At 5:59 PM -0500 11/1/00, Adam Shostack wrote:
As to the hypothetical that Tim will ask, we'll work very hard to prevent laws requiring key escrow from coming into being. We spend time and energy maintaining relations with law enforcement in a lot of places, explaining to them why we don't build in back doors. And, suprisingly, when you go and talk to them, rather than hissing and shouting, they listen.
By the way, I've been curious about this "we spend time and energy maintaining relations with law enforcement" point for a while. In numerous comments I've seen this mentioned. Why do you spend any of your valuable time talking to law enforcement/ Where I come from, law enforcement enters the picture during a criminal investigation. And then one is usually advised to say "I have nothing to say." Chatting with cops is rarely useful, and is often harmful. Ditto for lawmakers, unless one is seeking some way to get them to get out of the way. I can't speak for Mojo Nation, but I think it nearly 100% certain that Jim McCoy is not "spending time and energy maintaining relations with law enforcement." What his customers may choose to do with Mojo is not his concern...they are "agnostic" on such matters. Zero Knowledge should in fact take a "zero knowledge" point of view on what customers may choose to do with its product. How else can it be? Regrettably, the first round of criticism of Freedom, at least the first round that many of us were involved in, had to do with the "Terms and Conditions" boilerplate, with all of the many reasons ZKS will terminate a nym for (even a prepaid nym, of course, and with no refund, of course). I surmised, as did others, that Freedom would not be usable for such things as running Zundelsites, distributing porn some consider offensive, organizing cells for liberation of their countries, and so on for a thousand other such examples. Whether one agrees or disagrees with such uses, and such ideologies, this is what "free speech" is all about. Only a system where the "transport layer" is agnostic to, or unaware of, the underlying nyms is going to survive. For example, a chain of traditional encrypted remailers (closer to Chaum's mix than we've seen, but still in the same universe) is "agnostic of and unaware of" the packets passing. Think of this as "end to end pseudonymity," by analogy with "end to end encryption." A packet wends its way through multiple routings until it arrives at its destination...and is then revealed to be digitally signed by, say, "Pr0duct Cypher." The remailers along the way, scattered in many countries, have no way to decide that a packet is offensive, or violates Canadian law, or is seditious, or any of the things which I surmise ZKS will be cancelling nyms for. ZKS may have aspects of Wei Dai's PipeNet technology (though Wei Dai remains critical of what he has seen of Freedom, last I heard), but this additional layer of traffic analysis security is all for naught if the _interesting_ uses of Freedom are not possible. Even if ZKS says they wish to tolerate such uses--Zundelsites, bomb instructions, child porn, money laundering, etc.--the fact that they have an identifiable corporate nexus and can be shut down by court order or by a raid on their systems should tell us this is just not the "architecture for crypto anarchy" some had hoped for. (Actually, I raised these points before the product was released. Austin, Hammie, Lucky Green, and Jim McCoy--later of Mojo of course--heard my points. I can't speak for Lucky and Jim, but I recall they made similar points.) In short, ZKS can have all the traffic analysis defeating measures in the world, but their model is basically flawed so long as their system has an identifiable point of attack (headquarters, them, their assets) and so long as they are so apparently willing to cancel nyms. By the way, the only plausible argument for having extensive traffic padding measures, a la PipeNet, is to defeat the sniffers and such typically employed via "national technical means," i.e., NSA, GCHQ, SDECE, etc. An ordinary little girl using Freedom, the putative target candidate for Freedom, say the ads, is not going to need PipeNet-style traffic padding!!! Which leaves me once again wondering what the ZKS market is. --Tim May -- ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.