Thanks, Lucky, for helping to kill gnutella

Jay Sulzberger jays at
Fri Aug 9 12:16:34 PDT 2002

On Fri, 9 Aug 2002, AARG!Anonymous wrote:

< ... />

> Not discussed in the article is the technical question of how this can
> possibly work.  If you issue a digital certificate on some Gnutella
> client, what stops a different client, an unauthorized client, from
> pretending to be the legitimate one?  This is especially acute if the
> authorized client is open source, as then anyone can see the cert,
> see exactly what the client does with it, and merely copy that behavior.
> If only there were a technology in which clients could verify and yes,
> even trust, each other remotely.  Some way in which a digital certificate
> on a program could actually be verified, perhaps by some kind of remote,
> trusted hardware device.  This way you could know that a remote system was
> actually running a well-behaved client before admitting it to the net.
> This would protect Gnutella from not only the kind of opportunistic
> misbehavior seen today, but the future floods, attacks and DOSing which
> will be launched in earnest once the content companies get serious about
> taking this network down.

There are many solutions at the level of "technical protocols" that solve
the projection of these problems down to the low dimensional subspace of
"technical problems".  Some of these "technical protocols" will be part of
a full system which accomplishes the desired ends.  Please contact me
off-list if you willing to spend some money for an implementation.

Your claim, if true, would also demonstrate that no credit card payments
over the Net, no apt-get style updating, no Paypal-like system, no crypto
time-stamp system, etc., can exist today.

> If only...  Luckily the cypherpunks are doing all they can to make sure
> that no such technology ever exists.  They will protect us from being able
> to extend trust across the network.  They will make sure that any open
> network like Gnutella must forever face the challenge of rogue clients.
> They will make sure that open source systems are especially vulnerable
> to rogues, helping to drive these projects into closed source form.
> Be sure and send a note to the Gnutella people reminding them of all
> you're doing for them, okay, Lucky?

AARG!, this is again unworthy of you.  You are capable of attempting to
confuse and misdirect at a higher level.

You might wish to emphasize that the real difficulties are at the levels
where the reasons for the small usage of GNUPG lie.  That really the
"technical" details of the TCPA/Palladium system hardly matter.  What
TCPA/Palladium will allow is the provision to the masses of even more
powerful brews of fantasy, game playing, advertising, etc..  And that there
will be a small number of hobbyists who use the "unprotected ports of
TCPA/Palladium" for their own limited experiments/amusements/etc..  The
real point of TCPA/Palladium is that a "locus of trust", seemingly
guaranteed by the Powers That Be, will be created, and that the existence
of this same locus, under the facies of "locus of dealmaking/lawyering",
will so reassure the Infotainment Arm of the Englobulators that the Arm
will unleash its extraordinary forces to build and sell ever more
entrancing Palaces of Dreams.  The "unprotected ports" will allow a mostly
self-supporting farm team system which will function without much direct
oversight and little outlay of money by Englobulator Central or any of the
Arms.  The limited freedom of the Farm System, with its convenient pull
strings, for the cases where something large and not controlled by Those
Who Know Best takes off, will be a powerful lure to up and coming future
Talent, who, when the time comes, may be Signed, without today's confusing
and annoying possibility of continued independence.  Indeed, the EULA of
every system might have a section which binds users who display Marketable
Things to an automatic Arbitration of Contract.


More information about the cypherpunks-legacy mailing list