Searching for the term "Big Business" in the original cpunks archive I found the below quoted discussion. It's pretty interesting because it deals with chaum, closed source hardware...and all the usual stuff.
And notice the screeching noises that metzger makes when Hughes doesn't toe the corporatist party line. As to metzger, the guy is a typical fake libertarian and true fascist with a german sounding surname, so I'd bet a couple of cents he belongs to the jooish master race. And funnily enough, it turns out that metzger used to use this address <pmetzger(a)lehman.com> - yep! that's the arch jew thieves lehman brothers. So a corporate fascist at lehman brothers hates cryptocurrencies while posing as 'libertarian'? Who would have thought that...
1 ------
From: hfinney(a)shell.portal.com
Date: Mon, 23 Aug 93 10:35:19 PDT
Subject: Chaum on the wrong foot?
A lot of our discussion is influenced by the ideas of David Chaum. He
pioneered technology which could protect individual privacy while allowing
very flexible sorts of credentials and guarantees. He has also played
a big role in the various proposals for digital cash.
But I think that Chaum has gone off in the wrong direction in the last
few years. More and more he is concentrating on protocols which rely
on a tamper-proof, hardware implementation of a cryptographic protocol
which he calls an "observer". This observer chip would sit in your
computer (which could be a Newton-style PDA or a smart card) and would
play an important part in the exchanges of information, cash, or credentials
which you would make with others. The observer basically makes sure you
are telling the truth in your transactions, that you are not double-spending
your digital cash, or not claiming a credential which you don't have.
Now, this approach has the obvious advantage that it allows solving
certain problems which can't be solved otherwise. There appears to be
no way to provide for secure, off-line digital cash, for example, other
than with something like an observer.
But it has the equally obvious problem of relying on a tamper-proof
chip as a necessary part of the protocol. Recently it seems that many
of the papers out of his group are designed to explore observer-based
protocols. This means that these ideas are not useful for software-only
implementations. One of the (relatively few) strengths that we and the
forces we represent have is that free software can be spread very far
and very fast, making it hard for those opposed to privacy to successfully
stop our efforts. Any technology based on special chips is going to
lose these advantages.
Another problem with the observer is psychological. Although Chaum goes
to great lengths to design his cryptographic protocols so that even a
cheating observer can learn effectively NOTHING about the computer user
that would compromise his privacy, people may still feel uncomfortable
about having a mechanical "conscience" in their pocket. People want to
feel in control of their computers, and I think supporting this control
is a big part of the Cypherpunks philosophy.
A related point is that there have already been comparisons on sci.crypt
between Chaum's observers and the Clipper chip, in that both rely on
tamper-resistant technology to implement features which are not entirely
in their owner's best interests. Assuming we do manage to successfully
defeat Clipper, the taint of this association may increase resistance to
observers.
I wish Chaum and his group would stop directing their efforts towards
protocols which require an observer chip to be effective. Granted,
there are some things that don't work as nicely without observers. But
I think that a realistic appraisal of the pros and cons suggests that
non-observer protocols are more likely to further our ultimate goal of
personal privacy.
Hal Finney
hfinney(a)shell.portal.com
2 ------
From: tcmay(a)netcom.com (Timothy C. May)
Date: Mon, 23 Aug 93 15:45:21 PDT
Subject: No digital coins (was: Chaum on the wrong foot?)
There is no silver bullet!
Here are some comments about why there are no easy to use "digital
coins," and why the digital money protocols are so complicated and
involve banks, tamper-resistant modules, and other things that may not
be make difficult some of our Cypherpunks goals.
I agree with Hal Finney's basic point about David Chaum's current
direction: it is not precisely the direction I'd like to see.
However, in Chaum's defense, his is only one group and can only do so
much. I don't see other groups pursuing digital cash with the same
vigor and depth, save for the occasional paper about "electronic
wallets" and so forth, and so Chaum is doing what he is doing.
It is possible that someone here in Cypherpunks will develop some form
of competing system. (Bear in mind, though, that these protocols are
notoriously complicated, and involve issues of forgery, spoofing,
denial (that a transaction occurred), tax laws, and so on.)
One of Hal's points deserves special comment:
(speaking of the observer protocol)
> Now, this approach has the obvious advantage that it allows solving
> certain problems which can't be solved otherwise. There appears to be
> no way to provide for secure, off-line digital cash, for example, other
> than with something like an observer.
There are no digital coins.
A physical piece of gold, the canonical piece of money, is essentially
imposssible to counterfeit/forge, so coins can be passed from person
to person, person to shop, to banks, to tax collectors, etc. It is the
ultimate "bearer instrument." Importantly, the flow of such money is
"conservative" in that the total amount of such money is constant...no
amount of trickery or protocol complexity can increase the amount
present, and only loss of the physical coins can reduce the amount.
Paper currency is ostensibly a parallel to physical money (at least in
countries on a gold or silver standard, which the U.S. is not any
longer). Strong currencies (DM, yen, dollar, SF...though this is all
debatable) still have some of the "conservative" nature, because the
bills/notes are very difficult to counterfeit and are exchanged as
physical items or tokens.
I won't get into things like VISA transactions, promissory notes,
etc., except to say they are quite a bit less "tangible" (anyone who
has gotten unexpected VISA transactions, triggered by someone out
there, understands that the transactions are much less straightforward
and tangible).
A problem with digital money has always been that there apparently is
no close equivalent to a digital coin, a token which can be passed
around freely, as a quarter or a dollar bill can be.
The reasons are obvious: a cryptographic number can be trivially
duplicated (counterfeited/forged) and presented to a second or third
person. Thus, the receiver of such a piece of digital money must
confirm that it has not already been spent, that some bank will redeem
it for "real" money, etc.
Digital coupons have this same problem. (Real coupons are made fairly
counterfeit-resistant, as are such things as lottery tickets. Lottery
tickets also use a clever scheme whereby the winning number, the thing
that gets announced, is hashed/transformed into another number with a
secret key, and this second number is also printed on the ticket, but
would-be spoofers are unable to generate the second number.)
The complicated Chaum protocols, which now are going in the direction
of the tamper-resistant "observer" chips (in smartcards, PDAs, etc.),
address these issues of spoofing, denial, counterfeiting, etc., in
various ways.
Later, Hal makes another good point:
> A related point is that there have already been comparisons on sci.crypt
> between Chaum's observers and the Clipper chip, in that both rely on
> tamper-resistant technology to implement features which are not entirely
> in their owner's best interests. Assuming we do manage to successfully
> defeat Clipper, the taint of this association may increase resistance to
> observers.
>
> I wish Chaum and his group would stop directing their efforts towards
> protocols which require an observer chip to be effective. Granted,
> there are some things that don't work as nicely without observers. But
> I think that a realistic appraisal of the pros and cons suggests that
> non-observer protocols are more likely to further our ultimate goal of
> personal privacy.
It seems likely to me that even now a group within the bowels of the
NSA and NIST is developing a "digital money clipper" (a euphonious
pun?), that is, a standard for digital money with similar sorts of
backdoors, emergency doors, etc., that Clipper has.
NSA/NIST surely knows of the pressures for digital money, and could
plan to introduce their own standard. Instead of "LEAFs" for the FBI
and other law enforcement, this one could have "IRS observers" and
"money-laundering observers" (this is wild speculation, I'll grant
you) which tie-in to currency exchange reporting, sales tax, and
income tax law enforcement systems.
It may be that Chaum, who is eager to actually get some sales to
groups within Europe and elsewhere, is already responding to some
pressures for "accountability" (the digital money version of
"wire-tappability") by various European governments and the observer
protocols are an effort to satisfy some of these concerns.
(I am not accusing Chaum of anything, just speculating that some
groups developing digital money--and Chaum is the clear leader
here--may have market or legal constraints which are shaping their
focus away from the digital money = untraceable cash = crypto anarchy
direction many of us favor.)
A "Cypherpunks digital money" system may be more urgent than ever.
-Tim May
--
..........................................................................
Timothy C. May | Crypto Anarchy: encryption, digital money,
tcmay(a)netcom.com | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
Note: I put time and money into writing this posting. I hope you enjoy it.
3 ------
From: hughes(a)ah.com (Eric Hughes)
Date: Mon, 23 Aug 93 18:41:41 PDT
Subject: Chaum on the wrong foot?
I applaud Hal's insight into Chaum. I was in Amsterdam last year for
a few weeks working for/with him, and I can substantiate what Hal
says. I was only there for six weeks, which was supposed to have been
the start of a longer relationship, but I got out.
>But I think that Chaum has gone off in the wrong direction in the last
>few years. More and more he is concentrating on protocols which rely
>on a tamper-proof, hardware implementation of a cryptographic protocol
>which he calls an "observer".
The observer, owned by the user, opens a communications channel to a
chip and to a central computer, both controlled by some company. The
observer then mediates the communication between the chip and the
central computer to make sure that no privacy information leaks out.
>There appears to be
>no way to provide for secure, off-line digital cash, for example, other
>than with something like an observer.
This statement, while certainly true in Chaum's mindset, I no longer
believe to be true. The question hinges on what 'security' means. To
Chaum, it means that fraud losses are a mathematically perfect zero.
To a real business, however, the losses must be bounded. The smaller
the bound, the better, of course, but real financial service companies
can and do tolerate some loss due to (technological) fraud.
If the cost of the perfect system is more than the losses from fraud,
there's no point in deploying it. Make no mistake, the observer
system is expensive. The reasons smart cards are not more widely
deployed is that they're too expensive per card. The observer
protocols requires both a smart card and a small hand-held computer!
>This means that these [observer] ideas are not useful for software-only
>implementations.
Not only not useful, but totally inapplicable. The observer model
relies upon the fact that the computations inside the chip are unknown
to the user. This just can't be the case with a software-only system.
>I wish Chaum and his group would stop directing their efforts towards
>protocols which require an observer chip to be effective.
This just won't happen. The observer protocols are *patented*, you
see. Anyone can design and build observers, because the spec is
public, but you've got to pay up.
Chaum seems to be basing his whole strategy for the future on
observers. I think it's a gross strategic mistake.
>I think that a realistic appraisal of the pros and cons suggests that
>non-observer protocols are more likely to further our ultimate goal of
>personal privacy.
Amen.
Eric
4 ------
From: hughes(a)ah.com (Eric Hughes)
Date: Mon, 23 Aug 93 19:27:04 PDT
Subject: No digital coins (was: Chaum on the wrong foot?)
Tim:
>There are no digital coins.
Gold obeys a mass conservation law. Information as such does not.
Everything unique about digital money stems from this basic
observation.
Here is a thought problem to illustrate. If money were required to be
able to be xeroxed, would you be able to make a monetary system? The
answer is yes, but it doesn't act the same way as a coinage system.
>A problem with digital money has always been that there apparently is
>no close equivalent to a digital coin, a token which can be passed
>around freely, as a quarter or a dollar bill can be.
It is a problem only if you want to design a digital coin. Once you
rid your mind of the need for that, it's not a problem but a design
constraint.
>It may be that Chaum, who is eager to actually get some sales to
>groups within Europe and elsewhere, is already responding to some
>pressures for "accountability" (the digital money version of
>"wire-tappability") by various European governments and the observer
>protocols are an effort to satisfy some of these concerns.
No. This is way off the mark. Chaum's complete and overriding goal
is privacy, sometimes to the exclusion of other desiderata. The
observer protocols sacrifice nothing in the way of privacy, but
perpetuate and reinforce the subservient economic relationships
between individuals and large financial institutions. The system is
assymetrical; the central computer talks to its chip through the
observer. There is no room here for person to person interactions.
The barrier to entry to deploy chips is high, as well.
In other words, the observer protocols preserve chasm of relative size
of Big Business over and above the individual. This is a benign
oversight, to be sure; all the individuals look alike. (You thought
you were a number before? Now you're a _random_ number!)
Nevertheless, the observers are not egalitarian; they are the model of
cable TV as opposed to the telephone network, of newspapers as opposed
to electronic mail.
Chaums got privacy down, but I don't want the rest of his world.
No way.
Eric
5 -----
From: "Perry E. Metzger" <pmetzger(a)lehman.com>
Date: Tue, 24 Aug 93 07:16:50 PDT
Subject: Re: No digital coins (was: Chaum on the wrong foot?)
Eric Hughes says:
> No. This is way off the mark. Chaum's complete and overriding goal
> is privacy, sometimes to the exclusion of other desiderata. The
> observer protocols sacrifice nothing in the way of privacy, but
> perpetuate and reinforce the subservient economic relationships
> between individuals and large financial institutions.
In what sense are you "subservient", Mr. Hughes? The institution and
you have a contractual relationship in which they hold your money for
you and in exchange handle all sorts of inconvenient tasks, in
exchange for your having to pay them for performing these tasks by
letting them lend out your money. You can usually touch your money at
any time, though.
Doesn't seem to be terribly abusive. What do they do to you that's so
bad? Charge you for performing services? Shudder -- how horrible!
Capitalism! Ohmygod!
In any case I see no reason that small groups couldn't start digital
cash issuing organizations, just as very small groups can also form
banks -- you'd be suprised how small some credit unions are. Although
the cost of the infrastructure is high to DESIGN, it will presumably
be commercially available to any entity that wants to deploy it.
> In other words, the observer protocols preserve chasm of relative size
> of Big Business over and above the individual.
What is wrong with large organizations per se?
Perry
6 ------
From: hughes(a)ah.com (Eric Hughes)
Date: Tue, 24 Aug 93 11:15:28 PDT
Subject: No digital coins (was: Chaum on the wrong foot?)
>Charge you for performing services? Shudder -- how horrible!
>Capitalism! Ohmygod!
I count this comment as an intentional misreading of my position.
I am not a libertarian, nor is it likely that I ever will be. I've
also read E. F. Schumacher's _Small is Beautiful_ and thought much of
it was just plain wrong, or, at best, unprovable.
I read your words as an attempt to enforce a sort of libertarian
political correctness, as insulting as that phrase will no doubt be to
you.
The agenda of privacy is orthogonal to most partisan political
positions. As strong as the libertarian presence is on this list, it
is by no means the only view. It is precisely because cypherpunk
issues cut clean across the political spectrum that they are so
powerful.
I expect no one here to wear seamless garments of any cut or cloth.
There are many on this list whose personal agendas call for making the
world safe for greater accumulations of capital. This is not at all
my agenda, yet I have put aside my repugnance at this in pursuit of a
common goal. While I expect no one to hold to any particular view,
I do expect that everyone here treat opposing views with respect, or
better yet, with silence.
The cypherpunks list is about creating privacy. We assume that
everyone here wants the availability of more privacy than they
currently have. We need not debate the particulars of these reasons,
nor need we suppress the statements of these reasons. I am perfectly
happy with individuals stating their own reasons for desiring privacy;
these statements are powerful and useful, yet they should not engender
debate on this list as to their propriety. Should anyone insist on
debating belief, private e-mail is always available.
I know that when the goals of personal privacy are achieved that the
people and opinions that currently cohere on this list will fragment
and splinter. I do not want this dispersal to happen, however, before
our goals are acheived. Disrespect for each other, or, in other
words, bone-headed stupidity, will certainly accomplish a premature
dissolution.
Let us work together while we need to, and no longer.
Eric