I try to avoid responding to Detweiler's points, even the good ones he often makes (because he was so flamish and insulting in '93-'94 and because he forged my name on anti-semitic rants posted to soc.culture.jewish and soc.culture.german, amongst other such serious behaviors on his part). However, he has asked a direct question (though he does his characteristic speculation on the "real" facts and adds his "hee hee" noise), so I will answer. At 7:12 PM -0800 11/5/96, Vladimir Z. Nuri wrote:

TCMay is well represented with several essays in a section on "encryption, privacy, and crypto-anarchism". 3 essays, Crypto Anarchist Manifesto, Intro to Blacknet, and BlackNet worries.

I was curious about TCMay's essay on Blacknet, though, that mentions a mysterious "X" who he credits as raising many of the issues surrounding Blacknet on the cpunk mailing list in Feb 1994. Ludlow states in a footnote TCMay "elided references to interlocutors". I wonder about the identity of the mysterious "X" and whether he/she is still posting to the list. does anyone know who he/she is?

Yes, someone does. An easy way to find out what was elided is to consult the archives, such as they are, or consult one's personal store of saved messages from that period, and read the original. (Lest anyone not be able to do this, I have included the original message at the end of this message. There were also a bunch of related posts from folks such as Hal Finney, Sandy Sandfort, Pat Farrell, Stanton McCandlish, Duncan Frissell, etc.) When Ludlow sent me what items of mine he proposed to include in his book, there were two standalone essays (the 1988 Manifesto and the 1993 Introduction to BlackNet) and an item of Cypherpunks list traffic that included quoted material and comments from others. For example, Hal Finney. I told Ludlow that I could grant republication rights for _my_ stuff, but certainly not for others. And I pointed out that the e-mail item lacked some context, contained some asides which were not germane to the larger points, and that I would prefer to rework the e-mail item if he wanted to include it. (With the statement that the piece had been edited...when I glanced at the Ludlow book in a bookstore (I haven't justified to myself paying $30 for a damned paperback!!!), I think I noticed that he included my e-mail to him as the intro to the piece! I suppose I could have contacted those who had influenced the piece and arrange for formal releases of rights, or ask that Ludlow do so, but I really wanted to rework the piece, as I noted. For example, I modified some of the examples I used, as what is appropriate to discuss in a published book is always a bit different from what is OK to use in e-mail, even to a mailing list.

I was thinking it would be interesting to see whether he/she still feels the same about Blacknet and/or get a new conversation going about the subject with the insight that time can bring.

Well, these discussions have come up many times. Recently, Doug Barnes has had comments on the BlackNet issue. Hal's comments are available.

I wonder why TCMay found it important to elide "X"'s identity-- perhaps "X" was one of his tentacles? (hee, hee)

Back on your lithium, Vlad. Or are you using Pablo now? Or Medusa? Or just Lance? Here is the article excerpted and edited in the Ludlow book: From: tcmay (Timothy C. May) Subject: Re: Blacknet worries To: cypherpunks@toad.com Date: Sun, 20 Feb 1994 12:33:12 -0800 (PST) Cc: tcmay (Timothy C. May) MIME-Version: 1.0 Status: RO Hal Finney makes some comments about the dangers (I call them benefits) of systems like "BlackNet," the hypothetical-but-inevitable entity I described last fall. These dangers/benefits have been apparent to me since around 1988 or so and are the main motivator of my interest in "crypto-anarchy," the set of ideas that I espouse. (I don't often dwell on them on this list, partly because I already have in the past, and in the "Crypto-Anarchist Manifesto" and other rants at the soda.berkeley.edu archive site, and partly because the Cypherpunks list is somewhat apolitical...apolitical in the sense that we have libertarians, anarcho-syndicalists, anarcho-capitalists, Neo-Pagans, Christian Fundamentalists, and maybe even a few unreconstructed Communists on the List, and espousing some particular set of beliefs is discouraged by common agreement.) However, since Hal has raised some issues, and the general issues of data havens, anonymous information markets, espionage, and other "illegal" markets have been raised, I'll comment. Besides, volume on the List has been awfully light the past few days. Maybe it's my mail delivery system slowing down, maybe it's the Olymics (I say put Tonya up on the gold medalist's platform, put the gold medal around her neck, then the noose, then kick the platform out from under her), or maybe it's the natural exhaustion of the last set of hot topics. First, a legal caveat. I openly acknowledge having written the BlackNet piece--proof is obvious. But I did *not* post it to Cypherpunks, nor to any other mailing lists and certainly not to Usenet. Rather, I dashed it off one night prior to a nanotechnology discussion in Palo Alto, as a concrete example of the coming future and how difficult it will be to "bottle up" new technologies (a point Hal alludes to). I sent this note off to several of my associates, via anonymous remailers, so as to make the point in a more tangible way. I also printed out copies and passed them out at the nanotech meeting, which was around last September or so. Someone decided to post this (through a remailer) to the Cypherpunks list. Kevin Kelly and John Markoff told me they've seen it on numerous other lists and boards, and of course Detweiler has recently posted it to dozens of newsgroups (though it got cancelled and only the "echoes" remain in most places...a few folks forwarded copies to ohter sites, with comments, so they were not affected by the cancellation message). My legal protection, my point here, is that I did not post the BlackNet piece, it does not exist as an actual espionage or data haven entity, and my point was rhetorical and is clearly protected by the First Amendment (to the Constitution of the country in which I nominally reside). On to Hal Finney's points:

Tim's Blacknet story has gotten a lot of reaction after Detweiler's random posting escapade last week. I think it is a good essay, but there is one point I don't think was stressed enough.

...

BlackNet is currently building its information inventory. We are interested in information in the following areas, though any other juicy stuff is always welcome. "If you think it's valuable, offer it to us first."

- trade secrets, processes, production methods (esp. in semiconductors) - nanotechnology and related techniques (esp. the Merkle sleeve bearing)

...

The glaring omision, mentioned only in passing, is military intelligence.

Yes, military intelligence will become much more "fungible" in the future I envision. It already is, of course, a la the Walkers, but computer-mediated markets and secure encryption will make it so much more efficient and liquid. Buyers will be able to advertise their wants and their prices. Ditto for sellers. Of course, decoys, disinformation, and the like come to the fore. To pick a trivial example, someone sits above a busy port and watches ship movements from the privacy of his apartment. He summarizes these, then sells them for a paltry-but-comfortable $3000 a month to some other nation. (The ease of doing this means others will get into the market. Prices will likely drop. Hard to predict the final prices...the beauty of free markets.)

A friend at work tells me that in the Manhattan project, presumably one of the most secret projects ever attempted, the Soviet Union had no

Yes, Hal's point is valid. William Gibson, so reviled in some cyberpunk quarters (it's tres chic to bash him) anticipated this some years back in "Count Zero," in which the scientists of a company are held isolated on a mesa in New Mexico--recall the rescue/escape by ultralight aircraft off the mesa? The motivation for thinking about BlackNet, which is what I dubbed this capability in late 1987, was a discussion with the late Phil Salin that year about his as-yet-unfunded company, "AMIX," the American Information Exchange. I played the Devil's Advocate and explained why I thought corporate America--his main target for customers--would shun such a system. My thinking? - corporations would not allow employees to have corporate accounts, as it would make leakage of corporate information too easy (Example: "We will pay $100,000 for anyone who knows how to solve the charge buildup problem during ion implant of n-type wafers." Many corporations spend millions to solve this, others never did. A "market" for such simple-to-answer items would revolutionize the semiconductor industry--but would also destroy the competitive advantage obtained by those who first solved the problems. Another example, from earlier on, is the alpha particle problem plaguing memory chips. I figured out the problem and the solution in 1977, at Intel, and then Intel kept it a deep secret for the next year, allowing its competitors to wallow in their soft error problems for that entire year. When I was eventually allowed to publish--a decision made for various reasons--the competitors raced for the telephones even before I'd finished presenting my paper! Imagine how much I could've sold my "expertise" for in the preceding year--or even after. Of course, Intel could have deduced who was selling what, by various intelligence-copunterintelligence ploys familiar to most of you (canary traps, barium, tagged info). But the point is still clear: an information market system like AMIX means "digital moonlighting," a system corporations will not lightly put up with. If information markets spread, even "legit" ones like AMIX (not featuring anonymity), I expect many corporations to make non-participation in such markets a basis for continuing employment. (The details of this, the legal issues, I'll leave for later discussions.)

Keeping business secrets and manufacturing techniques secret is one thing. But, from the point of view of the government, the world of Blacknet could be an utter disaster for the protection of military secrets. Despite its consumption of a large fraction of our society's resources, government jobs tend not to be high paying, especially compared to jobs with comparable degrees of responsibility in civilian life. The temptation to sell secrets for cash has got to be present for almost everyone. But it is balanced against the immense practical problems involved: making contacts, arranging deliveries, being caught in a "sting" operation.

Yes, which is why I always used to use "B-2 Stealth Bomber blueprints for sale" as my canonical example of a BlackNet ad. Hundreds of folks at Northrup had access to various levels of B-2 secrets. The "problem" for them was that military intelligence (Defense Intelligence Agency, Office of Naval Intelligence, CIA, NDA, etc.) was watching them (and they knew this) and monitoring the local bars and after-work hangouts. Read "The Falcon and the Snowman," or rent the movie, for some details on this. Anonymous markets completely change the equation! (By the way, many other "tradecraft" aspects of espionage are similarly changed forever....and probably already have been changed. Gone will be the messages left in Coke cans by the side of the road, the so-called "dead drops" so favored by spies for communicating microfilm, microdots, and coded messages. What I call "digital dead drops" already allow nearly untraceable, unrestricted communication. After all, if I can use a remailer to reach St. Petersburg.... Or if I can place message bits in the LSB of a image and then place this on Usenet for world-wide distribution..... (I described this in my first message on using LSBs of audio and picture files in 1988, in sci.crypt). The world has already changed for the spy. And Mafia guys on the run are using CompuServe to communicate with their wives...the Feds can't tap these ever-changing systems....a likely motivation for current Clipper/Capstone/Tessera/Digital Telephony schemes.)

Blacknet could remove most of this risk. With near-perfect anonymity and digital cash, a tidy side income could be created for anyone with access to classified information. There would be no need for risky physical meetings. The money could be spent on a few nice extras to make life more comfortable, without fear of it being traced.

Yep! That's the beauty of it all. "Classified classifieds," so to speak. "No More Secrets." At least, no more secrets that you don't keep yourself! (A subtle point: crypto-anarchy doesn't mean a "no secrets" society; it means a society in which individuals must protect their own secrets and not count on governments or corporations to do it for them. It also means "public secrets," like troop movements and Stealth production plans, or the tricks of implaniting wafers, will not remain secret for long.)

How many people would succumb to such temptation? People do undergo security checks, and presumably those who pass are mostly honest. But they are human, and money is a powerful motivator. Especially if the person figures that if he doesn't sell the info someone else will, the temptation will be all the stronger.

Yes. All of this is true.

There are possible countermeasures: frequent lie-detector tests (as in Snow Crash); "fingerprinting" documents so everybody has a slightly different copy, allowing sting operations to identify the culprits; perhaps even swamping the legitimate offers of cash with bogus ones (a denial-of-service attack, in effect). But none of these are really likely to solve the problem.

We went around several times on the Extropians list (which I am no longer on, by the way--for unrelated reasons), especially with regard to what most folks consider an even more disturbing use of BlackNet-type services: liquid markets for killings and extortion. Pun intended. Buyers and sellers of "hits" can get in contact anonymously, place money (digicash) in escrow with "reputable escrow services" ("Ace's Anonymous Escrow--You slay 'em, we pay 'em"), and the usual methods of stopping such hits fail. (The Mob rarely is stopped, as they use their own hitters, usually brought if from distant cities for just the one job. And reputations are paramount. Amateurs usually are caught because they get in contact with potential hitters by "asking around" in bars and the like...and somebody calls the cops and the FBI then stings 'em. Anonymous markets, digital cash, escrow services, and reputation services all change the equation dramatically. If the hit is made, the money get transferred. If the hit is not made, no money is transferred. In any case, the purchaser of the hit is fairly safe. Implication of the purchaser can still happen, but by means other than the usual approach of setting up a sting.)

This is probably the issue which has the government really scared, the issue which turned Barlow's government friends against free encryption, as he describes in his Wired article ("if you knew what I know, you'd oppose it too"). The NSA in particular has for a long time been wildly paranoid

Yes, if I could think all this stuff up in 1987-8, so can a lot of others. It was clear to me, at the Crypo Conference in 1988, that David Chaum had thought of these uses and was deliberately navigating around them in his scenarios for digicash. He just raised his eyebrows and nodded when I discussed a few of the less fearsome applications. ...

its own secrets than discovering others'. I could see any technology which would facilitate sellouts by their people to be considered a mortal threat, something to be fought by any means. And I imagine that the rest of the military intelligence community would feel the same way.

To the governments of the world, facing these and other threats to their continued ways of doing business (notice that I didn't say "to their continued existence"), the existence of strong encryption in the hands of the population is indeed a mortal threat. They'll cite the "unpopular" uses: kiddie porn nets, espionage, selling of trade secrets (especially to "foreigners"), the bootlegging of copyrighted material, "digital fences" for stolen information, liquid markets in liquidations, and on and on. They won't mention a basic principle of western civilization: that just because _some_ people mis-use a technology that is no reason to bar others. Just because some people mis-use camcorders to film naked children is no reason to ban cameras, camcorders, and VCRs. Just because some folks mis-use free speech is no reason to ban free speech. And just because some will mis-use encryption--in the eyes of government--is not a good reason to ban encryption. In any case, it's too late. The genie's nearly completely out of the bottle. National borders are just speed bumps on the information highway. The things I've had in my .sig for the past couple of years are coming. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." "The government announcement is disastrous," said Jim Bidzos,.."We warned IBM that the National Security Agency would try to twist their technology." [NYT, 1996-10-02] We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."