RE: Commercial Mixmaster
nelson@crynwr.com (Russell Nelson) wrote:
There *will* always be a free version of the client with source code, but the proprietary improvements will probably not be merged into the free version. Lance, and only Lance, as copyright holder, has the publish the code under a different copyright. It's the same thing that Phil Z. did with ViacryptPGP.
It's not the same thing, though. PGP 2.6.2 and PGP 2.7 are compatible. You can compile 2.6.2 from the sources and have it interoperate with Viacrypt 2.7. The concern is not "commercialization", per se, but rather the use of "commercialization" as an excuse to build in "proprietary" features (Back doors?) for which no corresponding source code is involved. Since no one has made a good case for there even being a COMMERCIAL market for Mixmaster, could there be other motives? Without building an anonymous e-$ infrastructure first, there's no way to even charge for the use of a remailing service without sacrificing anonymity, even if people were willing to pay to have messages anonymously remailed. No, I'm not accusing Lance. But if he no longer has the time to support Mixmaster, then perhaps some other crypto-friendly group should take over the task and keep it an OPEN system, with source code available. In fact, even freezing Mixmaster as is would be preferable to "improvements" that people don't/can't trust. True, they *COULD* provide source code, but how many commerical products come with complete source code?
-----BEGIN PGP SIGNED MESSAGE----- Date: Sat, 16 Sep 1995 12:21:04 -0700 From: "syrinx@c2.org (Syrinx Anonymous Remailer)" <syrinx@c2.org> The concern is not "commercialization", per se, but rather the use of "commercialization" as an excuse to build in "proprietary" features (Back doors?) for which no corresponding source code is involved. And the chief concern with the Clipper chip? That it was secret. In the crypto world, secret == untrustable. Who would use a remailing network that was not trustable? Who would use it when every cypherpunk says not to? Since no one has made a good case for there even being a COMMERCIAL market for Mixmaster, could there be other motives? Value is created by seeing a market that no one else sees. Obvious markets have low margins, and they're getting lower and lower as computers help implement the obvious. Without building an anonymous e-$ infrastructure first, there's no way to even charge for the use of a remailing service without sacrificing anonymity, even if people were willing to pay to have messages anonymously remailed. Maybe someone *does* see a way to create system? If *you* knew, would you tell everyone about it? Or would you implement it, and rake in the bucks? No, I'm not accusing Lance. But if he no longer has the time to support Mixmaster, then perhaps some other crypto-friendly group should take over the task and keep it an OPEN system, with source code available. In fact, even freezing Mixmaster as is would be preferable to "improvements" that people don't/can't trust. Since you have no reputation to impugn, I feel free to be rude: "Put up or shut up." If you have the resources to improve Mixmaster so that it's easy to use, do it. If not, please don't stand in the way of people who *do* have the resources. -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Processed by Mailcrypt 3.2, an Emacs/PGP interface iQCVAwUBMFt8wKbBSWSDlCdBAQEXGgQAo7Sl+CctvGWSGsQpeYYzMit+9eBN2iP/ Sq5k3FvHATDEJaPMTEq7PQRlQrrOkKF7jg2d0wnxJ9tFG+5ymV6SeLiJE/KXuOSI dD5oR6TOVf50ppLIjyQZhhOymon3RuJqHqQVyX7qD2ph792SACuAFvrFTlZoRkgB 8jPr7TLkIyA= =NygP -----END PGP SIGNATURE----- -- -russ <nelson@crynwr.com> http://www.crynwr.com/~nelson Crynwr Software | Crynwr Software sells packet driver support | PGP ok 11 Grant St. | +1 315 268 1925 (9201 FAX) | America neither a Christian, Potsdam, NY 13676 | Jewish, Islamic, nor atheist (etc&) nation. This is good.
Its worth noting that the source code to Julf's Penet remailer is not public (AFAIK). People use it becuase they trust Julf, or trust people who trust Julf. There is clearly a market for anonymizing services in various forms. Hopefully, whoever is putting up cash is also looking at building a web proxy service, a pseudononymous system, and a mail drop/data haven type of operation (although the last might not fit in as well.) If you don't see a market, I suggest you drop a line offering services to the friendly folks at presiednt@whitehouse.gov. I'm sure they'd prefer a bit of privacy. Why pay for remailers when there are free ones? Speed and lawyers pop right up as damn good answers. Putting up a couple of p120s on a T1 in the Carribean isn't cheap, nor is making sure you have a good lawyer who'll protect the machines when the bad guys show up with warrants. I'd be much happier to use a fast system on good legal ground than a freebie. Adam Russ Nelson wrote: | The concern is not "commercialization", per se, but rather the use | of "commercialization" as an excuse to build in "proprietary" | features (Back doors?) for which no corresponding source code is | involved. | | And the chief concern with the Clipper chip? That it was secret. In | the crypto world, secret == untrustable. Who would use a remailing | network that was not trustable? Who would use it when every | cypherpunk says not to? | | Since no one has made a good case for there even being a COMMERCIAL | market for Mixmaster, could there be other motives? | | Value is created by seeing a market that no one else sees. Obvious | markets have low margins, and they're getting lower and lower as | computers help implement the obvious. -- "It is seldom that liberty of any kind is lost all at once." -Hume
Adam Shostack writes:
Its worth noting that the source code to Julf's Penet remailer is not public (AFAIK). People use it becuase they trust Julf, or trust people who trust Julf.
Yeah, but remember -- there is very little that Julf's code could do to "cheat". Julf's system maintains a mapping of users to aliases anyway, so he has no need to "pervert" the system -- he can do all the bad things we worry about with it working correctly. We therefore need not see the code to trust the system, because the only way that the system is trustworthy is if Julf is trustworthy. Other systems based on cryptography might not be in this position. Perry
participants (4)
-
Adam Shostack -
nelson@crynwr.com -
Perry E. Metzger -
syrinx@c2.org (Syrinx Anonymous Remailer)