On Mon, 31 May 1993, Skye Merlin Poier wrote:
Has there been any discussion of anonimity / crypto anarchy in a virtual world such as the ones described in _Snow Crash_ or _Neuromancer_? When the nets to support these technologies come into place (and I have no doubt that they will), perhaps a form of anonimity could be written into the architechture, instead of having to add it on later as is the case now.... I would certainly be very interesting, especially with the work being done on creating alternate personas (or avatars, whatever).
I am glad to see some consideration of possible hypothetical future scenarios here; it is important to have an eye for the future of things. I think that building privacy into the architecture would be inherently dangerous, however, it is a perfect way for the people building the system to oppress the users, all the while convincing them that the system is secure. Clipper is a perfect example of this, anonymity is supposedly being built into the system with the Clipper chip. The trouble, of course, being the inherent INsecurity--but consider how much more dangerous it would be if the insecurities were not even known, yet we were expected to rely on the fact that 'privacy and anonymity are built into the architecture'? No, this is the perfect beginning for a system where the populace is monitored with the argument that "if you had nothing to hide, you would not be going out of your way to hide it, besides, the system has INHERENT, BUILT-IN SECURITY...." The only way to ensure your privacy is to seize it yourself.
Also, a while back someone mentioned in passing buried cables.. this stirred up an old idea I had about server anonimity, that is that the actual physical location of a server would be very difficult to pin down... the only way to do this with any real degree of security would be to bounce signals off a satellite but this would be rather costly...
There are a lot of ways to get a signal around the world without using a satellite, ask any amateur radio enthusiast. Besides, the more diverse the signal transmission methods are, the more difficult the signals will be to both trace and interfere with. I have always been kind of fascinated with the idea of a truly decentralized system, much like the internet is today, where each node had responsibilities to connect to the nodes around it, but the actual interconnection was entirely up to the nodes involved, so that there could be no standard, homogenous method of tracing connections. A pair of nodes could be connected by direct connection, hidden wires, satellite connection, voice grade wires, ionosphere bounce, lunar bounce, repeated packets, lasers, microwaves, IR, whatever... This would provide a tight net that would be almost impossible to control with heavyhanded regulations and oppression. If each node on the net had a seperate public key and all traffic between nodes was decrypted coming in and encrypted going out to the next node, aspiring Big Brothers would have even more of a headache. Why is there not more work being done on encrypting all internode traffic streams? It doesn't seem too hard. An aside: has anyone dealt with the concept of on-the-fly encryption for mass storage, kind of like the way the PCs can be 'stacked' or 'doubled' or whatever with on-the-fly compression? I was thinking about trying to write some drivers for this for a 486 but I have never tried to write a device driver before and was wondering if anyone might have any suggestions. I was thinking of something along the lines of: your entire drive is encrypted with your public key. That way people can send you files and deposit files and all of that jazz no problem. When you boot up the system each time it asks you to insert a floppy with your private key on it. You would keep this floppy on you as if it were an actual, physical key. (perhaps in the future PCMIA cards or something more durable and portable can be used) It asks for your password to verify your key and loads that key somewhere into memory. It then uses they key for the rest of the session to decrypt everything coming from the specified mass storage devices and encrypt everything going to them transparantly. This seems like a great idea to me, my two problems that I was hoping someone might be able to help me with are: 1) these public key algorithms that we are working on are slow as balls, any idea if this would be feasable, given how PC users like to equate hard drive speed with penis size? 2) it seems that having your private key hanging around somewhere in memory the whole session would be horribly insecure, and would make it very easy for someone to walk up to a running PC and run some program that would snatch it from memory (assuming something like this catches on and there are some standard programs out there that poeple become familiar with) so how could I protect the key from getting filched from a running system aside from the standard 'password protect your screen saver' and other insecure hacks like that?
Skye -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/
Hugs and kisses, -Ryan the Barcode Guy