RE: Gmail as Blacknet (legally required forgetting)
I don't know about your anecdote, but Mr. May's original point was that the law *requires* companies to forget. Which is of course an illegitimate intrusion of the state into private affairs. Well, this is not well understood by those outside the credit world. What the law actually states is (basically) a defaulted loan must be forgiven after seven years. In other words, it is illegal to continue to attempt to collect on a loan, 7 years after the default. However, it is perfectly legal to remember that an individual failed to pay back a loan. In practice, this means that a large brand-name Credit Card company can choose not to send an offer to someone that defaulted 10 years ago. Of course, they can't dunn that person anymore, but they don't have to offer a card. I know without any doubt that there is at least one that does this, and it's not like the Feds wouldn't notice! And the responsibles need killing. Well, in a lot of cases I agreed with May's sentiment, even if I'm not entirely sure this would do much. However, as for putting the Jews and blacks up chimneys, well add to that what appears to be an almost State Corporatism stance, and there's a discernable vector there...look up "Boehrman Flight Capital Organization" and I'm still not convinced the resemblance is coincidental. But those are side issues. At least, aside from the technical content, I still view May's harshest rantings as a sort of Fredom of Speech acid test...if one would try to forcibly or legally shut him down, then one probably "needs killing". -TD From: "Major Variola (ret)" <[EMAIL PROTECTED]> To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> Subject: RE: Gmail as Blacknet (legally required forgetting) Date: Fri, 09 Apr 2004 20:35:47 -0700 At 05:16 PM 4/9/04 -0400, Tyler Durden wrote: >(As an aside, although debt has to be -forgiven- after 7 years, contrary to >popular belief it is not true that a debt has to be -forgotten-...I know of >one credit major card company that will not accept 'new' cardmembers that >didn't pay back what they owed, even if that's 15 years ago. That's actually >perfectly legal.) I don't know about your anecdote, but Mr. May's original point was that the law *requires* companies to forget. Which is of course an illegitimate intrusion of the state into private affairs. And the responsibles need killing. Ahhh, that feels better. - "When I was your age we didn't have Tim May! We had to be paranoid on our own! And we were grateful!" --Alan Olsen _ Get rid of annoying pop-up ads with the new MSN Toolbar FREE! http://toolbar.msn.com/go/onm00200414ave/direct/01/
Re: Gmail as Blacknet (legally required forgetting)
Tyler Durden writes: > What the law actually states is (basically) a defaulted loan must be > forgiven after seven years. In other words, it is illegal to continue to > attempt to collect on a loan, 7 years after the default. There are different levels of illegal. The most important one is the statute of limitations on suing the individual, and converting the delinquent debt into a judgment, with which assets can be forcibly seized. This varies by state, and also varies by whether there is a contracted for amount in writing, such as a loan or mortgage, or whether the debt is an "open account", which would cover revolving charge accounts with retail establishments, and also in most states, credit cards. A typical statute of limitations for open accounts is 3 years. Contracts can go up to 10 years, depending on where you reside. You can still be sued over any debt, but you can move to dismiss if the statute of limitations has expired. The other axis of debt is "reporting", which is how long the credit bureaus and other organizations which keep files on you can tell other people about the debt. This is typically 7 years for delinquencies, and 10 years for bankruptcies and judgments. This only applies to reporting for credit purposes. Nothing is ever expunged from your credit file. The file is simply redacted according to who is requesting it. LEAs, and also in certain cases employers, can see your entire credit file from day one, with information you have contested, and an audit trail of possibly successful attempts to have it "removed." Now, as far as collection practices go, there is absolutely nothing to prevent your basic brand name credit card company with which you have a 20 year old delinquency, from offering you a financial product which includes re-affirming all or part of an old debt, even one which has been discharged through bankruptcy. For instance, they can offer you a new gold card with your charged off balance on it, forgive all the interest and fees since charge off, charge no interest, and give you 50 cents on every dollar paid off added to your credit line, and free tickets to the Super Bowl, all "PRE_APPROVED." This can do this with money you owe them, or with a delinquent account they have purchased from someone else in the marketplace. THe only restriction is that they cannot report you paid off the old debt to the credit bureaus, if it is over 7 years delinquent. In almost all cases, you're an idiot to accept such an offer, of course. So, as you see, all of this is a bit more complex than it being "illegal" to collect on anything over 7 years. They can't win a lawsuit. They can't call you at 2 AM in the morning to bitch if you send them a "cease and desist" notice. But they can certainly trade your antique debt in the debt marketplace, and anyone who buys it is free to think up all the clever ways they can invent in order to seduce you to pay it off, before selling it at an even greater discount to the next lowest level of the delinquent debt food chain. Now, occasionally, states Attorneys General get after companies who try and collect on old debts. I remember a few years ago, American Express got some flack over its practice of letting people who went through bankruptcy keep their American Express Cards if they re-affirmed the balance. It is, however, a largely unregulated industry, aside from an occasional wrist-slapping. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law"
RE: Gmail as Blacknet (legally required forgetting)
At 05:16 PM 4/9/04 -0400, Tyler Durden wrote: >(As an aside, although debt has to be -forgiven- after 7 years, contrary to >popular belief it is not true that a debt has to be -forgotten-...I know of >one credit major card company that will not accept 'new' cardmembers that >didn't pay back what they owed, even if that's 15 years ago. That's actually >perfectly legal.) I don't know about your anecdote, but Mr. May's original point was that the law *requires* companies to forget. Which is of course an illegitimate intrusion of the state into private affairs. And the responsibles need killing. Ahhh, that feels better. - "When I was your age we didn't have Tim May! We had to be paranoid on our own! And we were grateful!" --Alan Olsen
RE: Gmail as Blacknet
Actually, to some extent I did realize this, though I couldn't resist the droll troll urge. And of course, perpetual storage isn't really any kind of end-goal itself...the 'goal' of course is to be able to securely store and move information without fear (or the possibility due to anonymity) of reprisal, if that is so desired. (As an aside, although debt has to be -forgiven- after 7 years, contrary to popular belief it is not true that a debt has to be -forgotten-...I know of one credit major card company that will not accept 'new' cardmembers that didn't pay back what they owed, even if that's 15 years ago. That's actually perfectly legal.) That said, I guess the dude does have an interesting point under all that stuff, after all. That point being that (most likely) free email capabilities may in some cases become like the now-defunct lockers in Grand Central Station...a place where "stuff" can be stored securely, and access granted at will. The key feature (as you point out) isn't so much the storage capacity (although the increasing size of such capacity makes this a more and more attractive option), but the google search feature. OK, point conceded (once I tore off the wrapper). -TD From: "Major Variola (ret)" <[EMAIL PROTECTED]> To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> Subject: RE: Gmail as Blacknet Date: Fri, 09 Apr 2004 10:48:02 -0700 At 09:58 AM 4/9/04 -0400, Tyler Durden wrote: >Well, I never claimed to be Einstein, but your "3 simple steps" sound a hell >of a lot like my recipe for making a ham sandwich: Hardly. One could put together a very slick "drop file here for encrypted net storage" script in a day. One could even prototype this using any net mail system like Yahoo, albeit with a rather piddling storage capacity. By including plaintext search tokens (meaning known only to you, perhaps derived from hashing keywords) you could use Gmail's search feature to find stored data. This uses local encryption and net-based storage & backup. Sounds good to me. It would be rather telling if Google said "no encrypted email" wouldn't it? :-) _ Get rid of annoying pop-up ads with the new MSN Toolbar FREE! http://toolbar.msn.com/go/onm00200414ave/direct/01/
RE: Gmail as Blacknet
At 09:58 AM 4/9/04 -0400, Tyler Durden wrote: >Well, I never claimed to be Einstein, but your "3 simple steps" sound a hell >of a lot like my recipe for making a ham sandwich: Hardly. One could put together a very slick "drop file here for encrypted net storage" script in a day. One could even prototype this using any net mail system like Yahoo, albeit with a rather piddling storage capacity. By including plaintext search tokens (meaning known only to you, perhaps derived from hashing keywords) you could use Gmail's search feature to find stored data. This uses local encryption and net-based storage & backup. Sounds good to me. It would be rather telling if Google said "no encrypted email" wouldn't it? :-)
RE: Gmail as Blacknet
Tyler Durden writes: > "Ironically, some of the features of Gmail bear resemblance to BlackNet. > In particular, its claimed policy of retaining email indefinitely, > even after the recipient has stopped using the account, is reminiscent > of BlackNet's function as a data haven, as well as other Cypherpunk > projects like the Eternity Network. This retention is objectionable to > conventional privacy groups, but Cypherpunks will recognize it as being > deeply in accord with their values." > > Poo poo. The difference between a potential blacknet and Gmail is that > there's little doubt that google will cough up the true names of > objectionable posters, if and when anyone looking even remotely > authoritative/governmental comes pounding on their doors. In a worst-case > Blacknet, my True Name will only be gettable by agents of the state via the > expenditure of very large amounts of resources, if at all. You have missed the point of the analogy entirely. BlackNet makes information available even when the subjects of the information (or any other parties) want it suppressed. It is a censorship-proof store of data. If information about you is stored in BlackNet, anyone can get access to it (for a price, perhaps), and you can't do anything about it. To make Gmail more like BlackNet, you should first do as others have suggested and access it via cryptographic anonymity techniques (see the recent announcements for the onion routing network now being developed, http://www.freehaven.net/tor. Now you can use it as a store of data for your pseudonym without linking to your true identity. A second step is to then PGP-encrypt all email going to your Gmail address. This could be done easily by someone writing a mail forwarder which accepted email for any username, looked up a PGP key for that name and encrypted the email, then forwarded it along to the corresponding username at Gmail. This would be less than one page of Perl. You would give out the name of a system running such a script as your email address, but your encrypted mail would then be stored and accessed at Gmail. You'd gain the advantage of their multi gigabyte storage facility while protecting the privacy of your own email. And I'd like to see their adwords facility struggling to come up with something appropriate when the only legible text is "BEGIN PGP ENCRYPTED MESSAGE". A third step is to get a browser plugin which would transparently decrypt PGP encrypted email stored at web mail services like Gmail, Yahoo mail, etc. At one time this would have been an overwhelmingly difficult task due to the multiplicity of browsers; at a later time, it would have been impractical due to the dominance of IE; but today, with Mozilla becoming a widely used, standardized, open source alternative to IE, it is finally possible for such browser customizations to become generally available and useful. So there you have it, a simple three step program to turn your Gmail account into a privacy-protected, virtually unlimited-size data store.
RE: Gmail as Blacknet
> And I'd like to see their >adwords facility struggling to come up with something appropriate when >the only legible text is "BEGIN PGP ENCRYPTED MESSAGE". Wow are you non-commercial :-) All the spy stores, sec phone makers, disk encryptors, VPN vendors, etc will be paying top dollar to get seen by privacy fans. Perhaps PGP etc will take out ads for those who *don't* have this header :-)
RE: Gmail as Blacknet
Well, I never claimed to be Einstein, but your "3 simple steps" sound a hell of a lot like my recipe for making a ham sandwich: First, order a steak in a restaurant. Second, tell them to add two slices of bread. Third, tell them you don't want beef as the primary meat of your steak, you want pork. Tell them, "Uh, change that pork to ham, and put it between the two slices of bread". Oi La! Instant Ham sandwich! -TD From: An Metet <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: RE: Gmail as Blacknet Date: Fri, 9 Apr 2004 02:08:39 -0400 Tyler Durden writes: > "Ironically, some of the features of Gmail bear resemblance to BlackNet. > In particular, its claimed policy of retaining email indefinitely, > even after the recipient has stopped using the account, is reminiscent > of BlackNet's function as a data haven, as well as other Cypherpunk > projects like the Eternity Network. This retention is objectionable to > conventional privacy groups, but Cypherpunks will recognize it as being > deeply in accord with their values." > > Poo poo. The difference between a potential blacknet and Gmail is that > there's little doubt that google will cough up the true names of > objectionable posters, if and when anyone looking even remotely > authoritative/governmental comes pounding on their doors. In a worst-case > Blacknet, my True Name will only be gettable by agents of the state via the > expenditure of very large amounts of resources, if at all. You have missed the point of the analogy entirely. BlackNet makes information available even when the subjects of the information (or any other parties) want it suppressed. It is a censorship-proof store of data. If information about you is stored in BlackNet, anyone can get access to it (for a price, perhaps), and you can't do anything about it. To make Gmail more like BlackNet, you should first do as others have suggested and access it via cryptographic anonymity techniques (see the recent announcements for the onion routing network now being developed, http://www.freehaven.net/tor. Now you can use it as a store of data for your pseudonym without linking to your true identity. A second step is to then PGP-encrypt all email going to your Gmail address. This could be done easily by someone writing a mail forwarder which accepted email for any username, looked up a PGP key for that name and encrypted the email, then forwarded it along to the corresponding username at Gmail. This would be less than one page of Perl. You would give out the name of a system running such a script as your email address, but your encrypted mail would then be stored and accessed at Gmail. You'd gain the advantage of their multi gigabyte storage facility while protecting the privacy of your own email. And I'd like to see their adwords facility struggling to come up with something appropriate when the only legible text is "BEGIN PGP ENCRYPTED MESSAGE". A third step is to get a browser plugin which would transparently decrypt PGP encrypted email stored at web mail services like Gmail, Yahoo mail, etc. At one time this would have been an overwhelmingly difficult task due to the multiplicity of browsers; at a later time, it would have been impractical due to the dominance of IE; but today, with Mozilla becoming a widely used, standardized, open source alternative to IE, it is finally possible for such browser customizations to become generally available and useful. So there you have it, a simple three step program to turn your Gmail account into a privacy-protected, virtually unlimited-size data store. _ Get rid of annoying pop-up ads with the new MSN Toolbar FREE! http://toolbar.msn.com/go/onm00200414ave/direct/01/
Re: Gmail as Blacknet
At 05:26 AM 4/8/04 -0400, An Metet wrote: >The privacy news has been full of fuss and bluster lately about >Google's proposed Gmail service. >Cypherpunks have two somewhat contradictory positions on the issue. >First, as lovers of privacy, they will share the concerns in the letter >and they would be reluctant to use Gmail as configured, at least with >any pseudonym which hoped to retain privacy. I disagree. A punk would assume any server not under their control archives everything, as do all routers between said punk and the server. But second, as lovers of >freedom, they would encourage Google and every other company to experiment >with new services and new technologies, allowing individuals to freely >decide whether to use them or not. We should use the service but only send encrypted mail :-) >One of the oldest Cypherpunk philosophical thought experiments >was BlackNet, a hypothetical offshore data haven whose main job, >paradoxically, was to defeat privacy. BlackNet would serve as a market >and a storage facility for information that might be of value, one example >being credit rating information. BlackNet demonstrated that even when >third parties sought to prevent the flow of information, for example >by mandating that credit report data be deleted after so many years, >Cypherpunk technologies could keep the information available and alive. The net never forgets. BlackNet would support that behavior even in the face of Men with Guns. >Oddly, few Cypherpunks appeared to notice the inconsistency with a >supposedly privacy-oriented group promoting a technology which would >harm privacy. The actual resolution is that Cypherpunks see privacy as >a means to an end. That end is freedom. Privacy will lead to freedom >by allowing people to communicate and contract without interference and >meddling by interlopers. BlackNet is an example of the kind of system >which would appear if people were truly free. That it harms privacy is >merely an incidental side effect. The LA riots were excellent reminders to the layfolk that guns are important. BlackNet's persistant-despite-your-guns behavior is an excellent reminder to curb your info-promiscuity. >>From the Cypherpunk perspective, the criticism of Gmail misses the mark; >rather, all web mail systems should be understood as fundamentally >inconsistent with privacy. If you want privacy, you have to do it >yourself. Writing an angry letter is at best going to make the privacy >violations more covert. It accomplishes nothing in the end. Yep. It could still be useful for things like distributed data storage, dead-man switches, etc. where content is encrypted. Much like any other free service, only nominally with more storage. --- I think people have not quite gotten their hands around the speed at which information can be disseminated online. -Monica Lewinsky, LATimes 9 may 01 http://www.latimes.com/business/columns/celebsetup/lat_monica010510.htm
RE: Gmail as Blacknet
"Ironically, some of the features of Gmail bear resemblance to BlackNet. In particular, its claimed policy of retaining email indefinitely, even after the recipient has stopped using the account, is reminiscent of BlackNet's function as a data haven, as well as other Cypherpunk projects like the Eternity Network. This retention is objectionable to conventional privacy groups, but Cypherpunks will recognize it as being deeply in accord with their values." Poo poo. The difference between a potential blacknet and Gmail is that there's little doubt that google will cough up the true names of objectionable posters, if and when anyone looking even remotely authoritative/governmental comes pounding on their doors. In a worst-case Blacknet, my True Name will only be gettable by agents of the state via the expenditure of very large amounts of resources, if at all. -TD From: An Metet <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Gmail as Blacknet Date: Thu, 8 Apr 2004 05:26:00 -0400 The privacy news has been full of fuss and bluster lately about Google's proposed Gmail service. The latest complaint comes at http://www.privacyrights.org/ar/GmailLetter.htm with an open letter from dozens of privacy groups to the Google founders asking them to revamp the service. Cypherpunks have two somewhat contradictory positions on the issue. First, as lovers of privacy, they will share the concerns in the letter and they would be reluctant to use Gmail as configured, at least with any pseudonym which hoped to retain privacy. But second, as lovers of freedom, they would encourage Google and every other company to experiment with new services and new technologies, allowing individuals to freely decide whether to use them or not. One of the oldest Cypherpunk philosophical thought experiments was BlackNet, a hypothetical offshore data haven whose main job, paradoxically, was to defeat privacy. BlackNet would serve as a market and a storage facility for information that might be of value, one example being credit rating information. BlackNet demonstrated that even when third parties sought to prevent the flow of information, for example by mandating that credit report data be deleted after so many years, Cypherpunk technologies could keep the information available and alive. Oddly, few Cypherpunks appeared to notice the inconsistency with a supposedly privacy-oriented group promoting a technology which would harm privacy. The actual resolution is that Cypherpunks see privacy as a means to an end. That end is freedom. Privacy will lead to freedom by allowing people to communicate and contract without interference and meddling by interlopers. BlackNet is an example of the kind of system which would appear if people were truly free. That it harms privacy is merely an incidental side effect. The lesson is that Cypherpunks value freedom over privacy. They will therefore welcome Gmail as an institutional experiment that demonstrates the value of freedom, even if they personally would rather not partake of its services. Ironically, some of the features of Gmail bear resemblance to BlackNet. In particular, its claimed policy of retaining email indefinitely, even after the recipient has stopped using the account, is reminiscent of BlackNet's function as a data haven, as well as other Cypherpunk projects like the Eternity Network. This retention is objectionable to conventional privacy groups, but Cypherpunks will recognize it as being deeply in accord with their values. And of course the real lesson of Gmail is that we have no way of knowing whether Hotmail and other web based email providers are doing the same thing, but more quietly. These companies may be retaining and archiving email to a far greater degree than most people imagine. Cypherpunks know that trusting third parties to protect their information is the height of foolishness. >From the Cypherpunk perspective, the criticism of Gmail misses the mark; rather, all web mail systems should be understood as fundamentally inconsistent with privacy. If you want privacy, you have to do it yourself. Writing an angry letter is at best going to make the privacy violations more covert. It accomplishes nothing in the end. _ Get rid of annoying pop-up ads with the new MSN Toolbar FREE! http://toolbar.msn.com/go/onm00200414ave/direct/01/
RE: Gmail as Blacknet
On Thu, 8 Apr 2004, Tyler Durden wrote: > Poo poo. The difference between a potential blacknet and Gmail is that > there's little doubt that google will cough up the true names of > objectionable posters, if and when anyone looking even remotely > authoritative/governmental comes pounding on their doors. In a worst-case > Blacknet, my True Name will only be gettable by agents of the state via the > expenditure of very large amounts of resources, if at all. > > -TD Careful use of Google (as you should carefully use any public network resource), which always uses multiple proxys, one-way addresses, etc, could make for a verry effective manipulator (as well as simple user) of such a system as Gmail. //Alif -- "One of the nice things about ignorance is that it is curable. Unlike Neo-Conservatism." Eric Michael Cordian