On 31 Aug 2001, at 19:50, Nomen Nescio wrote:

But the more sophisticated technologies are not self-contained tools. They require a supported and maintained infrastructure to operate. Anonymous posters are painfully aware of how inadequate the current remailer system is. A truly reliable and effective anonymity technology will be more like a service than a tool.

I agree completely.

This means that the operators choose to whom they will market and sell their services.

Here I disagree completely. I think in a properly designed anonymity system the users will be, well, anonymous, and it should be impossible to tell any more about them than that they pay their bills on time. Certainly most potential users would balk at requirements that they prove who they were and justify their desire to use such a system, since that would tend to defeat the purpose.

This was one of the main points of the original message. You can't just deploy a technology and hope that someone finds it useful. You need to identify and target a market segment where the value exceeds the cost. And Tim May himself raised the issue of further looking for profitable markets which are morally acceptable. He sometimes seems reluctant to admit it, but the point of crypto anarchy is to improve the world by reducing the impact of government coercion. It's not supposed to be a nihilistic attempt to tear down institutions just for the sake of destruction.

Well, Tim hasn't been excessivly shy about expressing his political opinions IMO, but that's not really relevant. I don't think it serves any purpose to discuss who constitute "valiant freedom fighters resisting a tyrannical government" and who are "bloody terrorist fanatics attempting to overthrow a benign legitimate government and replace it wth a worse one" in this forum. We may have strong opinions on this matter as individuals, but it is completely unreasonable to expect us to come to any kind of consensus as a group. Nor is it necessarily beneficial to do so. Would a system useful to the "virtuous" seperatist Kurds in Iraq be different in any technical way from a system used by the "evil" seperatist Kurds in Turkey?

Any cypherpunk who creates a privacy technology which targets bin Laden and his cohorts as a market is deluding himself if he thinks he is making the world a better place. You can say all the nasty things you like about Western civilization, but crypto anarchy has the best chance of survival under a democratic government that pays at least lip service to values of individual freedom. You who believe that the U.S. government is the epitome of evil should spend some time living in Afghanistan.

I haven't noticed anyone actually saying anything complimentary about Bin Laden or the Taliban. But it's pretty pointless to say, "hey, I've got this great idea, but it's not for Islamics, it's for anti-Castro Cubans". (We like them, right? And some of them have lots of money, right?) Any discussion along those lines is only productive way down the line when you're actually near deploying something. Or at least soliciting genine bids for developement contracts.

It is important to identify markets which will advance the cause rather than set it back. Tim May made a good start on this in his earlier posting. Those who reject the idea of judging groups and markets by their morality are the ones who are missing the point.

Wrong. When discussing design of a system, it makes sense to limit discussion to parameters relevant to system design. How much individuals might be willing to pay to protect their privacy, how great of injuries they might suffer if their privacy is compromised, is relevant to system design. Why they want privacy, whether you or I as individuals would think of them as "good guys" or "bad guys", really isn't. Unless you want to make a bizzare assertion like "anyone potentially willing to spend upwards of 50 bucks a message is almost certainly a bad guy, so it's manifestly immoral to design a system with that kind of marke6t in mind". Forgive my close- mindedness, but I think that kind of argument is sufficiently absurd to be unworthy of consideration. George

At 07:50 PM 08/31/2001 +0200, Nomen Nescio wrote:

But the more sophisticated technologies are not self-contained tools. They require a supported and maintained infrastructure to operate. Anonymous posters are painfully aware of how inadequate the current remailer system is. A truly reliable and effective anonymity technology will be more like a service than a tool. This means that the operators choose to whom they will market and sell their services.

It's a tough call. The services model has some obvious advantages - - business model, if they can develop one successfully, to fund enough servers, clients, jurisdictions, and ISPs to overcome the inertia, hassle, and dropout factor that make it hard to create and sustain a scalable secure system. ZKS doesn't appear to have succeeded, but perhaps an expensive system for more paranoid users or profitable applications (e.g. tax avoidance through jurisdictional arbitrage or tax evasion through money laundering) can win. - potentially higher software and service quality. - less subject to changing fads, e.g. a Napster failed - will Gnutella? But it has some serious drawbacks - - you have to trust the service, unless you can be sure it's designed with no way for the operators to trace the users, including subtle methods like making sure Usual Suspects get connected to compromised remailers. - centralization makes them attackable - Not everything's as centrally controllable as Julf's remailer was, but not everybody's as honest as he is about shutting down rather than continue service when vulnerable, and some governments are much more aggressive than Finland at attacking systems. - business models can fail - Napster Inc., ZKS aren't doing so well. - specialized markets may produce too small a user community, making it possible for eavesdroppers to watch the whole system. If there are only 100 players, you can pretty much tell who's using it, even if you don't know specifically who's talking to whom. For some target markets, this is ok, for instance if you're primarily trying to keep the communications patterns private from the other players in your market, rather than from outsiders, but for others it fails badly. For tool-based approaches, the ideal is to at least piggyback on some existing service, e.g. Apache, or Gnutella/Napster/etc., or ICQ/Jabber/AIM, so there are a large number of players and lots of cover traffic, making the system relatively sustainable and tracing difficult.