Re: Voice crypto: the last crypto taboo
At 01:49 PM 8/6/01 +0200, Eugene Leitl wrote:
On 4 Aug 2001, Dr. Evil wrote:
What's up with voice encryption? I'm ready to use it. I'm ready to
Me, too. Let's do it, then: http://www.speakfreely.org/
And nautilus and PGPfone. Maybe on a pocket PC if they have decent audio. How do you make money on this approach, though?
We've got a lack of user base problem. I'm expecting voice encryption in software when PDA (or wearable) with ~10 kBps wireless connectivity become commonplace.
Interop with an existing PC/Mac based tool might help.
On Mon, 6 Aug 2001, David Honig wrote:
And nautilus and PGPfone. Maybe on a pocket PC if they have decent audio. How do you make money on this approach, though?
By selling wireless bandwidth? Hardware? Leather accessoires and GUI skins? Consulting? I don't think the apps themselves should be commercial. It only leads to featuritis, lousy code and backdoors.
Interop with an existing PC/Mac based tool might help.
Definitely. There are, supposedly people out there who do VoIP from their desktops, but I never met any. -- Eugen* Leitl <a href="http://www.lrz.de/~ui22204/">leitl</a> ______________________________________________________________ ICBMTO : N48 10'07'' E011 33'53'' http://www.lrz.de/~ui22204 57F9CFD3: ED90 0433 EB74 E4A9 537F CFF5 86E7 629B 57F9 CFD3
On Monday, August 6, 2001, at 08:11 AM, David Honig wrote:
At 01:49 PM 8/6/01 +0200, Eugene Leitl wrote:
On 4 Aug 2001, Dr. Evil wrote:
What's up with voice encryption? I'm ready to use it. I'm ready to
Me, too. Let's do it, then: http://www.speakfreely.org/
And nautilus and PGPfone. Maybe on a pocket PC if they have decent audio. How do you make money on this approach, though?
We've got a lack of user base problem. I'm expecting voice encryption in software when PDA (or wearable) with ~10 kBps wireless connectivity become commonplace.
Starian, the company founded by Eric Blossom and others, had a 3DES unit the size of an external modem that worked as described. (I have one.) The problem is the "fax effect": who ya gonna call? It works well for "cells" consisting of trading partners, drug dealers, freedom fighters, etc. They can just buy several of them for their members. Solving the fax effect problem happens when a _standard_ is widely deployed, or when some major deals with cellphone vendors happen. I understand Starian has been trying to get a cellphone version designed-in. ObSpoliationClaim: "Those who buy such machines are obviously trying to hide evidence. Mr. Happy Fun Court is "not amused."" --Tim May
Starian, the company founded by Eric Blossom and others, had a 3DES unit the size of an external modem that worked as described. (I have one.)
The problem is the "fax effect": who ya gonna call?
No, in the case of Starium, the problem is decidely not the fax effect. The problem is that they aren't selling them! You can't buy one, which basically guarantees that no one you call will have one. A corollary to this problem often affects high-tech companies: they have an awesome new technology, but they haven't sorted out how to market it.
It works well for "cells" consisting of trading partners, drug dealers, freedom fighters, etc. They can just buy several of them for their members.
Perhaps those groups have some use for these things, but in my case, I would create a "cell" of two: me and my lawyer. Client-attorney communications are legally protected; this just provides a technical means to implement an established, almost sacrosanct legal protection. If those guys were smart, they would read Crossing the Chasm, and pick a small target market to market to, and lawyers and their clients might be a good one.
Solving the fax effect problem happens when a _standard_ is widely deployed, or when some major deals with cellphone vendors happen. I understand Starian has been trying to get a cellphone version designed-in.
I don't think that's true at all! A company with huge resources (like Miscrosoft) can solve the fax effect by creating standards (often "closed" or proprietary standards) and getting things widely deployed by buying major partners, but that is certainly not the only way to do it. You don't need a lot of resources or a wide deployment to solve the fax effect. I imagine that the fax machine overcame the fax effect when a company with, for example, an east coast and a west coast office bought two of them and then could send documents coast to coast in seconds. They didn't care that no one else had one; it was boosted productivity immediately. Let's say that for some reason a company needs to send documents within 24 hours, and the only two options are couriers on flights, or this new-fangled fax machine. A pair of fax machines pays for itself within the first few documents that need to be sent, even if no other fax machines exist in the universe. Sooner or later, there will be a bunch of companies with two offices which use these things internally, and then one day, in a blinding flash, someone at Company A needs to send a document to Company B, and remembers that his friend there mentioned that they also have a "telphone facsimile machine", and in an instant, the world changes forever!
ObSpoliationClaim: "Those who buy such machines are obviously trying to hide evidence. Mr. Happy Fun Court is "not amused.""
That is very true. Someone trying to defeat a charge of being a boss in a drug gang would certainly not be helped if they found Starium units in his house and in houses of people who were distributing drugs. This would look bad for Starium, too. That's why they should go after a market that involves communications which are already legally protected: lawyer-client calls, law enforcement agency internal use, multinational corporations remote offices, perhaps some token human rights workers. If 95% of the users are socially acceptable, it won't matter that there are 5% who aren't. If 95% of the users are socially unacceptable, it won't matter if Mother Teresa and the Pope are the other 5%, because the thing will get banned. In my humble opinion, the c'punks would be a lot more interesting if they spent more time talking about marketing and PR and a lot less (perhaps none) time talking about silly legal points and technical hacks. Do you want to be right, or do you want to win? Put it another way: do lawyers spend a lot of time coming up with obscure legal arguments for why their client is not guilty, or do they spend a lot of time on jury psychology? Because ultimately the law is enforced by jurors who make emotional decisions, and they base them on things like their judgement of the character of the people involved, more than they base them on obscure legal theories and incomprehensible technical points. Same goes for voters and cops, in fact.
On Monday, August 6, 2001, at 09:52 PM, Dr. Evil wrote:
Starian, the company founded by Eric Blossom and others, had a 3DES unit the size of an external modem that worked as described. (I have one.)
The problem is the "fax effect": who ya gonna call?
No, in the case of Starium, the problem is decidely not the fax effect. The problem is that they aren't selling them! You can't buy one, which basically guarantees that no one you call will have one. A corollary to this problem often affects high-tech companies: they have an awesome new technology, but they haven't sorted out how to market it.
I bought one, and I know of several others who have bought them. As to whether they are _currently_ selling any models, I can't say. But this doesn't change my "fax effect" point.
Perhaps those groups have some use for these things, but in my case, I would create a "cell" of two: me and my lawyer. Client-attorney communications are legally protected; this just provides a technical means to implement an established, almost sacrosanct legal protection.
Yes, of course. We know things like this.
I don't think that's true at all! A company with huge resources (like Miscrosoft) can solve the fax effect by creating standards (often "closed" or proprietary standards) and getting things widely deployed by buying major partners, but that is certainly not the only way to do it. You don't need a lot of resources or a wide deployment to solve the fax effect. I imagine that the fax machine overcame the fax effect when a company with, for example, an east coast and a west coast office bought two of them and then could send documents coast to coast in seconds. They didn't care that no one else had one; it was boosted productivity immediately.
You clearly don't understand the usual meaning of "fax effect." Fax machines have existed in the form you describe for close to a century. This was not what writers in the early 90s were referring to when they spoke of the "fax effect."
Let's say that for some reason a company needs to send documents within 24 hours, and the only two options are couriers on flights, or this new-fangled fax machine. A pair of fax machines pays for itself within the first few documents that need to be sent, even if no other fax machines exist in the universe. Sooner or later, there will be a bunch of companies with two offices which use these things internally, and then one day, in a blinding flash, someone at Company A needs to send a document to Company B, and remembers that his friend there mentioned that they also have a "telphone facsimile machine", and in an instant, the world changes forever!
Naive. Faxes were available in the 1970s, and earlier. They did not "change the world overnight." For one thing, they were not accepted as legal docs. For another, transmission speeds were too slow. (We had fax machines to our remote plants in 1974, but we almost always used TWX and Telex transmissions. And they didn't "change the world overnight." They were just another channel.) The fax effect is the same as the phone effect. Your analysis would have had the first two phone changing the world overnight. No. What changed was when a significant fraction of one's suppliers, delivery agencies, shipping companies, customers, etc. all could be reached via a compatible, interoperable standard. The "phone effect."
ObSpoliationClaim: "Those who buy such machines are obviously trying to hide evidence. Mr. Happy Fun Court is "not amused.""
That is very true. Someone trying to defeat a charge of being a boss in a drug gang would certainly not be helped if they found Starium units in his house and in houses of people who were distributing drugs. This would look bad for Starium, too.
Irony is wasted on some people. --Tim May
I bought one, and I know of several others who have bought them. As to whether they are _currently_ selling any models, I can't say. But this doesn't change my "fax effect" point.
I didn't realize they had ever sold them. I have been checking their page fairly regularly for the past year and I never saw a link that said "where can I buy one of these", because I would have bought some. I have called to ask when I could buy one, and they always said, "in a few months", and now they don't answer the phone. It looks like they are out of business now, or will be soon, which is unfortunate. You're lucky you got one, I guess.
Naive. Faxes were available in the 1970s, and earlier. They did not "change the world overnight." For one thing, they were not accepted as legal docs. For another, transmission speeds were too slow.
Yes, I am well aware that faxes existed in the 1970s. They existed in the 1920s, if you can imagine that. My point wasn't about "changing the world overnight". I do understand the fax effect: Every fax machine in the world becomes more useful the more fax machines there are. Starium is the same situation: it's more useful as more people have them. The first major use of faxes was by the Associated Press to get photos into print quickly. There was absolutely no fax effect involved in this. Most of the faxes in the world were used by just one company, AP. When they started using them in the 1930s, they probably never considered sending faxes to other companies, or using faxes for other purposes. There was a highly compelling reason for them to spend the ridiculous amounts of money these things costed, though: they could have photos of a recent event, on the other side of the country, in today's edition, and that's worth money. The fax effect didn't start with faxes until decades later. My point is that you don't need to get widespread deployment before they have a compelling use. Stariums (Staria?) have a compelling use right now, in fact, if they would only know to sell them and market them to the right group. Instead of even thinking about the fax effect, Starium should be thining of who their equivalent of Associated Press is going to be. The goal of a marketing plan is not "to overcome the fax effect" (or "have the coolest technology" or any similar thing) but rather "to find and present a use that is so compelling that people will buy them". The fax effect is irrelevant to Starium, because they don't have the resources to initiate that effect. So they need to find some other compelling reason for people to buy it. This is about making money.
The fax effect is the same as the phone effect. Your analysis would have had the first two phone changing the world overnight. No. What changed
The first two phones didn't overtly change the world overnight, but they did change the course of the world. That deviation in course was subtle, and took years or decades to become apparent, but the change in direction was profound and irreversible, from the moment in 1876 when Mr. Bell said, "Mr. Watson-come here. I want you!" The fax had a less profound impact. The Internet had an equally profound impact, perhaps. These inventions are profound, but not obvious at first, unlike some other inventions which changed the world profoundly in immediately obvious ways, like the atomic bomb.
ObSpoliationClaim: "Those who buy such machines are obviously trying to hide evidence. Mr. Happy Fun Court is "not amused.""
That is very true. Someone trying to defeat a charge of being a boss in a drug gang would certainly not be helped if they found Starium units in his house and in houses of people who were distributing drugs. This would look bad for Starium, too.
Irony is wasted on some people.
I know you were being ironic, but PR is an important consideration, far more important than is generally understood on this list. You said something in irony which I think is actually a good point. We need to think of how jurors, and society in general, will react, emotionally and psychologically, to what we're doing, or we're going to get in lose. Anyway... C'punks will spend all their time arguing about obscure legal points, obscure technologies, and being right, and will never get anything done. Sometimes this list is amusing, but it gets repetitious. Maybe I should start a new list called realitypunks, which will have these rules: 1. No ad hominem attacks. 2. No anti-governemnt ranting. 3. A few select incoherent ranters would need to be kicked out for causing excessive harm to the signal-to-noise ratio. 4. Let's focus on PR, marketing and psychology instead of technology, legal debate, and confrontation. If a bunch of people are interested I'll create it. If not, that's ok too.
"Dr. Evil" wrote: [...]
Maybe I should start a new list called realitypunks, which will have these rules:
1. No ad hominem attacks. 2. No anti-governemnt ranting. 3. A few select incoherent ranters would need to be kicked out for causing excessive harm to the signal-to-noise ratio. 4. Let's focus on PR, marketing and psychology instead of technology, legal debate, and confrontation.
You only say that because the CIA sheeple-control chip in your mobile phone is filling your head with low-frequency sound waves tuned to resonate with your skull and depress the thalamic activity thresholds. Instantiate the instauration of starium, Stalin. Ken
On Tue, Aug 07, 2001 at 08:19:12AM -0000, Dr. Evil wrote:
I know you were being ironic, but PR is an important consideration, far more important than is generally understood on this list. You [...] 1. No ad hominem attacks.
2. No anti-governemnt ranting.
3. A few select incoherent ranters would need to be kicked out for causing excessive harm to the signal-to-noise ratio.
4. Let's focus on PR, marketing and psychology instead of technology, legal debate, and confrontation.
If a bunch of people are interested I'll create it. If not, that's ok too.
I think everyone understands PR is important to some extent. But some reasons why your list is a bad idea: * the folks most interested in championing certain products are those who run companies; they're also the ones in the best position to do so * there's an opportunity cost involved in signing up with a new list. most of us nowadays are trying to cut down, not increase, subscriptions * the volume of messages on cpunx, with lne.com and a threaded mailreader, is perfectly manageable; these discussions can happen here * good ideas bubble up from the froth; saying no "confrontation" is a sure way to ensure the better posters don't subscript to your list for fear of getting the boot if they call someone a flaming idiot * the folks you do get on the list will probably not have a clue what they're talking about beyond "marketing cypherpunks is good". hint: you want some PR people and journalists, and you probably won't get 'em * cypherpunk technologies are destructive to the status quo and really can't be honestly spun in any other way -Declan
On Tuesday, August 7, 2001, at 01:19 AM, Dr. Evil wrote:
I bought one, and I know of several others who have bought them. As to whether they are _currently_ selling any models, I can't say. But this doesn't change my "fax effect" point.
I didn't realize they had ever sold them. I have been checking their page fairly regularly for the past year and I never saw a link that said "where can I buy one of these", because I would have bought some. I have called to ask when I could buy one, and they always said, "in a few months", and now they don't answer the phone. It looks like they are out of business now, or will be soon, which is unfortunate. You're lucky you got one, I guess.
Because of the fax effect, not so lucky. Few people to use it with.
Naive. Faxes were available in the 1970s, and earlier. They did not "change the world overnight." For one thing, they were not accepted as legal docs. For another, transmission speeds were too slow.
Yes, I am well aware that faxes existed in the 1970s. They existed in the 1920s, if you can imagine that.
You elided the part where I said "for nearly a century." The facsimile system is very old indeed.
repetitious. Maybe I should start a new list called realitypunks, which will have these rules:
1. No ad hominem attacks.
2. No anti-governemnt ranting.
3. A few select incoherent ranters would need to be kicked out for causing excessive harm to the signal-to-noise ratio.
4. Let's focus on PR, marketing and psychology instead of technology, legal debate, and confrontation.
If a bunch of people are interested I'll create it. If not, that's ok too.
Enjoy yourself. --Tim May
Tim, Dr. Evil, and others were talking about Starium and other secure voice.
I bought one, and I know of several others who have bought them. As to whether they are _currently_ selling any models, I can't say. But this doesn't change my "fax effect" point.
The Voice Over IP market has been growing rapidly, with wiretappability built in, and the Fax Effect making it more likely that if you're on a VOIP call over the Internet or telcos it's insecure. The primary standard in use is H.323, which doesn't do crypto and which picks its TCP ports in ways that are hard to simply force through IPSEC unless you're doing that for all your traffic. Some of the followon standards may help, and there are other VOIP systems out there (mostly proprietary), but H.323 is dominant. SIP and MGCP are more wrappers around H.323 than competitors. Other than random hobbyists or software developers, most of the VOIP market is in several categories - Microsoft Netmeeting users on the Internet (it's free, and comes with almost every $50 PC camera.) - PBX replacements running on companies' private networks, behind firewalls and usually not carried on the Internet. They're pretty safe; corporate nets can be hacked, at least by insiders, but so can PBXs. - International carriers providing gateways between US and non-US telcos, generally with the Internet in the middle but sometimes with their own private IP nets in the middle. These are tappable at the US telco edge, but for internet-based services, the Internet's probably an easier place. - US companies like Net2Phone that provide cheap connectivity from PC users to telcos, and similar businesses being proposed but DSL and cable modem providers. These have the problem that CALEA wiretap requirements apply to any telco-like provider, and any non-telco ISP or VOIPgate can be tapped at the telco edge. I've been trying to set up voice communications on Linux that I can try over IPSEC in my lab, using www.openh323.org, to see how it sounds and what issues come up while using it. So far, I've confirmed Hugh Daniel's comments that sound card support on Linux is dodgy, unreliable, and a real pain. Once I've got stable operating systems again that don't complain about missing sound-chip driver modules, I'll probably just run Windows (sigh) Netmeeting across the freeswan and also across the Nortel Contivity stuff we're installing.
--
ObSpoliationClaim: "Those who buy such machines are obviously trying to hide evidence. Mr. Happy Fun Court is "not amused.""
That is very true. Someone trying to defeat a charge of being a boss in a drug gang would certainly not be helped if they found Starium units in his house and in houses of people who were distributing drugs. This would look bad for Starium, too.
Irony is wasted on some people.
On 7 Aug 2001, at 8:19, Dr. Evil wrote:
I know you were being ironic, but PR is an important consideration, far more important than is generally understood on this list.
The argument "Using X shows you have something to hide" is unlikely to impress in a world where most respectable middle class people have committed multiple felonies theoretically worth seven years each. Similarly, there is much truth in Black Unicorn's argument that the systematic destruction of potentially inconvenient records is illegal. However since many other things that large companies with deep pockets is doing are even more illegal, nothing is going to stop them from systematically purging records. The court will no doubt be unamused by Micorosoft's new email policy, but it was even less amused by the emails that turned up last time. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG H9q6eEZeMsGPCWsKCGfr2xddMa6h0gxbjk3/Z/7P 4O6wKWO9uIpG9Af81TlzJc2iiHMjCsCtR9xpR6VF7
At 10:18 PM 8/6/01 -0700, Tim May wrote:
the fax effect. I imagine that the fax machine overcame the fax effect when a company with, for example, an east coast and a west coast office bought two of them and then could send documents coast to coast in seconds. They didn't care that no one else had one; it was boosted productivity immediately.
You clearly don't understand the usual meaning of "fax effect." Fax machines have existed in the form you describe for close to a century. This was not what writers in the early 90s were referring to when they spoke of the "fax effect."
He's talking about how to *bootstrap into society* an artifact wit fax-effect problems ---ie, which must be present at both ends to work -phones, faxes, Navajo, protocols..
The fax effect is the same as the phone effect. Your analysis would have had the first two phone changing the world overnight. No. What changed was when a significant fraction of one's suppliers, delivery agencies, shipping companies, customers, etc. all could be reached via a compatible, interoperable standard. The "phone effect."
Theodore Hogg has done work on phase changes in topological (network) systems --like percolation in rocks, and other network effects. At some level of porosity, a body of rock becomes much more permeable, because the pores often interconnect. I can't help but think this relevent. In any case, its clear you need a perceived benefit, probably expressable in dollars (but maybe reputation), for early-adopters to 'seed' the population. But you can't seed if you don't have something to deploy, slow and expensive though it may be at first.
At 09:41 AM 8/6/01 -0700, Tim May wrote:
Starian, the company founded by Eric Blossom and others, had a 3DES unit the size of an external modem that worked as described. (I have one.)
Did you buy it anonymously? That's a problem with low-serial-number devices.
The problem is the "fax effect": who ya gonna call?
Thus my suggestion that interop with a guy with a computer/speaker/mic would be a selling point.
It works well for "cells" consisting of trading partners, drug dealers, freedom fighters, etc. They can just buy several of them for their members.
Telecommuters. Also it would be cool to have your phone answering machine use crypto when you dialed it up. Computers are sometimes phone answering machines nowadays.
Solving the fax effect problem happens when a _standard_ is widely deployed, or when some major deals with cellphone vendors happen. I understand Starian has been trying to get a cellphone version designed-in.
Sure. If Starion Corp. had ridden the hockey stick and become 'the' standard we'd all be pretty happy, even wannabe competitors, for having a de-facto standard to code to.
ObSpoliationClaim: "Those who buy such machines are obviously trying to hide evidence. Mr. Happy Fun Court is "not amused.""
Do not smile at the man in the black dress with a hammer.
What's up with voice encryption? I'm ready to use it. I'm ready to
Me, too. Let's do it, then: http://www.speakfreely.org/
And nautilus and PGPfone. Maybe on a pocket PC if they have decent audio. How do you make money on this approach, though?
We've got a lack of user base problem. I'm expecting voice encryption in software when PDA (or wearable) with ~10 kBps wireless connectivity become commonplace.
CDPD is available flat rate in much of the country; not sure if the performance is adequate for voice, though. (I haven't tried it, but unfortunately I'd guess "not close"... the throughput is about 19.2 before overhead, ~14+ after, but there's likely to be way too much jitter and/or latency because it rides alongside the voice cellular.) Circuit-switched cellular modems are available, but too slow for most speech systems, though perhaps the 5.6kbps coders will work. Metricom, of course, is in the process of biting the dust hard this time. 802.11 networks are starting to emerge rapidly, if the recent WEP crypto cracks don't kill them off and if they find their own business models (Starbucks wins by having you sit in their stores buying overpriced coffee; airport-located systems win by charging business travellers money. Most US-Wandering Cypherpunks who need cryptophones while travelling are within two blocks of a Starbucks :-) 2.5G GPRS Wireless is available in about half of Seattle, and should be available much more widely in a year or so, so depending on the pricing model it might be usable. The general question of "How do you make money on encrypted IP voice?" is a subset of "How do you make money on IP voice?", a hotly contested issue in the market right now. Wireless companies will be happy to charge by the minute, and the coffeeshop pricing was mentioned above.
participants (8)
-
Bill Stewart
-
David Honig
-
Declan McCullagh
-
Dr. Evil
-
Eugene Leitl
-
jamesd@echeque.com
-
Ken Brown
-
Tim May