | handed the problem off from #1 to #2. Actually, this is not a question for the individual person, rather a rhetorical question. Did anyone know how much television would change the radio industry? In fact, for the first several years after its inception, TV was a money losing business. The question of *how* doesn't need to be answered now (this is a proverbial now which actually means ever or for a long time to come.) In fact, we have these problems now and they don't seem to retard the economy in any way, rare anythings pose this problem everyday. In fact, relative values pose this problem everyday. Ever hear One man's trash is another man's treasure? | The fact is that the market can't solve this kind of problem. That's | right, markets are not perfect. They do fine for ordinary, private | goods. But information objects, absent successful DRM restrictions, | are effectively public goods. That is, you can't restrict their | dissemination. If you try to provide such goods only to a small group | of people, you've effectively given them to everyone. Well, since markets are made up of individual people going about their business to create the market as a whole, I don't see any problems with this whatsoever. Joe Musician knows that this is the way music works. In the olden days, people copied music from one another by word of mouth over and over, songs were stolen by musicians and played for other audiences. The musical business wasn't the joke that it is today. Back then, it was accepted that music is sound and sound, well, can be repeated, if not by a recording on a cassette or cd, then by voice. It isn't a market problem that some people don't get their way. Nor is it a good idea to have the government dictate who gets what in a free and willing exchange scenario. Joe Musician does not have to play his music or give it to anyone (imagine the hoopla when someone records a live show) he does so willingly and of his own free will. Are we to accept that because he doesn't feel he gets enough for his music that we should bank the cost of having it mandated that we pay Joe? If he doesn't get enough for his music, he is free to NOT release it, DON'T publish the damn thing and stop bitching. I mock those who present reports showing that the market didn't correspond to previously created models. Markets aren't wrong folks, the models are. | This idea of digital content as a public good is developed in detail at | http://www.tidbits.com/tb-issues/TidBITS-602.html#lnk5. | Markets do not handle public goods well. Markets are people, people don't handle public goods well. Perhaps because people as a whole see the inpracticality of restricting access to goods that are, well, public. Maybe there is a lesson to be learned there somewhere. | Kelsey and Schneier's Street Performer protocol don't work because of | free riders. This is interesting. Just about every system in the world has free riders. This country has free riders that are tax-evaders, car thieves, you name it the standard, society has someone who doesn't abide by it. That does not in any way make a system broken. That the system has flaws is to be expected, unless he who designed the system doesn't recognize basic human mistakes. Systems with free riders are not necessarily broken systems, nor are systems without free riders necessarily working ones. | The traditional way to provide for public goods is by government. | If we don't get DRM, that's probably what we will end up with: government | subsidies of the arts. Most musicians and other artists won't be able to | make enough money to live on even if their works are relatively popular. | The government will have to tax consumers and distribute the proceeds | to artists (and the RIAA, etc) in order to protect the content industry. There is no content industry in the tradional market sense. Such an industry is a fiction created by government exerting control far and beyond the original intent of government itself. It is proposterous that because a small group of people cannot get what they want by free association, they manage to get what they want by manipulating the law to their benefit. Don't get me wrong, there is a market for content and music, as long as someone puts a subjective value to a song, there will be a content market, likewise for
Re: Ross's TCPA paper
-- On 1 Jul 2002 at 15:06, Tim May wrote: I have strong views on all this DRM and TCPA stuff, and especially on the claim that some form of DRM is needed to prevent government from taking over control of the arts. But we said everything that needed to be said _years_ ago. No point in repeating the same points. No, it does need to be said again. You cannot merely do a copy and paste from the cyphernomicon. You will find it necessary a copy and paste from the cyphernomicon followed by several global search and replaces and a small amount of new material referring to current events. Palladium, as described by Microsoft, is actually a pretty cool idea that would be useful for quite a few cypherpunkly projects. When Microsoft gave its description of Palladium, there were a few caveats and maybes that to me sounded as if they were saying Well our hearts are in the right place, this is the way it will be if only it was not going to be the way that it actually is going to be. Unfortunately it is being introduced at the same time as there is legislation proposed, the SSSCA, to outlaw general purpose computers, turning them into set top boxes, and license software engineers, so that only a small number of specially privileged people will be permitted access to general purpose computers. This timing creates a reasonable suspicion that Palladium is in fact a stalking horse for that project, a preparation for a slightly more acceptable variant of the SSSCA. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG jJb9+mkN3R59T+7qqwbaNl6DlnXtC7susSRKhpeg 2XCDBLPYrZ4/b3EazgN2sjfbch9lCok9wmcWkHl6X
Re: Re: maximize best case, worst case, or average case? (TCPA
- Original Message - From: Ryan Lackey [EMAIL PROTECTED] I consider DRM systems (even the not-secure, not-mandated versions) evil due to the high likelyhood they will be used as technical building blocks upon which to deploy mandated, draconian DRM systems. The same argument can be applied to just about any tool. A knife has a high likelihood of being used in such a manner that it causes physical damage to an individual (e.g. you cut yourself while slicing your dinner) at some point in its useful lifetime. Do we declare knives evil? A hammer has a high likelihood of at some point in its useful life causing physical damage to both an individual and property. Do we declare hammers evil? DRM is a tool. Tools can be used for good, and tools can be used for evil, but that does not make a tool inherently good or evil. DRM has a place where it is a suitable tool, but one should not declare a tool evil simply because an individual or group uses the tool for purposes that have been declared evil. Joe
Re: Ross's TCPA paper
On Monday, July 1, 2002, at 02:23 PM, Anonymous wrote: [Repost] Bear writes: A few years ago merchants were equally adamant and believed equally in the rightness of maintaining their right to not do business with blacks, chicanos, irish, and women. It'll pass as people wake up and smell the coffee. Unfortunately that won't be until after at least a decade of really vicious abuses of private data by merchants who believe in their god-given right to snoop on their customers. My God, how low the cypherpunk list has sunk. Here we have someone not only demanding that merchants be forced to deal with pseudonymous customers, he invokes civil rights laws to support his argument! Where's Tim May when we need him? I'm right here. But you have missed something very important: Bear did not write that article for the _Cypherpunks_ list. It was one of many articles cross-posted between the _Cryptography_ list and the _Cypherpunks_ list and even some of Hettinga's many lists. Here are the headers: From: bear [EMAIL PROTECTED] Date: Sat Jun 29, 2002 10:03:33 PM US/Pacific To: Barney Wolff [EMAIL PROTECTED] Cc: '[EMAIL PROTECTED] ' [EMAIL PROTECTED], '[EMAIL PROTECTED] ' [EMAIL PROTECTED] Subject: Re: Ross's TCPA paper Here's a clue, Mr. Bear. The cypherpunks list was founded on the principle that cyberspace can enhance freedom, and that includes freedom to associate with whomever you choose. Racism is evil, but the solution must lie in people's hearts. Pointing a gun at them and forcing them to act in a politically correct manner (which is what civil rights regulations really do) is no solution to the problem. Bear left the Cypherpunks list a long while ago, citing fundamental disagreements. Cryptography was formed as a putatively apolitical list. Apparently this is no longer so, and its politics are at odds with the main themes on our list. (I believe this partly comes about precisely _because_ it supposedly has no political compass heading.) I have strong views on all this DRM and TCPA stuff, and especially on the claim that some form of DRM is needed to prevent government from taking over control of the arts. But we said everything that needed to be said _years_ ago. No point in repeating the same points. --Tim May Dogs can't conceive of a group of cats without an alpha cat. --David Honig, on the Cypherpunks list, 2001-11
Re: maximize best case, worst case, or average case? (TCPA
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Traffic Analysis is A Bitch, boys and girls. At 10:10 PM +0200 on 7/1/02, The Single-Remailer-Hop Anonymous Austrian Innumerate returns, writing: They do fine for ordinary, private goods. A signed, much less encrypted, copy of a piece of digital information, or even a digital service, for that matter, (teleoperated machine commands, or a live video feed answering a question, and, of course, computation and bandwidth) is, in fact, an ordinary, private good. Go find an economics dictionary, look up perfect competition, and come back when you have a clue, please. You don't need governments to have a market. People have been trading things with each other since they could make things and carry them from place to place. Frankly, if you have enough financial cryptography, and bearer settled transactions using that cryptography, you don't even need governments to have an *economy*. All you have to do is apply the mathematical economics of cash-settled, fungible, graded commodity markets to information and digital services and you get the answer. Look ma, no lawyers: The first copy to hit the network is worth a lot. The last copy is worth so little that it should be deleted from a hard drive. In the middle of the cloud, between the two, who ever owns a copy can sell another one, and they will, if there's any profit at all in it. That leaves transaction cost, and, frankly, I can do transactions down to a tenth of a penny, in bearer form cash, with a couple hundred thou in development costs. Add Moore's Law, and stir, um, liberally. Cheers, RAH -BEGIN PGP SIGNATURE- Version: PGP 7.5 iQA/AwUBPSDjuMPxH8jf3ohaEQKWVQCgraOTGRf9o9zETFK6zMVhXym5eeEAnRQF XEr7Spid7BIM4TmJPoFyKIZ2 =Gjwr -END PGP SIGNATURE- -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: maximize best case, worst case, or average case? (TCPA
-- On 1 Jul 2002 at 22:10, Anonymous wrote: The fact is that the market can't solve this kind of problem. That's right, markets are not perfect. [] But information objects, absent successful DRM restrictions, are effectively public goods. Markets do not handle public goods well. It is a standard theorem of economics that they underprovide public goods. Unfortunately, good government is also a public good, and so tends to be underprovided -- observe the current patent disaster, which obviously is retarding, rather than advancing, the development of technology. Our current patent and copyright laws show that government is in the pocket of content owners, rather than fostering content creators. Voluntary, genuinely free market DRM, is like voluntary, free market, gas chambers. If free market gas chambers remain free market, they will probably only be used for killing lice, but chances are they are not going to remain free market, since their nature makes them more appropriate to a governmental purpose than a private purpose. In fact, if created, DRM will already be subject to our infamous anti circumvention laws, which means that the necessary legislation to make them involuntary and non free market is already in place in advance. This is the true alternative to DRM. Anyone who respects the power of markets should understand that DRM is the key to allowing markets to function with information goods. Palladium is a module on your computer with its own private key and certified public key. Its capacity is to say I certify that the output with this hash was produced by the code with this hash from inputs with that hash. Nothing wrong with that. But we are already hearing Microsoft say well naturally governments have security concerns If Palladium is a gun for me, fine. If it is a gun for my government, and not me, not fine. Trouble is the people backing palladium are the people who brought us anti circumvention laws, the people who want guns for themselves, and no guns for me. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG uQgMm/3E4nYxuwkWrA2I281ui9Z8pFN4zJ9pQPX1 2uxQytiBkOD9AWSbzzbDk8Yl0l46vUsa3ySfrb8A9