pseudospoofing survey
punks: The following is an essay followed by a survey on pseudospoofing. If you are interested in participating in the survey please reply in email to me under your `true name' only. I will post a summary to the list if there is sufficient data and I'm convinced it isn't strewn with manufactured lies from phantom identities (please do not waste my precious time, pollute my mailbox, or disrupt this survey with any). * * * First, let's review. From my perspective a person can have cyberspatial identities in about 5 basic categories. Under these definitions an `identity' is what appears in the `from' line of a message or other very obvious identifying characteristics of the message, for example, a line at the beginning saying `This is [x], I couldn't post under my regular account but ...', a signature at the end of the message, etc. Under these definitions I'm leaving out the distinctions of `reply capability' associated with anonymous servers etc. 1. `True Name' -- for our purposes let this be defined as the name on your birth certificate, your legal identity. 2. `unique name' or `cyberspatial name' -- this would be a name you associate with all your activities in cyberspace in postings to mailing lists, email, etc. That is, I'm making a distinction about people possibly using the net always under a single pseudonym. 3. `obviously anonymous' -- identifying characteristics in the message (such as origination from an anonymous server, etc.) make it obvious that *anyone* could have posted it. Sometimes called `hit and run'. 4. `pseudonymous' -- a variation of (3) where arbitrary identification is used to build up a reputation under a presumed name, but characteristics of the message make clear that the identity is an *alias* for someone's *unique* identities under (1) or (2). The nicknames associated with the Helsingius server ID's would be an example. 5. `pseudoanonymous' or `pseudospoofed' -- the message could either be someone's `true name' or an invented alias, but *no* characteristics of the message (including the message by the author) can discriminate exactly *which*. This is something like `identity camouflage'. It is a new category of identification that transcends (1) - (4) because it encompasses all of them. * * * Now, I've written a lot on `anonymity' and am a strong supporter and proponent of categories (2), (3), and (4), where the *receiver* of a message is *informed* and *aware* that it can be from *anyone*. However, I believe extreme restrictions should be placed on the use of (5) in a civilized cyberspatial society (such as that which mailing lists and Usenet groups attempt to represent, IMHO). Contrary to all the flames on the list and in my mail box, I continue to believe that this is not incompatible with privacy -- in fact, I believe it *promotes* it. Very serious abuses of (5) can lead to insideous deception and treachery, particularly in the interplay between public and private messages, and I'm absolutely aghast to see the capability for (5) championed as `privacy' here and in my mailbox by many people (or phantoms, I'm in total confusion) I used to respect. But this is all another essay. Above all, I'm *extremely* disturbed and alarmed to perceive what appears to be a systematic propaganda and disinformation campaign on this list and elsewhere in obfuscating the *obvious* and *incontrovertable* distinction between (3) and (4) on one hand (`anonymous' and `pseudonymous') and (5) on the other (`pseudoanonymous' or `pseudospoofed'), ironically perhaps largely via abuse of the lack of protective mechanisms against it here. In (3) and (4), the reciever *knows* that the message can be from *anyone*. In (5), the receiver does *not* know, and may even be *misled* into believing that a message is in categories (1) or (2) when it is in fact in fact `anonymous'. IMHO this is *very* dangerous. To further emphasize this distinction, in some sense categories (1) - (2) are *attributable* to *unique* identities. When I see messages in categories (1) or (2) on a mailing list, in my mailbox, or in Usenet postings, FTP articles, whatever, I can attribute them to unique people by definition. We also might call (1) `accountable', and if an online account under (2) can be traced to a legal identity, it would be also. Categories (3) and (4) are *not* attributable to unique identities. A single person could post anonymously multiple times or pseudonymously under multiple identities. If a person has only one pseudonym, let's say that's `quasi- or semi- accountable'. But not only is (5) *not* attributable to *identities*, it is not `attributable' to any of the previous *categories*! Hence, let's call messages in the categories (1) - (2) `attributable', (3) - (4) `nonattributable', (1) - (4) `uncamouflaged', `white', `open' or `unsurreptitious', and (5) `nonattributable' and `camouflaged', `black', or `surreptitious'. (I leave it to subsequent debate to stabilize on the most descriptive and memorable terms.) This *camouflage* that various cypherpunks promote, apparently up to the highest levels of `leadership', is IMHO inherently subversive. Because no one here seems to be afraid of subversion and anarchy, and even embraces it, let me go further and say it is *destructive* not only to societies but to *any* social interaction, even interpersonal. IMHO It is not just a recipe for anarchy, it is a recipe for chaos and barbarianism, *particularly* when associated with personal mail (including mailing lists). This was all a topic of discussion many months ago, and I paid scant attention at the time because I didn't think it was the interest of the majority of cypherpunks, part of the agenda, generally feasible, or in widespread practice. Recent events suggest to me I am *utterly* mistaken on all counts. In fact, apparently not only are `some' cypherpunks in favor of `black' postings, they are in favor of *concealing* the very existence of the capability, so as to potentially manipulate and brainwash others in an undetected concerted conspiracy! I think I will define this as `evil blackness'. <g> Again, lots of specific examples, anecdotes, and horror stories are another essay. Perhaps some would like to expand on this point (please email me if you treat this in a comprehensive and thorough manner). For now, I just want to make the distinctions clear for the survey, which follows. The survey will help me determine the extent of `blackness' and `evil blackness'. Please try to be as complete as possible in your responses. I will read and be influenced by independent opinions in my mailbox, but again request that you use your True Name only in any correspondence with me. And anyone who flames that this survey is an invasion of privacy, get lost. Let anyone reply under their own free will. I will keep all responses strictly confidential. However, I would like to collect some opinions under true names I can quote later. Please put the key `N/A' (not for attribution) in front of any response you wish me to leave unattributed or in front of the entire message like `message N/A'. Also, I will try to start email conversations with anyone who is particularly knowledgable. * * * 1. What is your `true name'? 2. Do you have a unique online identity other than your true name? 3. How long have you been on the internet? 4. How many mailing lists are you on? 5. Are `black' / `camouflaged' identities feasible or possible on the internet today? If so, how in particular? Comment on public access and UUCP sites if possible. 6. To what extent do you think `camouflaged' identities exist on the internet currently? Where are they used? What mailing lists or newsgroups are particularly dense with `black' postings? Have you ever received any in email? 7. Have you ever posted under a `camouflaged' identity? if so, where? How often? 8. Are you aware of any potential `abuses' of `black' messages? Has it turned into a big problem anywhere? Do you have any horror stories? Are there any `cabals' or `silent conspiracies'? have any debates or projects been `poisoned' or `sabotaged'? 9. Are you neutral on the capability of `black'/`camouflaged' messages, or do you strongly promote/support or condemn it? Is it harmless or dangerous? 10. Is society aware of `black messages'? if not, what would `they' think in general? if so, what is the consensus on the practice? 11. Is it fundamentally technically impossible to prevent *widespread* black messages if there was an incentive or consensus to do so? Or is it feasible with technology? 12. What are internet policies in general on `black' messages? What should they be? Should they be restricted and prevented? allowed? Keep in mind the distinctions of posts to mailing lists, Usenet posts, and personal mail. 13. Please list any resources on this subject: email addresses of specialists, pointers to papers, etc.
1. `True Name' -- for our purposes let this be defined as the name on your birth certificate, your legal identity.
That's a bad definintion. The name on *my* b.c. is NOT my legal identity. [2. name one goes by all the time on the net, 3. anonymous]
4. `pseudonymous' -- a variation of (3) where arbitrary identification is used to build up a reputation under a presumed name, but characteristics of the message make clear that the identity is an *alias* for someone's *unique* identities under (1) or (2). The nicknames associated with the Helsingius server ID's would be an example.
5. `pseudoanonymous' or `pseudospoofed' -- the message could either be someone's `true name' or an invented alias, but *no* characteristics of the message (including the message by the author) can discriminate exactly *which*.
I fail to see how, under this definition, it differs from category 2. If I'd ALWAYS posted under the name George P. Schrader, then that is the identity that would be ascribed to me. No one can tell if "Stanton McCandlish" is my true name either. None of you actually know that. I could be a persona of Shari Steele for all anyone really knows.
Very serious abuses of (5) can lead to insideous deception and treachery, particularly in the interplay between public and private messages, and I'm absolutely aghast to see the capability for (5) championed as `privacy' here and in my mailbox by many people (or phantoms, I'm in total confusion) I used to respect. But this is all another essay.
I think you are missing a major point, namely that in the future world of the net, ANYONE can do this. The entire meaning of "identity" is going to change, and the meaning of "person" and "you" and "me", even as it is ALREADY changing. Read up in Hackers Dictionary, as a small example, of how Guy L. Steele still is known as gls (his login ID from 15 years ago) EVEN BY HIS WIFE, in day to day conversation. People become their online personae. If people happen to have more than one, SO WHAT? It is in human nature to have multifaceted personalities, and I for one don't see any real difference between wearing black and being glum one day while wearing colours and being cheerful the next, and using 2 different online pseudos. It may not be CONVENIENT for the reader, but is it really anyone's business if I am who I say I am, and if someone else that they've been conversing with is also me? It is unusual, but it's not evil. It's really no more strange that halloween or a masquerade ball. In the case of forged identities stolen from someone else, yes that could be a problem, but the problem is not the technology that allows it, but the ATTITUDE that allows it. Guns don't kill people, people do.
In (3) and (4), the reciever *knows* that the message can be from *anyone*. In (5), the receiver does *not* know, and may even be *misled* into believing that a message is in categories (1) or (2) when it is in fact in fact `anonymous'. IMHO this is *very* dangerous.
This is patently false. I say this on the grounds that in ALL cases of ALL email, people know that the message can be from anyone. Period. End of story. If you do not authenticate the message w/a digital sig, and if the recipient does not verify it, that is NOT the fault of the technology that makes "pseudospoofing" possible, it is the fault of the users, if they believe that mail that says it's from X must perforce necessarily be from X. If people do NOT know this, it is again not the fault of the net or of anonymous services, it is the fault of the clueless. What you advocate seems strikingly like suggesting that we eradicate emacs, because someone somewhere might not RTFM and might cry and whine about not being able to use it right.
To further emphasize this distinction, in some sense categories (1) - (2) are *attributable* to *unique* identities. When I see messages in categories (1) or (2) on a mailing list, in my mailbox, or in Usenet postings, FTP articles, whatever, I can attribute them to unique people by definition. We also might call (1) `accountable', and if an online account under (2) can be traced to a legal identity, it would be also.
You most assuredly cannot confidently attribute any non-signed (and unverified-by-you) message to any unique person, by the definition of what email consists of and how it is produced. Simply the existence of "pseudospoofing" makes this so.
Categories (3) and (4) are *not* attributable to unique identities. A single person could post anonymously multiple times or pseudonymously under multiple identities. If a person has only one pseudonym, let's say that's `quasi- or semi- accountable'.
This also makes no sense to me. How can one be said to be "quasi-accountable", particularly since there is no way for you to acertain that they DO only have one pseudo? To be accountable, someone or something must make you account.
But not only is (5) *not* attributable to *identities*, it is not `attributable' to any of the previous *categories*! Hence, let's call messages in the categories (1) - (2) `attributable', (3) - (4) `nonattributable', (1) - (4) `uncamouflaged', `white', `open' or `unsurreptitious', and (5) `nonattributable' and `camouflaged', `black', or `surreptitious'. (I leave it to subsequent debate to stabilize on the most descriptive and memorable terms.)
Not to mention the rather stale (and, someone would say sooner or later, racist) psychology at work here. I don't argue from the "PC" side of things, but "black and white"? Come now. The real world, whether virtual or otherwise is a very very grey place. This Tolkienism is simply impractical.
This *camouflage* that various cypherpunks promote, apparently up to the highest levels of `leadership', is IMHO inherently subversive. Because no one here seems to be afraid of subversion and anarchy, and even embraces it, let me go further and say it is *destructive* not only to societies but to *any* social interaction, even interpersonal. IMHO It is not just a recipe for anarchy, it is a recipe for chaos and barbarianism, *particularly* when associated with personal mail (including mailing lists).
How is this destructive? If I see a man on the street, and later that night go out to a local concert, and am entertained by a "woman" singer that is actually the man I passed that morning, in drag, what damage has been done? Has my life suddenly been shattered, the fabric of society ripped apart, because I've see the same physical person in 2 outfits, and was none the wiser? If I "meet" 2 "individuals" virtually on the net, and they are the same person, how have I, or the net, been harmed? Provided no one is trying to defraud me, what have I lost? What have you lost? And whoever it is behind the multiple idents may actually GAIN, if they are the sort of person that cannot fully express themselves without playing a role (which is a signifcant proportion of the people in the world). Who are YOU to take that away from them? This whole line of argument strongly reminds me of the the one that goes like this: online communication is a bad thing, because people don't behave like their true selves, and misrepresent themselves. We should ban computer mediated communcation, because it is a heartless sham, a cold fraudulent falsehood, and will be misused by the schizoprenic and the sociopathic.
In fact, apparently not only are `some' cypherpunks in favor of `black' postings, they are in favor of *concealing* the very existence of the capability, so as to potentially manipulate and brainwash others in an undetected concerted conspiracy! I think I will define this as `evil blackness'. <g>
Puh-leeeeze. I discard this conspiracy theory on the basis that you accuse them of what you would yourself do: keep people from using the capability [whether it's true or not is irrelevant].
now, I just want to make the distinctions clear for the survey, which follows. The survey will help me determine the extent of `blackness' and `evil blackness'.
I take that back, this isn't Tolkienish, it's Lovecraftian. I would like to remind you that "evil" is a term from "morals", which are baseless and have no universality outside the closed group. If you wish to discuss whether using pseudonymy in this manner is *ethical* or not, then by all means please do so.
1. What is your `true name'?
Stanton McCandlish
2. Do you have a unique online identity other than your true name?
Yes.
3. How long have you been on the internet?
a few years (depends on how you wish to define "the internet".
4. How many mailing lists are you on?
At my peak, which I am reaching again, about 25 or more; counting newsgroups, Fido echos, and the like, I follow several 100 online conferences, again at peak.
5. Are `black' / `camouflaged' identities feasible or possible on the internet today? If so, how in particular? Comment on public access and UUCP sites if possible.
Certainly. Sign up with Netcom as "John Bigboote" and presto. With UUCP, Fido <-> UUCP gating, or pure Fido or QWK mail, I can generate as many personae as I wish.
6. To what extent do you think `camouflaged' identities exist on the internet currently?
To a large extent, and growing, though probably less than 1% of personae on the net are fake.
Where are they used?
Where are they NOT used?
What mailing lists or newsgroups are particularly dense with `black' postings?
soc.culture.african, soc.culture.african.american, bit.tech.africana, rec.music.afro-latin.
Have you ever received any in email?
To be serious again, who knows? I think it highly likely.
7. Have you ever posted under a `camouflaged' identity? if so, where? How often?
Certainly. Not that often, but it comes in handy.
8. Are you aware of any potential `abuses' of `black' messages? Has it turned into a big problem anywhere? Do you have any horror stories? Are there any `cabals' or `silent conspiracies'? have any debates or projects been `poisoned' or `sabotaged'?
No this is silly. For one thing, all it takes to veryify in the case of fraudulent use of another's name or reputation (i.e. posing a non-existent big-wig at IBM) is a phone call.
9. Are you neutral on the capability of `black'/`camouflaged' messages, or do you strongly promote/support or condemn it? Is it harmless or dangerous?
I am neutral on it, just as I am neutral on the issue of what anyone does with any tool or capablility. When it is attacked however, I am in support if of (the tool, not the attack).
10. Is society aware of `black messages'? if not, what would `they' think in general? if so, what is the consensus on the practice?
I think so. I think it is immediately apparent to anyone that uses this medium more than casually and for a short time that all is not as it seems and that forgery of postings is not particularly surprising.
11. Is it fundamentally technically impossible to prevent *widespread* black messages if there was an incentive or consensus to do so? Or is it feasible with technology?
Anything is feasible. The question is what price will you pay to remove this capability from the system? (incl. human costs, not just monetary ones.) No one needs you to protect us from ourselves or eachother.
12. What are internet policies in general on `black' messages? What should they be? Should they be restricted and prevented? allowed? Keep in mind the distinctions of posts to mailing lists, Usenet posts, and personal mail.
What is an "internet policy in general"? I have yet to see such a thing. There would appear to be no RFCs on the subject if that is what you mean, and netiquette doesn't seem to mind, it THAT's what you mean. I'm not sure the next questions under section 12 have any relevancy to anything. Please define "should". Who get's to decide what "should" be done? It might be better to ask "what is feasible" and "is there any reason NOT to allow psuedonymity in whatever form it takes, provided one does not step on the rights of others?" Thing is I don't think you could stop it, unless you completely restructured the net, at all levels from the mail software to the societal structure.
13. Please list any resources on this subject: email addresses of specialists, pointers to papers, etc.
Have none for you, probably because it's a non-issue. Sorry to seem like I'm going off on you, but I just don't see the reason in this entire line of rambling and fingerpointing. There are certainly more important things to get excited and active about. -- -=> mech@eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX
L. Detweiler writes:
5. `pseudoanonymous' or `pseudospoofed' -- the message could either be someone's `true name' or an invented alias, but *no* characteristics of the message (including the message by the author) can discriminate exactly *which*. This is something like `identity camouflage'. It is a new category of identification that transcends (1) - (4) because it encompasses all of them.
So don't give credit to any pseudoanonymous messages which aren't signed by a trusted public key. It's as easy as that.
* * *
Now, I've written a lot on `anonymity' and am a strong supporter and proponent of categories (2), (3), and (4), where the *receiver* of a message is *informed* and *aware* that it can be from *anyone*.
All five categories can be spoofed easily. Even birth certificates. If the hardest (true names) can be spoofed, what kind of person would reason that (5) can't be from anyone?
However, I believe extreme restrictions should be placed on the use of (5) in a civilized cyberspatial society (such as that which mailing lists and Usenet groups attempt to represent, IMHO). Contrary to all
Who is going to place these restrictions? The FCC?
Very serious abuses of (5) can lead to insideous deception and treachery, particularly in the interplay between public and private
The same case can be made for free speech. Allowing hate speech mongers the protection of free speech could lead to negative public opinion about the first amendment. So what? With every technology there comes the capability for both abuse and benefit. Live with it, and adapt. Crypto gives people the ability to post anonymously, it also gives you a more concrete way to authenticate (digital signatures, zero knowledge proofs, etc) which are in many ways, better than hand written signature and photo-id.
Above all, I'm *extremely* disturbed and alarmed to perceive what appears to be a systematic propaganda and disinformation campaign on this list and elsewhere in obfuscating the *obvious* and *incontrovertable* distinction between (3) and (4) on one hand (`anonymous' and `pseudonymous') and (5) on the other (`pseudoanonymous' or `pseudospoofed'), ironically perhaps largely via abuse of the lack of protective mechanisms against it here.
There is no campaign, you are paranoid. There is no difference between 3,4 and 5 except your imagination. In 1-4 I can just as easily spoof. If someone is aware that 1-4 can be spoofed by anyone and they can't extend their pea-brain to reason that (5) can also be spoofed then they deserve the fate they get!
In (3) and (4), the reciever *knows* that the message can be from *anyone*. In (5), the receiver does *not* know, and may even be *misled* into believing that a message is in categories (1) or (2) when it is in fact in fact `anonymous'. IMHO this is *very* dangerous.
Caveat emptor. After they are pseudospoofed for the first time, they won't be so trusting of net.con-men anymore and will demand better proof of identification.
This *camouflage* that various cypherpunks promote, apparently up to the highest levels of `leadership', is IMHO inherently subversive. Because no one here seems to be afraid of subversion and anarchy, and even embraces it, let me go further and say it is *destructive* not only to societies but to *any* social interaction, even interpersonal. IMHO It is not just a recipe for anarchy, it is a recipe for chaos and barbarianism, *particularly* when associated with personal mail (including mailing lists).
Perhaps I'm just not that excitable, but I don't see what all the fireworks are for. This already is the status quo. Mail fraud, con-jobs, fake-ids, these already exist outside cyberspace. If anything, you should be more distrusting of net.pseudonyms than the three-card monte dealer.
In fact, apparently not only are `some' cypherpunks in favor of `black' postings, they are in favor of *concealing* the very existence of the capability, so as to potentially manipulate and brainwash others in an undetected concerted conspiracy! I think I will define this as `evil blackness'. <g>
Bogus. You just went off the deep-end. If you're so concerned about this capability, why don't you go liberate the net.universe and tell them this amazing fact: you can forge identities on the net. Postings, mail, accounts, even whole domains. -Ray NEWSFLASH: Great Cypherpunk Conspiracy Revealed! A california based group of cryptography fans conspire to cover up pseudoanonymous capabilities so they can continue their reign of abuse, exploitation, psychological combat, and the sapping of precious bodily fluids from net.novices. p.s. all this reminds me of the great mud gender identity debates. Many young males were extremely disturbed that the female MUD users they were practicing cybersex with were actually other males. As a result, most mud users are no longer as gullible. Evolution and natural selection at its best. p.p.s you will find that many of us aren't trying to cover pseudoanonymous capability up -- It is just that _we don't care_ I certainly don't care, and I don't think of myself of "the great protector of the ignorant" as you seem to do either. The facts are, short of demanding digital signatures or passwords for posting to this list, there is nothing you can do to prevent me from forging "From" lines, I could probably forge Received: lines too if I had a well-positioned machine. One feature of my Extropian's list software is that it only allows people who are on the list to post to it, and a user can turn on a "password" feature that only allows his address to post if a password is supplied. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc@gnu.ai.mit.edu | - Zetetic Commentaries --
You justify all your arguments in favor of pseudospoofing by pointing at existing criminal behavior. Interesting point of view, eh?
Bogus. You just went off the deep-end. If you're so concerned about this capability, why don't you go liberate the net.universe and tell them this amazing fact: you can forge identities on the net. Postings, mail, accounts, even whole domains.
I just did.
NEWSFLASH: Great Cypherpunk Conspiracy Revealed! A california based group of cryptography fans conspire to cover up pseudoanonymous capabilities so they can continue their reign of abuse, exploitation, psychological combat, and the sapping of precious bodily fluids from net.novices.
yep. hope you don't mind.
p.s. all this reminds me of the great mud gender identity debates. Many young males were extremely disturbed that the female MUD users they were practicing cybersex with were actually other males. As a result, most mud users are no longer as gullible. Evolution and natural selection at its best.
MUDs are games. Mailing lists, Usenet, and the Internet are not.
p.p.s you will find that many of us aren't trying to cover pseudoanonymous capability up -- It is just that _we don't care_ I certainly don't care, and I don't think of myself of "the great protector of the ignorant" as you seem to do either.
so?
The facts are, short of demanding digital signatures or passwords for posting to this list, there is nothing you can do to prevent me from forging "From" lines, I could probably forge Received: lines too if I had a well-positioned machine.
you are mistaking the form of the present internet with future cyberspace.
One feature of my Extropian's list software is that it only allows people who are on the list to post to it, and a user can turn on a "password" feature that only allows his address to post if a password is supplied.
it's a start. ltr.
participants (3)
-
L. Detweiler -
rjc@gnu.ai.mit.edu -
Stanton McCandlish