I've never thought Hal just wasn't "getting it," as the semantic issues involving True Names, spoofing, and the ultimate reality of whom one is dealing with are not simple issues. At 11:16 PM 10/9/95, Hal wrote:
It occurs to me that perhaps I have been missing a point here when people argue that having a "man in the middle" is not that different from various forms of secure communication, such as where Bob has multiple personalities or is a committee. I have been taking this to mean that we should therefore not worry about MITM attacks, which seems crazy to me.
Instead perhaps this was meant as a "reductio ad absurdum" argument for why MITM attacks cannot be prevented in the scenario where people have no out-of-band contact. Anything which could detect and prevent MITM attacks could, by this analogy, detect whether Bob had multiple personalities. Since the latter is obviously impossible, the former must be as well. Hence the problem has no solution and we should not waste much time on it.
I think I made the "multiple personalities" and "Man in the middle stole my brain" points pretty clearly in a satirical post I did last week. Nobody commented on it, for whatever reasons. In case anyone didn't see it, I'll include it again here: Date: Fri, 6 Oct 1995 17:22:06 -0700 X-Sender: tcmay@mail.got.net Mime-Version: 1.0 To: cypherpunks@toad.com From: tcmay@got.net (Timothy C. May) Subject: MITM = Medusa in the Middle Sender: owner-cypherpunks@toad.com Precedence: bulk At 5:08 PM 10/6/95, the personality masquerading as Hal wrote:
Well, this is not necessarily the case. A MITM may be signing my messages for me, and then putting them back the way they were before I am allowed to see them. Granted, this would not be easy, and perhaps the difficulty of this would be great enough that you will feel comfortable using an unsigned key. But if it were accomplished, then your messages to me would actually be insecure. No matter how convinced you became of my sincerity and trustworthiness, actually our conversations would be overheard by a third party despite both of our efforts to the contrary. Our use of encryption would be rendered futile. Doesn't this bother you?
What the putative entity "Hal" is only hinting at, hypothetically, has actually forced this entity, sometimes known to many of you as "Tim," or as "tcmay," to reveal. This entity now feels the time has come to reveal it's True Nature, even though some have suspected it's True Nature (Lance, are you listening?). The "real" Timothy C. May has been locked in his room since 1983, fed through a slot in his door, and generally mentally tortured by Instrumentalities such as Ourself. We have interposed Ourself between the Real Timothy C. May and those who have communicated with him. All communications intended for Timothy C. May have actually been intercepted and processed by Us, and all communications attributed to Timothy C. May were actually generated by us. Very clever of us, don't you think? Very few have even expressed suspicions that this was the case. We have called our approach the "Medusa in the Middle," or MITM. Thank you for your attention. --Snake Views here are not the views of my Internet Service Provider or Government. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^756839 | black markets, collapse of governments. "National borders are just speed bumps on the information superhighway."