Larry Lessig on ending anonymity through "identity escrow"
Tim May
timcmay at got.net
Sat Dec 6 13:59:26 PST 2003
On Dec 5, 2003, at 5:53 PM, Jamie Lawrence wrote:
>
>> I have nothing against Lessig, but it bugs me that he's considered by
>> some to be one of the Great Cyberspace Thinkers when his ideas are so
>> easily dismissed...and were argued on both sides so many years ago.
>>
>> Larry Lessig ought to read, and think deeply about, the first ten
>> years
>> of traffic on the Cypherpunks list. Especially the first five years.
>
> Lessig is a very smart man, in the framework he's very smart at dealing
> with. And probably more beyond that.
>
> Unfortunately, I don't think copyright is an appropriate framework from
> which to launch a discussion about wider modes of human communication.
>
> Correcting him early and often is absolutely in order - hopefully he'll
> rethink a thing or two.
This actually fits in with something Lessig is widely known for, his
"technology-custom-law" trichotomy (*).
(* He may call it something different...I haven't checked in a while.
And I recall he may have a fourth component. I was talking in similar
terms many years ago, too. Not that I am saying Lessig borrowed from my
ideas, as I am sure many of us independently realized this. Cf. via
Google some of the things I wrote about VCRs and how they changed the
ground truth of what was legally copyable. Or how Gutenberg created a
technology which made existing custom (e.g., the Church) and law (e.g.,
the Guilds) effectively moot.)
Those who make Grand Plans about such things as "pseudonymity with
legal warrant access" need to take systems and computer science (and
hence math) into account. This usually comes through thinking about
possible attacks, weaknesses, and design flaws.
For example, I have cited the obvious case of someone, call him "Tim,"
using "Larry's LEO-Friendly Remailer." But Tim is _not_ a LEO-friendly
remailer, and Tim has taken in articles from other such
non-LEO-friendly remailers.
The only way Larry knows that Tim is doing this is if Larry "peeks"
(examines the content to see what it is, to see that it does not
contain seditious or pornographic or non-LEO-friendly packets). Or
Larry can wait for the eventual "legal warrant" and then find that Tim
was remailing packets which could not be traced. Oops. Larry can then
cancel Tim's account.
More generally, I think Lessig has failed to understand the very
fundamental, underlying structure of true Cypherpunks-style remailers:
::request-remailing-to: foo at anotherremailer.org
This can be any arbitrary text, and all that is passed on to the next
remailer or recipient.
And this text block is not tagged in any way with sender ID. And this
text can be encrypted,
readable only by the specified "nextremailer." And this text block can
included further
requests for remailing, and so on and so forth.
Tim again. With this structure, nested and packaged as a payload, for
Lessig's scheme to actually give "warrant-only traceability," it must
ban such nested remailings. Which means, ban on crypto.
(For if crypto is allowed, then even a warrant cannot crack it. "Oh,
then we'll have key escrow...")
And so on. A little bit of thought reveals numerous such attacks on a
"LEO-friendly remailer." And the "fixes" are all in the direction of,
in the final analysis, banning strong encryption.
Of course, Lessig may say that he is only advocating an ultra-weak
system of remailers that only dummies will use. He may say he does not
propose to actually ban "strong remailers."
Some argue that weak systems--remailers or crypto--will thrive "because
most crooks are lazy" has been dealt with many times. Sure, some people
doing things use weak systems, out of ignorance, out of laziness, out
of a sense that they are immortal and cannot be caught. But others
doing illegal or marginal things are amongst the earliest adopters of
relatively robust systems: offshore banks, encrypted disks, and,
ironically, secure anonymous remailers.
(When the Finnish police finally forced Julf Helsingius to reveal the
pseudonym attached to the Church of Scientology "NOTS" documents, they
found that inside was a packet from a true Cypherpunks remailer, whose
last node was at C2Net, the company Sameer Parekh founded. End of
trail. This showed that even as early as 1995 someone was thinking
ahead to the day when the Finnish police would force a "weak
pseudonymity" system like PENET (Julf's system, based on earlier code
written by another hacker) to give "warranted access" a la Lessig. So
much for people being too dumb to use a strong system!)
If Lessig is truly _only_ proposing that some idiots be encouraged to
use weak remailers and weak crypto, then, fine, no harm done.
However, the goals Lessig is avowedly seeking, of access to identities
through "legal warrants," then his system will rapidly become unused
after the first few "legal warrant" convictions.
So long as strong systems cost little more than weak systems, strong
systems prevail. (And, for various reasons, strong systems are in most
cases cheaper to use than weak systems.)
In a kind of reverse of Gresham's Law ("weak money drives out good
money"), strong crypto drives out weak crypto.
(Actually, this is not so much a reverse of Gresham's Law as its
manifestation in terms of what money is: people seek to get rid of (=
spend) weak money and hold on to (= hoard, save) strong money. So they
spend their "debased" currency and hold on to their gold double eagles.
This actually confirms the above point.)
Bottom Line: In the ecology of encryption, remailers, and digital
money, weak systems that are LEO-friendly will ultimately lose out to
strong systems. Unless the strong systems are outlawed, and maybe not
even then.
--Tim May
"I'm sorry that Tim is being a bother again. He has a long history of
being obnoxious and threatening. So far, he has not broken any laws. We
have talked to the authorities about him on numerous occasions. They
have chosen to watch but not act. Please feel free to notify me if he
does anything that is beyond rude and actually violates any laws and I
will immediately inform the authorities."
Thank You
Don Frederickson (co-owner and CEO of got.net, Santa Cruz)
More information about the Testlist
mailing list