Your source code, for sale

Chris Kuethe chris.kuethe at gmail.com
Fri Nov 5 08:37:00 PST 2004


On Fri, 05 Nov 2004 10:01:41 -0500, Tyler Durden
<camera_lumina at hotmail.com> wrote:
> ...
> My photo-bundle receives the releases and opens, and then shoots off a
> message that activates the pre-release on your end, giving you the cash.
> 
> Is a 3rd party necessary here? I don't see it, but then again I could be
> wrong.

What if I block the outbound "release the money" message after I
unbundle the images. Sure, I've already committed my money, but you
can't get to it. In effect I've just ripped you off, because I have
usable product and you don't have usable money. The proof of delivery
comes in handy here, so that as soon as I can prove to the bank that
my product has arrived within your administrative area, they'll pay
me. And the bank sends me a key to unlock the product as soon as it
sends you the money.

And what *GUARANTEE* do I have that the blob of bits you sent me with
the Geri Ryan photos on the outside isn't something from goatse.cx or
tubgirl...? Let's say there are 24000 items in the tarball of the IOS
code. Do you want to pay $24K for all of them (once) or $12K for half
of them (twice) or $1 per file or directory (24000 times)? Do you want
to pay per committed bit or character? How can you protect yourself
from me committing to sell you /dev/random?

I'm sure everyone has this bit committed to memory, but the beginning
of Applied Crypto, chapter 2 says:

=============================================
Protocols have other characteristics as well:
-- Everyone involved in the protocol must know the protocol and all of
the steps to follow in advance.
-- Everyone involved in the protocol must agree to follow it.
-- The protocol must be unambiguous; each step must be well defined
and there must be no chance of a misunderstanding.
-- The protocol must be complete; there must be a specified action for
every possible situation.

... The whole point of using cryptography in a protocol is to prevent
or detect eavesdropping and cheating.
=============================================

That last property is critical: what does the protocol do when someone
isn't playing by the rules? Of course, there's nothing that crypto can
do to prevent you from selling me garbage, only the fact that you
intentionally did so can be proven. Comment about bribing the dockside
worker at the shipping line deleted.

-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?





More information about the cypherpunks-legacy mailing list