Gmail as Blacknet

An Metet anmetet at freedom.gmsociety.org
Thu Apr 8 23:08:39 PDT 2004


Tyler Durden writes:
> "Ironically, some of the features of Gmail bear resemblance to BlackNet.
> In particular, its claimed policy of retaining email indefinitely,
> even after the recipient has stopped using the account, is reminiscent
> of BlackNet's function as a data haven, as well as other Cypherpunk
> projects like the Eternity Network.  This retention is objectionable to
> conventional privacy groups, but Cypherpunks will recognize it as being
> deeply in accord with their values."
>
> Poo poo. The difference between a potential blacknet and Gmail is that 
> there's little doubt that google will cough up the true names of 
> objectionable posters, if and when anyone looking even remotely 
> authoritative/governmental comes pounding on their doors. In a worst-case 
> Blacknet, my True Name will only be gettable by agents of the state via the 
> expenditure of very large amounts of resources, if at all.

You have missed the point of the analogy entirely.  BlackNet makes
information available even when the subjects of the information (or
any other parties) want it suppressed.  It is a censorship-proof store
of data.  If information about you is stored in BlackNet, anyone can get
access to it (for a price, perhaps), and you can't do anything about it.

To make Gmail more like BlackNet, you should first do as others have
suggested and access it via cryptographic anonymity techniques (see the
recent announcements for the onion routing network now being developed,
http://www.freehaven.net/tor.  Now you can use it as a store of data
for your pseudonym without linking to your true identity.

A second step is to then PGP-encrypt all email going to your Gmail
address.  This could be done easily by someone writing a mail forwarder
which accepted email for any username, looked up a PGP key for that name
and encrypted the email, then forwarded it along to the corresponding
username at Gmail.  This would be less than one page of Perl.  You would
give out the name of a system running such a script as your email address,
but your encrypted mail would then be stored and accessed at Gmail.
You'd gain the advantage of their multi gigabyte storage facility while
protecting the privacy of your own email.  And I'd like to see their
adwords facility struggling to come up with something appropriate when
the only legible text is "BEGIN PGP ENCRYPTED MESSAGE".

A third step is to get a browser plugin which would transparently
decrypt PGP encrypted email stored at web mail services like Gmail,
Yahoo mail, etc.  At one time this would have been an overwhelmingly
difficult task due to the multiplicity of browsers; at a later time,
it would have been impractical due to the dominance of IE; but today,
with Mozilla becoming a widely used, standardized, open source alternative
to IE, it is finally possible for such browser customizations to become
generally available and useful.

So there you have it, a simple three step program to turn your Gmail
account into a privacy-protected, virtually unlimited-size data store.





More information about the cypherpunks-legacy mailing list