Making the World Safe for Steganography
I agree with Tim's suggestion that it would be good if steganography and cryptography tools were widely available, especially in light of the government's obvious hostility towards cryptography. But I can't agree that these tools will be sufficient to bring about Tim's concept of "crypto anarchy", of "libertaria in cyberspace". If we really want to achieve these goals I think it will be necessary to take political action. Technology alone will not be enough. After all, even today techniques exist which would in principle allow a digital cash system to develop. Yet no such system exists. There needs to be an infrastructure, a network of bankers, sellers, users, and other participants. All this will take time to develop even in the best of cases. But if the government is actively fighting such technology, I don't see how Tim's proposed subterfuges with DAT's and CD's are going to be enough to overcome this additional barrier. Without the ability to publically negotiate the tricky issues of standards and contracts, I don't see how a financial infrastructure of the sophistication needed for digital cash could arise. As another example, suppose the government banned non-Clipper cryptography. Despite the brave comments of some, I think it would be very hard to overcome such a ban. Look at the problems PGP has had, faced merely with the relatively weak threat of patent suits (patents which have not, to my knowledge, been tested in court). PGP is constantly being taken off FTP sites based just on letters from the patent holders. Even Tim himself suggested some time back that Cypherpunks should rethink support for PGP given the patent situation. Imagine how much worse it would be if the government actually could put people in jail for using PGP. My main point is that we cannot rely on the technology to save us. A concerted government effort could, in my opinion, stifle the growth of individual liberties that cryptography may offer. Clipper is just one battle in this longer war. We can't afford to fall victim to a smug confidence that victory will inevitably be ours. If we get to the point that steganography is the only way to communicate privately, we will have lost. Hal Finney hfinney@shell.portal.com
Cypherpunks, Politics, and Deployment I'll begin by addressing Hal's points about my latest comments on steganography, move on to some comments about the niche that Cypherpunks occupy contrasted with those occupied by such political action groups as the EFF and CPSR, and close by mentioning some exciting possible developments in using digital money and crypto methods for developing actual, legal banks and for moving data packets around in a new kind of network (called "Digital Silk Road" by its inventors). This to show my version of Eric's "Cypherpunks write code" (even if some of us mostly just write words!). Hal Finney writes:
I agree with Tim's suggestion that it would be good if steganography and cryptography tools were widely available, especially in light of the government's obvious hostility towards cryptography.
But I can't agree that these tools will be sufficient to bring about Tim's concept of "crypto anarchy", of "libertaria in cyberspace". If we really want to achieve these goals I think it will be necessary to take political action. Technology alone will not be enough.
Oh, I agree with you! I've never believed it will be easy, or will happen naturally, or will even happen as I, and others, think it may. The real future will have a lot of surprises in store for us. But we can speculate, help to flesh out visions, and look at possibilities. Orwell did this with "1984," Vinge did it with "True Names," and Stephenson did it recently with "Snow Crash," to name just a few of the "futurology" novels that have influenced some of us a lot.
After all, even today techniques exist which would in principle allow a digital cash system to develop. Yet no such system exists. There needs to be an infrastructure, a network of bankers, sellers, users, and other participants. All this will take time to develop even in the best of cases.
Agreed, and how it develops may surprise us. Maybe movie rentals will be the first use, because of the politically correct issue of rental privacy. Maybe toll roads in Europe will use digital money, as Chaum has been negotiating for. Implementing digital money deep inside the world of software and data may be even more promising. Smart objects, agoric payment for storage, for security, and for transmission, may be some early areas of application, as the last section of this posting will report. And this area will not require much political action at all...in fact, it's probably best that we simply avoid telling the bureaucrats what's going on at all. Present them with a fait accompli, as we (the "technological we") did with personal computers, Xerox machines, VCRs, and even the Internet itself.
But if the government is actively fighting such technology, I don't see how Tim's proposed subterfuges with DAT's and CD's are going to be enough to overcome this additional barrier. Without the ability to
The steganography stuff is truly minor compared to other stuff. Please don't let my one big post on this ("Making the World Safe..."), or the quotes by Kelly about me holding up a DAT tape, lead you to believe I think this is central. For the articles in "WER" and the "Village Voice" it just made for a good, easily understandable image of the point that bits are essentially uncontrollable, that if the Soviets couldn't stop samizdats, then the governments of the West are surely not going to be able to halt bits at the border, or control what bits are on the screens of millions of computers.
My main point is that we cannot rely on the technology to save us. A concerted government effort could, in my opinion, stifle the growth of individual liberties that cryptography may offer. Clipper is just one battle in this longer war. We can't afford to fall victim to a smug confidence that victory will inevitably be ours. If we get to the point that steganography is the only way to communicate privately, we will have lost.
Well said, Hal. Certainly political activism is important. But so is demonstration of actual technological paths. The political side has been fairly well-covered, with EFF, CPSR, the ACLU, and other groups fighing various battles (and missing others, or even taking the "wrong" side on some issues...but such is life). The niche I think our group fills (and many members of EFF, CPSR, the ACLU, and such, are in our group, too) is that of being a group that is actually playing around with these various technologies. There are groups of amateur cryptanalysts, of which we do very little or none, and there are groups of ham radio enthusiasts, and so on. These groups are similar to us in some respects, except that none of them are investigating the same set of things we are. Who else is attempting to actually _implement_ the ideas we are, at least as an entire set? (I'm not suggesting we Cypherpunks take the credit for PGP, which was already out (in Version 2.0, no less) just as our first meeting was happening, nor can we claim to have invented anonymous remailers, as Julf, Kleinpaste, and others were already doing this--and Chaum wrote his "mix" paper in 1981. But we were and are "involved" in various ways, as Hal himself was/is so prominently.) No other group, so far as I know, has the same self-chosen charter we have, to build and deploy systems involving "modern" cryptology in all its many forms and to develop workable approaches to using these technologies--public key crypto, digital money, dining cryptographers nets, anonymous remailers, reputation markets, digital escrow services, data havens, etc.--in new ways. My point is that Cypherpunks fill an important ecological niche, that the lawyers and political activists cannot completely fill themselves. Nor do their interests lie in this area. We complement each other. And let me give fair warning: I don't think digital money and "crypto anarchy" will ever happen in this country via the political process. Rather, it'll happen through surprising, sudden shifts in the way people do business, such as the way the Internet developed without real legislative sanction (I'll grant it was never completely ignored, and was subject to some kinds of laws. But mostly it just grew. This is certainly not to say digital money will grow in an analogous way. But anonymous reputation markets might, for example. Or offshore data havens. Unless and until international phone lines are cut, it's hard to imagine any law stopping such things. An outright ban on non-Clipjacked encryption would of course be a major obstacle. Hence the need to fight that with every weapon at our disposal.) In any case, I personally am lousy as a political organizer and have no interest in this. Personally speaking, to repeat. For those who do have the skills, great! Let me also remind readers that one mostly "political" achievement was the creation of the alt.whistleblowers group. Though time will tell whether this really changes things or not, it has the potential to. This is just one example. Let me close by citing some interesting developments which have not gotten much discussion here on the main list. While the "CryptoStacker" debate was raging a while back on the List, other developments were continuing. At the last Cypherpunks meeting, there was an excellent discussion of how to to use existing laws to set up a form of bank that would do business with digital money and that could use various crypto techniques to enhance its business. (I expect this is a cryptic enough summary!) I won't comment further, as the originator and developers can comment on what they feel can be said on a public list. (They spoke at the meeting without getting Nondisclosure Agreements, and the Cypherpunks meetings are explicitly public, but it's still best if I let the developers themselves do the talking.) At the same meeting, Dean Tribble and Norm Hardy described their work on "Digital Silk Road," a system for paying for packet transmissions using digital money. (Their documents are available in the ftp site netcom/pub/joule in PostScript, RTF, and text formats.) This proposed system uses digital money and yet would require almost no legislative approval (I can't see how _any_ legal approval would be needed initially, though when real transactions get big enough, the Tax Man and his FTC/FCC brothers may stick their noses in). This system could revolutionize the way packets of data are moved around and could be the fait accompli I cited earlier. If this succeeds (long odds of course against any specific idea hitting big), then this could introduce digital money and "Cypherpunks-style" ideas ubiquitously and uncontrollably. These developments could shape the future of cyberspace significantly. Cypherpunks, we are making progress slowly but surely. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it.
participants (2)
-
hfinney@shell.portal.com
-
tcmay@netcom.com