Re: Pay per use remailers and remailer reliability tracking.
On Wednesday, December 19, 2001, at 04:51 PM, Len Sassaman wrote:
Dear Cypherpunks and other unsavory characters,
I was recapping for some other remops a conversation that Tim sparked at the last cypherpunks meeting regarding pay-per-use remailers, and I had some additional thoughts. I'm not an expert on digital cash, so please pardon me if I make any obvious errors. I welcome criticism of these ideas and explanations as to why they won't work as well as tips for improvement.
I've been thinking about how to create pay-per-use remailers for some time. The reasons for needing a remailer payment system are obvious: aside from handling spamming and flooding, it would encourage more people to run remailers. If a remailer operator can expect to make money off of a remailer, or at least recoup his losses, he's more likely to do so. (Discussion of how liability changes when money is involved is for a different time.)
Indeed, we can talk about how money affects liability another time. (But I will add that many people here and on the Net have a wrong-headed notion that "if you don't charge money, you are protected." This doesn't work with software piracy cases, this doesn't work with trespassing in physical or cyberspaces, and so on. "Not charging money" is not the cloak of protection some seem to think it is.)
"Digital cash" in the traditional sense isn't necessary for a pay-per-use remailer system. Like MojoNation, I am going to refer to the digital cash coins as something that has no monetary value in the traditional sense. Tim pointed out at the last meeting that what we think of as "money" has no inherent value. If you think of the remailer digital cash coins as tokens with a very specific purpose, a lot of the objections to using digital cash disappear.
Yes, coupons or tokens (like subway tokens, like casino chips, though these are not the same thing) can be used in ways that don't require "true digital money" (say what? I will argue later that "true digital money" is a misleading meme). Even Magic Money (circa 1993, Pr0duct Cypher) or Tacky Tokens (approx. ditto) would be an interesting experiment. Even tokens _specific_ to the remailer! ("Use of this remailer costs 1 Melon"). Mixing tokens as a crude way to anonymize is possible.
Additionally, I am assuming that there would be a suitable digital cash algorithm that could be used for these purposes. I am aware that there are algorithms similar to Chaum's in existence, but my level of knowledge isn't sufficient to know if they would work for these purposes. In any event, the Chaum patents expire soon enough. In this scheme, while the anonymity of the token buyer is essential, neither the bank nor the seller will have their anonymity protected.
Yes, Chaum happens to be sort of right in this particular case: the identity of the remailer is assumed to be traceable (because remailers usually operate openly), hence only buyer-untraceability is required, hence Chaum Version 2 ecash is OK. Anonymous remailers are possible, using broadcast or "message pool" models. For example, sending a message to alt.anonymous.messages and having remailers scan the pool for messages they can decrypt. This then requires seller-anonymity as well. Solvable. Agnostic digital cash (a la Barnes) could be deployed for remailers without an extensive "digital cash infrastructure" involving banks. One of the reasons I wanted to have a CP meeting focused on implementing Chaum protocols without the niceties of licensing from Chaum (or the Canadians who now own the patents) was to do this. Alas, our meeting went off into other directions....some of you were at that meeting last summer.
The system would work as follows, from the point of view of the user:
The user would purchase remailer tokens (digital cash) from a token vendor (the bank). This is an exchange similar to car wash tokens or TicketMaster[tm], where the seller receives "real cash" and the buyer receives a tangible promise of a future service. The tokens could be purchased online using PayPal, credit cards, etc. (Yes, this means the number of paying remailer customers must be large enough to constitute a crowd.)
The user than fires up his remailer client, and each remailer has pricing and token service information associated with its key and reliability stats. (In this system, multiple token vendors could exist, and remailers could be their own vendors. For simplicity's sake, I am going to assume that all remailers in this user's client accept the same ticket vendor's tokens.)
Each remailer sets a price (i.e., number of tokens) for its use. Remailers could even charge a different amount depending on where in the chain it fell, with exit hop services costing more than beginning/middle chain positions. The user would select his chain based on the reliability stats and the pricing information for each remailer. The client would tally the cost, and when the user approved, it would remove tokens from the user's "purse" and attach them to the outgoing message, interwoven in the various layers of encryption in the message.
Yes, this is how markets for remailing services would likely develop. All of the usual stuff about price discovery, competition, discounts, advertising, etc.
Now, from the remailer's point of view:
A message is received, and the encryption stripped off. Inside is a remailer token, which the remailer redeems with the token vendor after ensuring that the token covered the price of the message (accumulating a balance in his account, which can then be exchanged for cash by the remop.) The message is then delivered to the next hop, and so forth.
I came up with this idea after an interesting conversation with Bram Cohen one night, and then after researching it realized that others had said basically the same thing. I'm interested in hearing problems with the above proposal, but for now I am going to assume it is sound. I have a further enhancement to this system that I just now realized might be possible, and this is what I'm really interested in discussing.
I am painfully aware of the negative effects of saying "That's an old idea." But, of course, it is. No big deal, as it's all the way a paid remailer system would almost certainly have to operate. (Multiply-nested, with tokens obviously also nested...has to be this way.) This is how we modeled paid remailers at the very first physical meeting, in fact. (We used envelopes within envelopes to model nested, chained encryption/remailing, and we used Monopoly money to model payments at each stage. The simulated remailer operators even advertised discount prices...)
If a system as I have described above were to be implemented, we could solve this problem (as well as the inevitable problems of remailers cheating and collecting payment without delivering mail, and the problem of double-spending) without having to reveal any useful information to an attacker who doesn't already have ability to observe the entire mix network.
If the remailer client were to keep track of which tokens were paid to which remailer, the user could determine where in a chain message delivery failed, or if the message exited the last hop (not exactly the same as if it was delivered, but close. The last remailer could cheat, or the recipient's mail server could fail. There's ways to improve this, though.)
This sounds likes a good line of thinking.
After the remailer redeems the token with the token vendor, the token vendor publishes the token. No one but the user and the remailer know which message a given token was linked to, so information leakage is minimized. The user can query the token vendor for the most recent token redemptions, and will be able to determine where his message either is currently waiting in the chain, or where it died.
(This isn't exact either. Failure, in this case, is pinpointed at the link between two remailers, rather than at a given remailer. If a user queried the bank and discovered that, out of a 5 remailer chain, remailers A, B, and C redeemed the tokens but D did not, this either means C is cheating, C is broken on sending, or D is broken on receiving. Further tests would be necessary to determine the exact nature of the failure.)
Does anyone have any thoughts on this? Reasons why the payment system would not work? Reasons why the verification system would not work? Improvements to either system? Thoughts on the specifics of the digital cash algorithms needed?
I wish you the best of luck and encourage others to help. We old-timers are accused of saying "That's been thought of before." Only because the outlines of these things unfolded pretty quickly (see the 1992-93 list traffic, for example). But true progress has historically come when someone pushed the implementation, as with the earliest remailers themselves, and later remailer sytems like Mixmaster. A token-based remailer system, while an "obvious" system, would be a major accomplishment. --Tim May "As my father told me long ago, the objective is not to convince someone with your arguments but to provide the arguments with which he later convinces himself." -- David Friedman
A token-based remailer system, while an "obvious" system, would be a major accomplishment.
Any kind of privacy-enhanced token/payment/value system would be a major accomplishment at this point. The c'punks have been in biz for almost ten years now, and private payments have always been probably the #1 goal, and we are _further_ from having a private payment system now than we were ten years ago. We've got the math. We don't have the software or the business, though. The reasons for this have been debated over and over. We're at an impasse.
At 09:30 PM 12/20/01 -0000, Dr. Evil wrote:
A token-based remailer system, while an "obvious" system, would be a major accomplishment.
Any kind of privacy-enhanced token/payment/value system would be a major accomplishment at this point. The c'punks have been in biz for almost ten years now, and private payments have always been probably the #1 goal, and we are _further_ from having a private payment system now than we were ten years ago. We've got the math. We don't have the software or the business, though.
The reasons for this have been debated over and over. We're at an impasse.
Its not possible for the mousetrap builders to generate interest in the better stopping of mice. We don't control the silos of grain nor the investors therein. Do not thrash your soul over this.
At 05:54 PM 12/20/2001 -0800, you wrote:
At 09:30 PM 12/20/01 -0000, Dr. Evil wrote:
A token-based remailer system, while an "obvious" system, would be a major accomplishment.
Any kind of privacy-enhanced token/payment/value system would be a major accomplishment at this point. The c'punks have been in biz for almost ten years now, and private payments have always been probably the #1 goal, and we are _further_ from having a private payment system now than we were ten years ago. We've got the math. We don't have the software or the business, though.
The reasons for this have been debated over and over. We're at an impasse.
Its not possible for the mousetrap builders to generate interest in the better stopping of mice. We don't control the silos of grain nor the investors therein. Do not thrash your soul over this.
I disagree. We should all be ashamed. The main reason we don't have the private payment system many have discussed is lazyness/"better things to do with their time" by those with the technical ability to create the SW (if I were one of them the SW would be done by now, as I've easily spent 1-2 many years and $10Ks trying to get others to write the code). Funding the payment system, as Tim has noted, is not that hard. steve
-- On 20 Dec 2001, at 21:00, Steve Schear wrote:
We should all be ashamed. The main reason we don't have the private payment system many have discussed is lazyness/"better things to do with their time" by those with the technical ability to create the SW (if I were one of them the SW would be done by now, as I've easily spent 1-2 many years and $10Ks trying to get others to write the code). Funding the payment system, as Tim has noted, is not that hard.
I have been working on this project for several years, and have not got much done. It is a big project, to do it right, with a user interface that is going to be reasonably usable and intelligible for a casual user, I would say it is about eighteen months full time work if done at home, and if done as a dot com business, a couple of million dollars. Doing it right requires a reasonably competent programmer, someone with experience in producing consumer products. Such people tend to be busy. I have kids to put through college. Because of the illegality of likely applications, this is not a project that bodes well for making a lot of money. This project is the upper edge of what can be done by an enthusiast. Having done it, then comes the scary part -- deploying it. No way can I deploy it -- I have too many assets. Anyone that has the skills and time needed to create this is apt to have too many assets to himself deploy it. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG LnKyj9xPCkeKLryKpX/SwS8LghhHga8iIH4aM/Nt 4QLZ88QAqycmHGkE0D0pOXkxpvslDNBdb7dGf/c36
I strongly endorse this post. It says things I have been planning to put into a post. A few comments, but the original left unsnipped so it can be read in full as part of my post. On Friday, December 21, 2001, at 08:42 PM, jamesd@echeque.com wrote:
-- On 20 Dec 2001, at 21:00, Steve Schear wrote:
We should all be ashamed. The main reason we don't have the private payment system many have discussed is lazyness/"better things to do with their time" by those with the technical ability to create the SW (if I were one of them the SW would be done by now, as I've easily spent 1-2 many years and $10Ks trying to get others to write the code). Funding the payment system, as Tim has noted, is not that hard.
I have been working on this project for several years, and have not got much done. It is a big project, to do it right, with a user interface that is going to be reasonably usable and intelligible for a casual user, I would say it is about eighteen months full time work if done at home, and if done as a dot com business, a couple of million dollars.
This sounds about right. Pr0duct Cypher, whoever he was/is, gave us a crude form of digital cash almost 9 years ago. Chaum had a team of N (probably 3-8 at any given time, over 10+ years) working on various levels of digital cash implementation. However, Chaum was hobbled in various ways, and a smaller team could probably do it. Why don't certain indviduals, like moi, fund digital cash? Several reasons: 1. As James notes, a dot com business would consume a few million dollars. Absent a concrete business plan, and funded only by the funder, this would mean about twice that in stocks and investments would have to be sold to fund the "few million dollars" to (maybe) complete the project. 2. Even with a few million in dot com funds, or several million in investments liquidated to generate the few million, no guarantee of success. Besides the fact that Chaum's company apparently spent upwards of ten million dollars, nothing significant came out of it (and he had all the patents, all the cachet). I watched the Xanadu and AMIX groups spend a huge amount of money. Fine people, moslty, but they missed the boat. (Had some person liquidated $15 million in order to fund a $7 million Xanadu effort, I'd say they have a right to be pissed that little came out of it except some joking business cards reading "Chief Ontologist and Bottle Washer" and things like that. Don't get me wrong: a lot of the Xanadu and AMIX folks are my friends, but I watched them blow throw many millions of dollars in salaries and rentals and office space with almost nothing to show for it.) (Side Note: And then there's ZKS, which apparently (according to estimates I have read) raised upwards of $60 million. A staff of 200 at one point, with latte and chai bars and hot tubs and all the rest of the dot.com shtick. And now, what? They tried reinventing themselves as some soft of "privacy consulting" firm. Maybe a few bucks in that, but I expect most of that $60 million has evaporated. And for individual investors, it would take liquidating and paying taxes on $100 million in assets to raise this amount of investment capital...) 3. Anyone funding this kind of effort had better do it very anonymously. Big Brother is constantly expanding the boundaries of the conspiracy laws, and the civil courts will also be called on to avenge any financial losses by supposedly aggrieved rights holders. While I have no idea who "James Donald" really is, he'd better be even more untraceable than he is now if he introduces a system which can by any interpretation "aid the Evil Doers and do harm to the children."
Doing it right requires a reasonably competent programmer, someone with experience in producing consumer products. Such people tend to be busy. I have kids to put through college. Because of the illegality of likely applications, this is not a project that bodes well for making a lot of money.
Way too much focus has been put on making money. Not that there is anything wrong with making money. But too many people have tended to think that if they have even a glimmering of an idea, that a start-up is the way to finance their explorations. Not surprisingly, most of these developmental companies have failed miserably. (Useful to look at companies which have succeeded. Sun commercialized, with Stanford's permission and partial ownership, the Stanford University Network (SUN). Cisco commercialized some networking systems _also_ deployed at Stanford. A moral here. Ebay went after the low-hanging fruit of computerizing simple classified ads and adding auctions (even as my friends at AMIX had earlier been working on more sophisticated versions of Hayekian agoric markets...thus missing the Pez collectibles!))
This project is the upper edge of what can be done by an enthusiast. Having done it, then comes the scary part -- deploying it. No way can I deploy it -- I have too many assets. Anyone that has the skills and time needed to create this is apt to have too many assets to himself deploy it.
This is my fear as well. Even _donating_ to such a development effort can expose one's assets to seizure. (Pace the recent seizures of pro-Palestine contributors. In Amerika, your money is not really your own anymore.) People with assets could flee the country, renounce, blah blah, and maybe, if the Feds let the assets escape the country, have the funds and the freedom to fund such an effort. But what would they get? Only a handful of people seem to have the skills to independently develop digital cash. The chances are very good that the effort would be by some people who really didn't know what they were doing, who spent their time shopping for Herman Miller chairs and espresso machines for the company entertainment pod, and who basically were drones. We've seen it happen a dozen times. Is there any hope at all? Yes. The best work has always been done by one or two people at a time. This applies to software as well. (Not so much to chips anymore, at least not for the past 20 years. Another topic.) A person with the dedication and skill of a Stallman could probably implement digital cash without having the Herman Miller chairs, the hot tub up on the roof of the office building, the staff of marketdroids, and the espresso machines. There's some hope. --Tim May "The State is the great fiction by which everyone seeks to live at the expense of everyone else." --Frederic Bastiat
At 02:19 PM 12/22/2001 -0800, Tim May wrote:
Yes. The best work has always been done by one or two people at a time. This applies to software as well. (Not so much to chips anymore, at least not for the past 20 years. Another topic.)
A person with the dedication and skill of a Stallman could probably implement digital cash without having the Herman Miller chairs, the hot tub up on the roof of the office building, the staff of marketdroids, and the espresso machines.
There's some hope.
Espresso is important, basic machines are cheap, and the real decision is whether walking down to Starbucks to avoid making it yourself is more an interruption to your concentration or an opportunity to spend time in the real world and to check out the Mondex smartcard machine that Starbucks gave up on using :-) But the easy part of doing digital cash is the software, and it doesn't take years of Stallman-level or Chaum-level or Ian-or-Ben-or-Lucky-level wizardry to produce it, though it's really helpful to have their insights into what didn't work and what pieces were useful for consumer-quality realizability. Lots of people can turn the algorithms into reliable code; lots of people can build user interfaces, though you if you want it to run on the latest Microsoft GUI API environments and all Mac environments from 6.5 through 10.1.2Coca you'll need a few extra helpers to add the ugly details. (*I* could even do the programming, though you'd get a basic web forms interface and a text interface that looks suspiciously like "throw stone knife at dwarf", "404 Knife Not Found", with none of that modern Javascruft or "ncurses" aesthetics in it :-) The hard part is getting people to take the stuff. 30 years of Kernighan, Ritchie, and Thompson, 20 years of Stallman and Gilmore, 15 years of X and Gosling, and 10 years of PGP & Linux has gotten us partway to World Domination in technical areas, often by getting the good parts stolen badly by the bigger commercial interests, but money's harder to change; Black & Scholes and Fair & Isaac and Milken and Visa/MC/AX and Schwab and later E-Trade and just possibly PayPal have changed things, but Mondex didn't happen, and Micropayments didn't happen, and in spite of all of Hettinga's enthusiam and Chaum's business acumen, anonymous digital bearer cash hasn't successfully rocked the world. It not only takes technical skills to ship working stuff, it takes business skills to find a market where it works and promote it enough that enough people are using it that some level of anonymity can actually happen. Lucky and the Mark Twain Bank had the technology, and had the service working in the abstract, aside from the minor problem that there was nothing to buy except pictures of Cypherella before they stopped allowing that, though perhaps if they'd been a bit later to market and jumped into E-Bay when PayPal did they could have pulled it off (or perhaps not - that's a market where reputations have a really high value, and you'd have to structure an escrow market around your digicash that would undo most of the anonymity even if the digicash provided it.) Doug and the Austin Cypherpunks Credit Union folks had the technical skills, and the interesting hook that in the US, Credit Unions have much less regulation than Real Banks, but figuring out how to make money from such an activity was tough, and unlike MTB, they decided not to launch a business they didn't know how to make money with :-) Getting the real thing working requires real marketing skills and being in the right place at the right time; occasionally you can hit it off, like the kid who wrote WinAmp and was pressured by his parents into making it Shareware and not just freeware, or the Hotmail folks causing the free-web-based-email wave (and catalyzing many of the appallingly stupid Dot-Com Business Plans.) Perhaps one advantage of the dot-com crash is that people starting businesses today are much more likely to do the solid business planning and the initial technical decisions before they get enough funding to leave the garage and hire the 200 programmers that it takes to prevent any real work from being done while you're having meetings to coordinate development of the hot-tub-scheduling website. But if you're not going to use the marketdroids, you have to find some really solid alternative to get the stuff widely used. Maybe it's as simple as finding the next Ochoa brothers and showing them how selling bearer cash cards can help their business, now that the tough part is moving the green paper and not the white powder, but the nearest recent equivalent was The Napster Brothers, and they didn't successfully capitalize their need for a payment system. Mojo Nation may have been a bit closer, as a small dedicated group of enthusiasts working on a payment system combined with a transport mechanism for the goodz, but they didn't pull it off either.
On Sunday, December 23, 2001, at 01:29 AM, Bill Stewart wrote:
At 02:19 PM 12/22/2001 -0800, Tim May wrote:
Yes. The best work has always been done by one or two people at a time. This applies to software as well. (Not so much to chips anymore, at least not for the past 20 years. Another topic.)
A person with the dedication and skill of a Stallman could probably implement digital cash without having the Herman Miller chairs, the hot tub up on the roof of the office building, the staff of marketdroids, and the espresso machines.
There's some hope.
Espresso is important, basic machines are cheap, and the real decision is whether walking down to Starbucks to avoid making it yourself is more an interruption to your concentration or an opportunity to spend time in the real world and to check out the Mondex smartcard machine that Starbucks gave up on using :-)
I was using that as a stand-in, a place holder for the recent trend for start-up companies to spend lavishly on corporate digs. Being an old-timer, I like to say: In my day, we had to walk five miles through the snow to get a cup of mud from the vending machine. Actually, in my day at Intel we were lucky to have patty melts for lunch, as most of us ate out of vending machines (burritos, stale sandwiches, cottage cheese) or out of the vending vans ("roach coaches") which pulled up outside to feed the engineers and operators. Things have changed, I gather. I've got nothing against companies having nice facilitites, but perhaps the lavish cafeterias, rooftop jacuzzis, and other frivolities give the workers the impression that money is flowing freely (as it is...for a while). I'd rather see a company starting on a shoestring, with surplus desks from Repo Depot, with crowded offices, and with no money wasted on frivolities. Especially if I'm an investor! Sure, it'll cause some of the folks to go instead to Oracle, where the cafeterias are opulent. A good thing that those who want opulence go to such places! (I faced a similar choice in 1974: some of the places I was considering were known for their lavish expense accounts, their nice offices. Other places were more spartan (that's a good word to think about). I chose one of the spartan places, Intel. A lot of those other companies I could have gone to went nowhere.) This applies to marketdroids as well. Startup companies get larded-up with marketing departments when there is little to market. The huges staffs of some of the companies we all know about is an example. (Just as bad: the hiring of ex-government officials, regulators, etc. But I digress.)
But the easy part of doing digital cash is the software, and it doesn't take years of Stallman-level or Chaum-level or Ian-or-Ben-or-Lucky-level wizardry to produce it, though it's really helpful to have their insights into what didn't work and what pieces were useful for consumer-quality realizability.
Lots of people can turn the algorithms into reliable code; lots of people can build user interfaces, though you if you want it to run on the latest Microsoft GUI API environments and all Mac environments from 6.5 through 10.1.2Coca you'll need a few extra helpers to add the ugly details. (*I* could even do the programming, though you'd get a basic web forms interface and a text interface that looks suspiciously like "throw stone knife at dwarf", "404 Knife Not Found", with none of that modern Javascruft or "ncurses" aesthetics in it :-)
I agree and disagree. I agree that the core crypto is sort of established. However, how many examples of it do we see? Few. How many of the programmers here on this list (there must be a few dozen who call themselves programmers, professionally) have ever implemented anything remotely similar to digital cash? (I don't call myself a programmer, but I fool around. The closest I have come to the above is when about 10 years ago I wrote a simple RSA implementation in Mathematica, just to make sure I had all the "Euler totient function" kind of crapola down straight.)
The hard part is getting people to take the stuff. 30 years of Kernighan, Ritchie, and Thompson, 20 years of Stallman and Gilmore, 15 years of X and Gosling, and 10 years of PGP & Linux has gotten us partway to World Domination in technical areas, often by getting the good parts stolen badly by the bigger commercial interests, but money's harder to change;
PayPal took off pretty fast. So did VISA and MasterCard in their day. I think and hope someone will cut through all of the b.s. and do something that takes off. As I mentioned a few days ago, one of the reasons we wanted to have a session on "implementing digital money" was to brainstorm these issues. Maybe we should try again. By the way, if "lots of people can turn the algorithm into reliable code," where _are_ the implementations? I see bits and pieces.
Black & Scholes and Fair & Isaac and Milken and Visa/MC/AX and Schwab and later E-Trade and just possibly PayPal have changed things, but Mondex didn't happen, and Micropayments didn't happen, and in spite of all of Hettinga's enthusiam and Chaum's business acumen, anonymous digital bearer cash hasn't successfully rocked the world. It not only takes technical skills to ship working stuff, it takes business skills to find a market where it works and promote it enough that enough people are using it that some level of anonymity can actually happen.
I don't think things happen because of "evangelists." Evangelists didn't give us the transistor, the IC, the microprocessor, the early personal computers, or even the Mac (where Apple was famous for hiring "evangelists," e.g., Guy Kawasaki). Discussing this would require a longer article here than I'm interested in writing. To be sure, advertising BankAmericard (VISA) and other credit cards was and is a big business. People have to know a technology exists and then want to use it. Evangelizing digital cash, when no real digital cash implementation exists, is getting things backwards.
Lucky and the Mark Twain Bank had the technology, and had the service working in the abstract, aside from the minor problem that there was nothing to buy except pictures of Cypherella before they stopped allowing that, though perhaps if they'd been a bit later to market and jumped into E-Bay when PayPal did they could have pulled it off (or perhaps not - that's a market where reputations have a really high value, and you'd have to structure an escrow market around your digicash that would undo most of the anonymity even if the digicash provided it.)
Lucky can tell us what the real level of technology was. My impression is that it was a cleaned-up version of Chaum's earlier code (or the code of his early 90s programmers, that is) and did "uninteresting" things. And since it wasn't payee-untraceable, interesting uses for trading banned materials were not possible. (My recollection, though I could be wrong, was that Mark Twain Bank also had the usual ISP-like junk about acceptable uses and how accounts could be cancelled for "inappropriate uses.") A lot of these applications are just "toy uses." Not even the True Believers, most of us, would waste our time and money opening a Mark Twain Bank account so we could flash our account cards, or whatever, at local parties and meetings. I don't know of anyone, besides Lucky, who ever used the system. It is true, and we've talked about it many times, that most people don't care about anonymity and untraceability. They don't care that their "Fast Pass" turnpike passes can (and sometimes are) be used to track their movements, to find out when they were on the New Jersey Turnpike and which exit they got off at. 99.9984% of them figure no one will bother to check. So the market for Chaumian ecash for car passes never materialized. A big part of the problem is the lack of evolutionary learning. This is a problem with our patent system, especially for software. A number of years ago I wrote an article about how patents for hardware work because the produced good "meters" the patent: no one cared what uses were made of the microprocessor because every sale was a sale, thus paying for all of the various R&D and patents and so for the chip companies. With software (*), there is much concern about what uses are made. Because of replicability of the product. (* I don't mean a software product like Microsoft Office. It is true that no one cares what use is made of a copy of Office, provided it was legitimately bought. I mean software like "RSA," where sale of a general license has to be very carefully planned.) Because Chaum wished to make money (not an ignoble goal), he limited access to the core of his system. (Whatever you want to call it, the algorithms, the implementations, the ability of others to build products, etc.) There were a series of "future by design" projects, but little evolutionary learning. (Contrast to the aircraft or chip businesses, where hundreds of companies failed, planes crashed, new designs were tried, patents were cross-licensed or bought, companies rose and fell, products proliferated...) It's not easy to build a company around an algorithm. RSA succeeded, but it faced years of shoestring operation troubles (I visited their crowded offices in Redwood Shores, circa 1990-1). And it had arguably the most important patent portfolio of all. (Levy's "Crypto" details the history, and the almost out of business experiences.) I see way too many Cypherpunks jabbering about "raising money." Most don't. It's time for a return to the older models.
Doug and the Austin Cypherpunks Credit Union folks had the technical skills, and the interesting hook that in the US, Credit Unions have much less regulation than Real Banks, but figuring out how to make money from such an activity was tough, and unlike MTB, they decided not to launch a business they didn't know how to make money with :-)
Good for them. Both later made some money from other projects.
Getting the real thing working requires real marketing skills
See above. I doubt a marketing group makes a hill of beans' worth of difference.
and being in the right place at the right time; occasionally
True enough.
you can hit it off, like the kid who wrote WinAmp and was pressured by his parents into making it Shareware and not just freeware, or the Hotmail folks causing the free-web-based-email wave (and catalyzing many of the appallingly stupid Dot-Com Business Plans.)
We saw a lot of appallingly-stupid Cypherpunks Business Plans, too. "And then at this point the world adopts the use of Bearer Bucks (TM) and we get 2% of every transaction!"
Perhaps one advantage of the dot-com crash is that people starting businesses today are much more likely to do the solid business planning and the initial technical decisions before they get enough funding to leave the garage and hire the 200 programmers that it takes to prevent any real work from being done while you're having meetings to coordinate development of the hot-tub-scheduling website.
Yep. Premature commercialization, mythical man-month, burn rates, and all that.
But if you're not going to use the marketdroids, you have to find some really solid alternative to get the stuff widely used.
I'll say it again: the best commercialization is done for stolen products. (Or, to head off frivolous charges that I am libeling Sun or Cisco, below, products which were basically already developed and faced a ready market.) The Stanford University Network (SUN) machines were largely ready to go when the founders of Sun (gee, where'd they get that name?) sought permission (and investment) from Stanford to commercialize them. Ditto for Len and Sandy's work at Stanford on routers. This is how Sun and Cisco were able to "hit the ground running." They didn't squander precious startup dollars on roof-top jacuzzis and meeting rooms for researchers to sit around trying to develop a product. Investment money went into production facilities, wire-wrap guns, etc. Even RSA was basically just commercializing an already-extant thing. Intel was making and selling actual products within 6 months of its formation. (It did _not_ get funding and then sit around in opulent surroundings thinking about future directions. In a way, it also "stole" its technology, in that its founders had worked on silicon-gate MOS at Fairchild and knew how to get rolling quickly. I'm not accusing Intel of stealing in any prosecutable sense, but in the sense that this is the way evolutionary learning happens: the children of successes create more successes.) By contrast, I've watched dozens of companies (some of them started and staffed by my friends) raise some seed capital and _then_ begin their research and development! Bad move. For lots of reasons I could write about for hours. (Xanadu and AMIX were examples, several Cypherpunks startups are other examples.) (Nutshell: research proceeds unevenly. Breakthroughs. Evolutionary learning. Dead-ends. Redirections. "Exploitation of rich veins of ore," punctuated equilibrium, time value of money. When a company gets investment money, it _must_ begin to use that money _immediately_. Ideally, for production facilities, for actual product advertising, for _immediate_ uses. The time value of money dictates this. It _cannot_ use its money to hire people to sit around and think about future research directions. If there is not a _real_ business plan (I don't mean a "spreadsheet business plan") with a real revenue stream beginning _soon_, why form a company? A lot of naive people seem to think the capital markets exist to help them fund their dreams, their vague ideas about becoming the next Bill Gates. Maybe the recent dot com collapse has changed things.) There _is_ a place for "service businesses." ISPs, for example. (The founders of ZKS made their initial money by setting up a successful ISP in Canada and then selling it when the great wave of ISP consolidations was cresting. Interestingly, some of the early remailer operators in Holland did something very similar, selling their ISP business. Looks like this was the real way to make some money. No exotic cutting-edge technology, just paying customers.) There's a saying that "the best is the enemy of the good." This is part of the long debate in computer science between "doing the right thing" and "doing what works." The "Right Thing" is the elegant, the crystalline, the pure. "What Works" is the crufty, the cobbled-together. LISP versus Perl, perhaps. Richard Gabriel has some fun essays along the lines of "Worst is Best" (use Google to find them), discussing why the workstation and language market developed in the way it did. In our community (and related orbiting communities), "the cool is the enemy of the good." Hence we see multi-year efforts to the really cool implementation of hypertext developed, thus running out of money and missing the boat on the Web. (Xanadu.) Ditto for digital cash, as comparatively low-tech and uncool products like PayPal move in to take the low-hanging fruit. Paying people to sit around and dream about rilly, rilly cool products is the kiss of death. Lastly, the focus on commercialization has been very weird these past several years. Nearly everyone jabbers about how to make money off of remailers, or data havens, or digital money. But little in the way of new ideas are being discussed here. Our last Cypherpunks meeting was refreshing in that we had a couple of good talks on real things and very little of the "lawyer" and "startup evangelizing" junk. And we ended with a heated discussion of remailers and such, which Len and Steve and others have been writing about. Even more lastly, you folks out there thinking about how to do a startup or make money should be thinking about what I said, and which I am certain is basically correct: start up companies are not the place to do basic R&D. That's the place for universities and for established companies (with the companies either spinning-off divisions or selling the products themselves or losing their staff who "steal" the work). The cost of money is just too high for anyone to fund blue sky dreamers. Except as charity. (I can't resist: Look at Interval Research. Paul Allen, who has almost as much money as Bill Gates, decided to try to replicate the success of Xerox PARC and funded Interval Research some years ago (around '92-'93, IIRC). He gave it a wad of money, they set up shop, they hired Brenda Laurel and Lee Felsenstein and all kinds of other bright thinkers and dreamers. What came out of it? Nothing. Nada. Nil.) --Tim May "As my father told me long ago, the objective is not to convince someone with your arguments but to provide the arguments with which he later convinces himself." -- David Friedman
At 11:55 AM 12/23/01 -0800, Tim May wrote:
Being an old-timer, I like to say: In my day, we had to walk five miles through the snow to get a cup of mud from the vending machine. Actually, in my day at Intel we were lucky to have patty melts for lunch, as most of us ate out of vending machines (burritos, stale sandwiches, cottage cheese) or out of the vending vans ("roach coaches") which pulled up outside to feed the engineers and operators.
"When I was your age we didn't have Tim May! We had to be paranoid on our own! And we were grateful!" --Alan Olsen
-- On Sunday, December 23, 2001, at 01:29 AM, Bill Stewart wrote:
But the easy part of doing digital cash is the software, and it doesn't take years of Stallman-level or Chaum-level or Ian-or-Ben-or-Lucky-level wizardry to produce it, though it's really helpful to have their insights into what didn't work and what pieces were useful for consumer-quality realizability.
On 23 Dec 2001, at 11:55, Tim May wrote:
By the way, if "lots of people can turn the algorithm into reliable code," where _are_ the implementations? I see bits and pieces.
[...]
Evangelizing digital cash, when no real digital cash implementation exists, is getting things backwards.
As I said in an earlier posting, doing the software right is not easy. It is the upper edge of what can be done by the lone enthusiast, and he has to be both enthusiastic -- (it is a big project) and also pretty good. There are lots of moving parts, and they have to connect together in a way that is handy and usable for the end user.
Because Chaum wished to make money (not an ignoble goal), he limited access to the core of his system. (Whatever you want to call it, the algorithms, the implementations, the ability of others to build products, etc.) There were a series of "future by design" projects, but little evolutionary learning.
The controls on the flow of money have been tightening. Ten years ago the patents were the big problem. Now the "abusive" uses of digital money are a far more serious problem. With the patent close to running out, and the war on terrorism being used for war on movement of money, war on drugs, war on movement of people, patents are now a problem scarcely worth thinking about. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Un8Ul3GSu21y99/qFl3WEVs/4UZbbcEiRJl9UHD4 4Z9Sf63qSdKxWNYywWB5qMSzQEBrsi/8HFph0IxB+
participants (6)
-
Bill Stewart -
David Honig -
Dr. Evil -
jamesd@echeque.com -
Steve Schear -
Tim May