extortion via digital cash
Hi, I have been reading numerous threads on digital cash, and I have some questions I would like discussed. currently when someone does extortion (kiddnapping too), they have two choices; 1-pick up the cash personally (or via a stooge) 2-transfer the funds via bank Both ideas are bad, in that you stand a good chance at getting caught. I was wondering, what if you demanded payment via Ecash, through nym servers, aliases, etc. From what I understand, it is just like cash, ie: no record of transaction, but you get the added bonus of not having to meet the other party-like a fund transfer. Once you have your 1,000,000 Ecash, you could dump it on a disk, and close your internet account (unless you really really trust your privacy technology). And I also think that you would have the option to cash this into real funds at either the Mark Twain bank, or likely somewhere in the Caymen Islands (maybe through those online gambling houses). I am hoping that this will spark some discussion, and maybe slow down the dlv, TM spam war. Also, I was only wondering about this for mere discussion reasons :) /sb
At 11:44 AM -0400 10/15/96, scottb@aca.ca wrote:
Hi, I have been reading numerous threads on digital cash, and I have some questions I would like discussed.
Just for your own education, this issue was discussed extensively in the early days of the list, and over on the Extropians list. I myself have written extensively about this, and the Cyphernomicon has sections on this. Hal Finney, Robin Hanson, David Friedman, Nick Szabo, and several others were active in these discussions. And the extortion/contract killings market issues are well-known to folks like David Chaum. (That people are aware of, and discussing, issues does not, of course, imply that they endorse or advocate anything. In fact, several of these named people are quite concerned with the implications.) Searches of archives, depending on what is available at any given moment, may turn up articles. Try to read these articles and raise specific points. It is unreasonable to expect any of us to write brand-new essays on well-trod ground.
I am hoping that this will spark some discussion, and maybe slow down the dlv, TM spam war.
The best way to spark discussion is to compose essays, in my opinion. For the record, you should note that I am not taking part in the "spam war" you refer to. I don't respond to Vulis, and his stuff (including any good analyses, unfortunately, go into my trash folder...sometimes I glance at them to keep current on what he's ranting about, sometimes I just empty the trash without even seeing what's landed in it. (I've also received a couple of notes from people suggesting basically that I should "stop participating and "just make nice"" with Vulis. Such cluelessness about what is actually being said, and the use of Kindergarten-level phrases like "just make nice," shows that some people have no sense of reality and have no concept of who is to blame and who is not to blame. "Why can't the Jews and the Arabs just make nice?") --Tim May "The government announcement is disastrous," said Jim Bidzos,.."We warned IBM that the National Security Agency would try to twist their technology." [NYT, 1996-10-02] We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
scottb@aca.ca writes:
I was wondering, what if you demanded payment via Ecash, through nym servers, aliases, etc. From what I understand, it is just like cash, ie: no record of transaction, but you get the added bonus of not having to meet the other party-like a fund transfer.
This has been discussed quite a bit on the list before and there is even a bit about it in Applied Cryptography. Basically the extortionist must be careful in how he arranges payment. The extortionist must create blinded proto-coins and send them to the extortionee to be signed. Otherwise the extortionee can write down the serial numbers before sending the coins off and the extortionist will get caught when trying to deposit. Some of the cut-n-choose protocols for after-the-fact catching of double spenders would prevent this from happening. Because the proto-coins from the extortionist are blinded and the extortionee can't remove the blinding, it would be impossible for the extortionee to properly complete the protocol with the bank and pay-off the extortionist. andrew
On Tue, 15 Oct 1996 scottb@aca.ca wrote:
Hi, I have been reading numerous threads on digital cash, and I have some questions I would like discussed.
currently when someone does extortion (kiddnapping too), they have two choices;
1-pick up the cash personally (or via a stooge) 2-transfer the funds via bank
Both ideas are bad, in that you stand a good chance at getting caught.
I was wondering, what if you demanded payment via Ecash, through nym servers, aliases, etc. From what I understand, it is just like cash, ie: no record of transaction, but you get the added bonus of not having to meet the other party-like a fund transfer. Once you have your 1,000,000 Ecash, you could dump it on a disk, and close your internet account (unless you really really trust your privacy technology). And I also think that you would have the option to cash this into real funds at either the Mark Twain bank, or likely somewhere in the Caymen Islands (maybe through those online gambling houses).
With a very large number of ecash users, perhaps. Otherwise, you can kinda figure out which kid raided the cookie jar - he's the one with chocolate chips smeared all over his face. Also - in order to communicate back to the perpetrator, the victim needs to communicate to the first step in the chain. The operator of that chain should not be held responisble for the system being used for criminal activity IF they are unaware of such activity. However, if they are informed that the perpetrator is forcing the victim to communicate through their system, they are no longer unaware - privacy is one thing, aiding and abetting a crime is another. What's to keep the authorities from following the trail of crubs back to the perpetrator, other than the usual threats of "don't call the cops" and "you have 24 hours to respond?" A few hops through some generally uncooperative jurisdictions might do, but perhaps El Dictator of Little Bannana Republic might just decide to hold the perpetrator's "payment" hostage ... Sounds like the making of a good movie script. Can we get Tom Cruise and one of those Thinking Machines laptops?? ;) -r.w.
I am hoping that this will spark some discussion, and maybe slow down the dlv, TM spam war.
A worthy cause :)
-----BEGIN PGP SIGNED MESSAGE----- In article <9610151846.AA00586@ch1d157nwk>, Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com> wrote:
Some of the cut-n-choose protocols for after-the-fact catching of double spenders would prevent this from happening. Because the proto-coins from the extortionist are blinded and the extortionee can't remove the blinding, it would be impossible for the extortionee to properly complete the protocol with the bank and pay-off the extortionist.
If you had Pipenet, or some other real-time anonymous communication system, the extortionee could still carry out the cut-and-choose protocol by passing the bank's requests for unblinding back to the extortionist. - Ian -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMmR9P0ZRiTErSPb1AQHDKwP/VDDS3izymRhDPUME58k2UjJ4MTH4QRpp Vst4Wbys5hpXIB2bKOsaU44ZH9ayguGCKW+F/qK/mn8Y3o+2gnDlL9ErtZSie59x 0sh8XXTME8Q+dosvILU5QxQ55GBMNfMfALO5Iwjogw9efaXk3rABIXHcWHHu522C liRnuNeS3uQ= =nv41 -----END PGP SIGNATURE-----
At 11:01 PM -0400 10/15/96, Rabid Wombat wrote:
Also - in order to communicate back to the perpetrator, the victim needs to communicate to the first step in the chain. The operator of that chain
BlackNet-type pools eliminate the chain. There is no "first step in the chain," only a message pool or Usenet group which is propagated to tens of thousands of sites around the world (and even available via one's satellite dish and local cable, a la DirectPC, @Home, etc.).
and abetting a crime is another. What's to keep the authorities from following the trail of crubs back to the perpetrator, other than the usual threats of "don't call the cops" and "you have 24 hours to respond?" A few hops through some generally uncooperative jurisdictions might do, but perhaps El Dictator of Little Bannana Republic might just decide to hold the perpetrator's "payment" hostage ...
Remailers, message pools, and untraceable cash are much more robust against these sorts of attacks than you are portraying here.
Sounds like the making of a good movie script. Can we get Tom Cruise and one of those Thinking Machines laptops?? ;)
Hollywood is too naive. I was interviewed by a screenwriter who came to a Cypherpunks meeting, circa early 1994. She took copious notes and seemed very interested in these sorts of things. From the plot she was tentatively working on, I think the eventual outcome was "The Net," but it's possible her script never got made, or was used for background, or whatever. In any case, "The Net" (and "Hackers") had essentially nothing very sophisticated in it. --Tim May "The government announcement is disastrous," said Jim Bidzos,.."We warned IBM that the National Security Agency would try to twist their technology." [NYT, 1996-10-02] We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
On Tue, 15 Oct 1996, Timothy C. May wrote:
At 11:01 PM -0400 10/15/96, Rabid Wombat wrote:
Also - in order to communicate back to the perpetrator, the victim needs to communicate to the first step in the chain. The operator of that chain
BlackNet-type pools eliminate the chain. There is no "first step in the chain," only a message pool or Usenet group which is propagated to tens of thousands of sites around the world (and even available via one's satellite dish and local cable, a la DirectPC, @Home, etc.).
Yes, a large and widely distributed message pool would seem to be a way around this ...
and abetting a crime is another. What's to keep the authorities from following the trail of crubs back to the perpetrator, other than the usual threats of "don't call the cops" and "you have 24 hours to respond?" A few hops through some generally uncooperative jurisdictions might do, but perhaps El Dictator of Little Bannana Republic might just decide to hold the perpetrator's "payment" hostage ...
Remailers, message pools, and untraceable cash are much more robust against these sorts of attacks than you are portraying here.
Yes, I suppose the actual transmission would be robust, if no mistakes were made. As you pointed out - if you can make the first hop secure (or any hop, for that matter). The only problem is that you're the only one turning up w/ a sudden large ecash sumin the Cayman Islands (and that "clue" won't be there with wider use of ecash ...).
Sounds like the making of a good movie script. Can we get Tom Cruise and one of those Thinking Machines laptops?? ;)
Hollywood is too naive. I was interviewed by a screenwriter who came to a Cypherpunks meeting, circa early 1994. She took copious notes and seemed very interested in these sorts of things. From the plot she was tentatively working on, I think the eventual outcome was "The Net," but it's possible her script never got made, or was used for background, or whatever. In any case, "The Net" (and "Hackers") had essentially nothing very sophisticated in it.
Perhaps we should write our own script. Can we get Attila to play "El Dictator"? -r.w. :)
"Timothy C. May" <tcmay@got.net> wrote:
At 11:01 PM -0400 10/15/96, Rabid Wombat wrote:
Also - in order to communicate back to the perpetrator, the victim needs to communicate to the first step in the chain. The operator of that chain
BlackNet-type pools eliminate the chain. There is no "first step in the chain," only a message pool or Usenet group which is propagated to tens of thousands of sites around the world (and even available via one's satellite dish and local cable, a la DirectPC, @Home, etc.).
I've been thinking about the use of Usenet as a message pool and this seems to be a good place to bring up my thoughts. As an already existing, widely disseminated and easily used message pool, Usenet is very valuable to us. I'm concerned that it may not last though. Many people now complain about how low the signal to noise ratio is (even more than they complain about this list). I've heard people say that they have given up on newsgroups in favor of mailing list, web-zines, etc. So, if it gets too bad, might it just fade away? Or, if it remains but becomes unpopular, will it be easy to restrict if we use it for anonymous messages? Not long ago on this list some people discussed possible changes to Usenet involving the elimination of newsgroups and their replacement with a searching system (ie. show me all articles with "cypherpunks" as a keyword). Has this gone anywhere? I was thinking that this could be done in a way as to be compatible with current implementations. A server could be written which would act like an nntp server if connected to on the nntp port, but which would work differently internally. When an nntp client makes a request regarding some news group, say alt.anonymous.messages, the server would search its single, unsorted pool of articles for all with "alt.anonymous.messages" in the newsgroup field of the header and respond to the request. Clients written for the new server would have access to its enhanced features (whatever they end up being). Although this does not have any direct crypto relevance, preserving Usenet as an anonymous message pool seems like a good idea to me. And to preserve it as an anonymous message pool, it needs to be kept useful for its other uses. I'm willing to work on this but I don't have the experience to lead an effort. So, is anyone interested or is anyone already working along these lines?
... stuff deleted ...
--Tim May
"The government announcement is disastrous," said Jim Bidzos,.."We warned IBM that the National Security Agency would try to twist their technology." [NYT, 1996-10-02] We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
-------------------- Scott V. McGuire <svmcguir@syr.edu> PGP key available at http://web.syr.edu/~svmcguir Key fingerprint = 86 B1 10 3F 4E 48 75 0E 96 9B 1E 52 8B B1 26 05
At 12:34 AM -0400 on 10/20/96, Scott McGuire wrote:
I've been thinking about the use of Usenet as a message pool and this seems to be a good place to bring up my thoughts. As an already existing, widely disseminated and easily used message pool, Usenet is very valuable to us. I'm concerned that it may not last though. Many people now complain about how low the signal to noise ratio is (even more than they complain about this list). I've heard people say that they have given up on newsgroups in favor of mailing list, web-zines, etc. So, if it gets too bad, might it just fade away? Or, if it remains but becomes unpopular, will it be easy to restrict if we use it for anonymous messages?
IMHO, it will end up similar to the late night infomerical spots on TV. Not puch of value there, but bored people will still look. Any effort to regulate it will come from a tangent; IDs of some sort to post in public, or have access to the net, or screening it out of the hypothetical InfoBahn II networks, or similar.
Not long ago on this list some people discussed possible changes to Usenet involving the elimination of newsgroups and their replacement with a searching system (ie. show me all articles with "cypherpunks" as a keyword). Has this gone anywhere? I was thinking that this could be done in a way as to be compatible with current implementations. A server could be written which would act like an nntp server if connected to on the nntp port, but which would work differently internally. When an nntp client makes a request regarding some news group, say alt.anonymous.messages, the server would search its single, unsorted pool of articles for all with "alt.anonymous.messages" in the newsgroup field of the header and respond to the request. Clients written for the new server would have access to its enhanced features (whatever they end up being).
Would the concept of moderated forum have to go away, too? People could look for messages signed by the moderator, but the overhead inherent in validating keys could make that unusable. The transition would be messy, once (if) two parallel systems were in place. Many people using the new system would start tagging messages with newsgroup names, of course, but the breakdown effect of lots of people posting messages that seem to go straight to the void would have a negative impact on the whole thing. Something similar to the namespace pollution problem large companies see with resumes would also start to happen, only in a much more shameless form (Spam, the Next Generation). Once enough specific search terms emerged as coherent analogues to groups, this might be functional, though.
Although this does not have any direct crypto relevance, preserving Usenet as an anonymous message pool seems like a good idea to me. And to preserve it as an anonymous message pool, it needs to be kept useful for its other uses. I'm willing to work on this but I don't have the experience to lead an effort. So, is anyone interested or is anyone already working along these lines?
I'm interested. I see a lot of problems, though, with implementation details, especially while both the old and the new exsist side by side. Something more akin to _Islands In The Net_ style data havens seems more workable, but with obvious disadvantages... -j -- "I'm about to, or I am going to, die. Either expression is used." - Last words of Dominique Bouhours, Grammarian, 1702 ____________________________________________________________________ Jamie Lawrence mailto:jal@cyborganic.net mailto:foodie@netcom.com
participants (7)
-
Andrew Loewenstern -
iang@cs.berkeley.edu -
Jamie Lawrence -
Rabid Wombat -
Scott McGuire -
scottb@aca.ca -
Timothy C. May