Data Havens..A consumer perspective
From the moment the data leaves their hands, until I return it,
1. You have what I want or need. 2. In order for me to let you store it, I will give it to you anyway you wish to get it. 3. I will let you do anything to the data you wish, so long as I get it back intact. 4. It is no concern (only idle curiosity maybe) where the data is parked. 5. I would expect to pay money for the safekeeping of my data. 6. I would expect the longer you hold the data, the more it will cost. 7. The only thing I am counting on is the data's timely retrieval. 8. Welcome to the world of data "coatchecking". Why make it more complex than this? they have no right, nor I no obligation, to divulge anything about it. For they already would know, it would take a few minutes to retrieve it. For whether it's encrypted to the nth degree, or parked in a plain brown wrapper in a massive unix box somewhere, as long as I the haven manager, return the data in a safe, timely, uncorrupted manner, I've done my duty. Love Always, Carol Anne Registered<BETSI>BEllcore Trusted Software Integrity system programmer *********************************************************************** Carol Anne Braddock "Give me your Tired, your Poor, your old PC's..." The TS NET REVOKED PGP KEY NO.0C91594D carolb@spring.com carolann@mm.com ************************************************************************ COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM
2. In order for me to let you store it, I will give it to you anyway you wish to get it.a
I will let you store it but in order to access it I get access to your stores of data.
3. I will let you do anything to the data you wish, so long as I get it back intact.
Actually for a real data haven to work it should not only keep the original data but any inferences you make with the old data or any new data you use in the analysis of the old data.
5. I would expect to pay money for the safekeeping of my data.
Or provide some service in kind.
6. I would expect the longer you hold the data, the more it will cost.
The longer you hold the data the less it is worth.
On Thu, 12 Jan 1995, Censored Girls Anonymous wrote:
1. You have what I want or need. 2. In order for me to let you store it, I will give it to you anyway you wish to get it. 3. I will let you do anything to the data you wish, so long as I get it back intact.
why would you give the haven owner free run? I mean naturally he does have free run with your data once he gets it, but a matter of trust, and encryption protects you marginally.
4. It is no concern (only idle curiosity maybe) where the data is parked.
it matters alot too me, that's the security of the dat, what if your data is sem top secret plan to bomb the pentagon, and you are using the data haven to distibute to your band of anonymous terrorists, I am sure you woudln't want your data stored ona public access Unix system, or in plaintext.
5. I would expect to pay money for the safekeeping of my data.
you casn do this a number of ways if the datahaven is turned into a data broker, i can pay you for good data otehr would be willing to buy(Blacknet anyone?) or you could pay me for access to data, or for safe secure storage and anon transfer of data to other users.
6. I would expect the longer you hold the data, the more it will cost. 7. The only thing I am counting on is the data's timely retrieval. 8. Welcome to the world of data "coatchecking".
Why make it more complex than this?
because it is if you want security, and also to bring in money if that is a motive.
For whether it's encrypted to the nth degree, or parked in a plain brown wrapper in a massive unix box somewhere, as long as I the haven manager, return the data in a safe, timely, uncorrupted manner, I've done my duty.
well what would be thepurpose of this data haven you propose except as a extra storage pace for data, like if you dont have space on your own drive? Your leaving out anon drop boxes, data brokering, or the data haven serving as a center for black markets.
From: Nesta Stubbs <root@nesta.pr.mcs.net>
3. I will let you do anything to the data you wish, so long as I get it back intact.
why would you give the haven owner free run? I mean naturally he does have free run with your data once he gets it, That's exactly the reason, namely, to make the agreement between individuals match the underlying nature of information. This is different in the trust in silence about the user. This is also not to say that the operator can't undertake to make assurances about where bits go and don't go. I am sure you woudln't want your data stored ona public access Unix system, or in plaintext. So don't store it in plaintext. The operator of the data storage facility has no responsibility for this. if the datahaven is turned into a data broker I don't know about you, but I don't like paying money for random bits. well what would be thepurpose of this data haven you propose except as a extra storage pace for data, like if you dont have space on your own drive? Even when you've got enough of your own disk space, it's still subject to failure. Putting data in multiple places reduces the possibility of unrecoverable catastrophe. Eric
On Thu, 12 Jan 1995, Eric Hughes wrote:
why would you give the haven owner free run? I mean naturally he does have free run with your data once he gets it,
That's exactly the reason, namely, to make the agreement between individuals match the underlying nature of information. This is different in the trust in silence about the user. This is also not to say that the operator can't undertake to make assurances about where bits go and don't go.
are you saying that there is an agreement between the data haven operator and the user? If so, that's one of the things i was attmeting to point out in that reply. I think the agreement, wether it is a contract, not likely, or a sense of trust is extremely important to the data-haven.
I am sure you woudln't want your data stored ona public access Unix system, or in plaintext.
So don't store it in plaintext. The operator of the data storage facility has no responsibility for this.
Right now were are getting into so many fraggin different definitions of data haven, that this conversation is loopng over itself infinetly. In one sort of data Haven, the operator does have a responsibility to keep the data private, yet on another, he doesn't have th responsibility, it all depends on what the aims and views and golas of the DataHaven are. And since we have not yet agreed on what a data Haven.....we get usenet run-around.
if the datahaven is turned into a data broker
I don't know about you, but I don't like paying money for random bits.
this is ties into the above line, maybe you arent just sending encrypted data, maybe your selling secrets to a datahaven operator, who is offshore, or who has the money ot pay you know, and also the structre set up to recieve, transmit, and take payment and pay for that secret data, or valuable info. Once again I think that we are working with multiple definitions of DataHaven here, adn it is leading to confusions.
well what would be thepurpose of this data haven you propose except as a extra storage pace for data, like if you dont have space on your own drive?
Even when you've got enough of your own disk space, it's still subject to failure. Putting data in multiple places reduces the possibility of unrecoverable catastrophe.
ther are already services much better equipped to deal with this problem, although, I am unsure if any of them are crypto-aware as of yet. Osmthig to look into.
From: Nesta Stubbs <root@nesta.pr.mcs.net> are you saying that there is an agreement between the data haven operator and the user? There's always an agreement, implicit or explicit. Right now were are getting into so many fraggin different definitions of data haven, that this conversation is loopng over itself infinetly. Well, the 'data haven' that started the topic of discussion was a misnomer; it's really an off-site storage facility. I don't know about the rest of the list, but I'm more concerned with discussing working code. Eric
From: Censored Girls Anonymous <carolb@barton.spring.com> 1. You have what I want or need. You have a _service_ I want to use. 8. Welcome to the world of data "coatchecking". "Data coatchecking" certainly has different connotations than "data haven". I think for marketing purposes, the name "data haven" is inaccurate. A data haven, one might expect, has semantic structure to it. Offsite storage is much less than a data haven; it's much more like a remote file system. Using the word "haven" to refer to a remote storage facility removes the connotation of ordinary usage, which, as we all know is a perfectly upright, normal, and (for those in the USA) a downright Capital-A _American_ thing to do. From the moment the data leaves their hands, until I return it, they have no right, nor I no obligation, to divulge anything about it. You don't want the operator of a remote storage facility revealing links about usage patterns of individuals, but as far as the data itself goes, there's no reason it couldn't be made public (there's also no good reason _to_ make it public, either). Someone who sends plaintext to a remote site is foolish. Eric
On Thu, 12 Jan 1995, Censored Girls Anonymous wrote:
Date: Thu, 12 Jan 1995 02:32:06 -0600 (CST) From: Censored Girls Anonymous <carolb@barton.spring.com> To: cypherpunks@toad.com Subject: Data Havens..A consumer perspective
1. You have what I want or need.
As far as what...? Data already in the haven? Storage capacity? Speed of link?
2. In order for me to let you store it, I will give it to you anyway you wish to get it.
Does this include on old style magnetic reel to reel? Clearly there has to be some simplicity of submission. I would further submit than many "consumers" will not want to store plaintext data, and thus "any way you wish to get it." quickly becomes unacceptable.
3. I will let you do anything to the data you wish, so long as I get it back intact.
Again, does this include storing it in a /pub/ dir on an ftp site in plaintext? No, there must be a clear stated policy of the site operator's method of storage.
4. It is no concern (only idle curiosity maybe) where the data is parked.
This ignores jurisdictional concerns that may have significant, even severe impact.
5. I would expect to pay money for the safekeeping of my data.
What kind of money? Digital postage? New currency? DM? $? This toois s is a simplistic representation of the real concern.
6. I would expect the longer you hold the data, the more it will cost.
I assume you mean day to day cost, not rates by data age? Though this brings up a interesting point, what would be the incentives served and created by charging on a phase in scale? i.e., what would be the result if a DH were to charge $ .05 a day for data that had been in the DH for over a month, and $ .09 a day for data over a year? It would at the very least, increase traffic as old data was taken out and put back in to avoid the steped up "latency" charge. If all the data was encrypted, would this help deter traffic analysis by imposing "productless" transactions resulting in no net change in the DH's holdings? Hmmmmm.
7. The only thing I am counting on is the data's timely retrieval.
And not its ability to be directed to specific parties, rather than the public at large? And not its ability to avoid traffic analysis? And not its ability to be multi or non-jurisdictonal?
8. Welcome to the world of data "coatchecking".
I've lost several coats this way.
Why make it more complex than this?
Why insist on this simplicity. Why not store it on your own machine if these are your only requirements?
From the moment the data leaves their hands, until I return it, they have no right, nor I no obligation, to divulge anything about it. For they already would know, it would take a few minutes to retrieve it.
This was to be from a consumers's prespective I thought. In any event, this ignores the possibility of court ordered disclosure, availability to third and fourth parties, and traffic analysis concerns.
For whether it's encrypted to the nth degree, or parked in a plain brown wrapper in a massive unix box somewhere, as long as I the haven manager, return the data in a safe, timely, uncorrupted manner, I've done my duty.
What you are talking about has little if anything to do with "Data Havens" you're just selling storage space.
Carol Anne
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig!
participants (5)
-
Black Unicorn -
Censored Girls Anonymous -
eric@remailer.net -
Nesta Stubbs -
root