More FUD from First Virtual

[Nathaniel Borenstein]

Excerpts from mail.limbo: 7-Dec-95 More FUD from First Virtual Douglas
Barnes at communiti (1157*)

> It is important to remember that Nat Borenstein is a principal

It's Nathaniel, please.

> in a company that very much does not want to see anonymous e-cash
succeed. 

This is utter nonsense.  If you check the cypherpunks archive, you'll
find that a year ago I was talking about how to make Digicash succeed as
a floating currency.  Several people within FV thought it was
inappropriate for me to be giving free advice to "competing" payment
systems, but I think there's room for plenty of payment systems on the
net, and that nobody is going to monopolize the market with a single
payment scheme.  If I didn't want anonymous cash to succeed, why would I
waste my time explaining alternate models (not previously under
discussion!) about how to make it succeed?

I *am* skeptical about the extent to which anonymous cash *can* succeed,
but in point of fact I'd like to help.  I think society will be better
off if one of the payment options is truly anonymous.  I think that
level of privacy will inevitably carry a high surcharge, however, for
reasons that I keep pointing out and you keep ignoring.

> Their extremely backwards technology cannot compete in
> the long term with cryptography-based methods, and therefore they
> are compelled to run around the country and on the Internet, bad-
> mouthing cryptography and anonymity at every turn, while pointing
> to some charity work for Phil Z. as a fig leaf to cover their
> actions in this regard (sort of like Exxon building an artificial
> reef and claiming to be friends of the environment.)

Sticks and stones may hurt my bones, but I do feel an obligation to
provide an explanation for anyone who hasn't been following Mr. Barnes'
rantings over the last year.  

For reasons I really don't understand, Mr. Barnes seems to have a
personal vendetta against First Virtual. That's fine, it's his right. 
But there are some facts he prefers to ignore, in favor of spreading
misinformation and slurs:

1.  Our "backwards technology" includes what may be the world's most
sophisticated internet firewalls and email robots.  We were the first
people to connect the Internet to the financial networks (including,
indirectly, the Federal Reserve) and have operated the system for over a
year, with several breakin attempts every week, and nobody has even come
close to breaking in.  Internally, everyone in our company uses pgp
extremely heavily, and I suspect that if you go to more
"cryptography-oriented" companies you will NOT find that their CEO and
marketing people know how to use PGP.  They are, for the most part, all
talk and no action when it comes to cryptography.  We all use it every
day, even the non-technical people.  This has given us a lot of insights
into the strengths and weaknesses of cryptography in the hands of
non-technical people.

[FYI, newcomers to this discussion, it's sentences like the last one --
which imply that, horror of horrors, there are actually *weaknesses*
involved in the use of cryptography -- that Mr. Barnes refers to as
"bad-mouthing cryptography."   We call it common sense.]

2.  Our support for Phil Zimmermann is based on long-term friendship and
personal principles, and on the fact that our business relies critically
on PGP.  Phil is one of my personal heroes as far as network politics
are concerned.  He's also not the kind of person who would let himself
be used for publicity purposes, and he's totally uninhibited about
criticizing us when he disagrees with us.  (Just ask him!)  He's also
given us some advice on the use of PGP in the next-generation FV system,
which WILL use cryptography, but in a manner you don't expect, and with
more secure key management than you'll find in any existing or publicly
proposed payment system. 

> I have, on several occasions, refuted his "infinite liability" rant,
> but it keeps on resurfacing. A few months ago, I wrote a short tech
> note on why this claim doesn't hold water. I thought I might stretch
> it into something longer, but other things have more urgently
> grabbed my attention. 

Yes, you wrote this theoretical treatise and proposed it as a refutation
to some specific arguments about Digicash.  It wasn't relevant to the
digicash argument, at least at the time, so I didn't pay a lot of
attention.  But basically, what your argument comes down to is that in
the event of a catastrophe, users can be told they have to sacrifice
their anonymity if they want to keep their cash.  As I have said all
along, the basic tradeoff is between anonymity and risk limitation in
the event of disaster recovery.  If the digital bank can, at its
pleasure, tell you that your anonymity has been revoked unless you want
to just say goodbye to your money, then I think the anonymity was a sham
in the first place.  (Who's using fig leafs here?)  First Virtual
transactions are also generally untraceable unlesss First Virtual
decides (or is court-ordered) to trace them.  At least we're up front
about it and don't call that level of privacy "anonymity".  Your
solution to the problem -- that anonymous cash has infinite liability --
basically comes down to letting the bank make you stop being anonymous
whenever it chooses.  That's our solution, too.
--------
Nathaniel Borenstein <nsb at fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq at nsb.fv.com       | http://www.netresponse.com/zldf