At 11:19 PM 11/16/00 -0800, [EMAIL PROTECTED] wrote:
> That ZKS defends against the government intrusion is boring..
> There exist free, open-source projects (PGP, remailers, FreeNet)
> that already address this issue --
>in cyberspace, opposition to government censorship and
>abuse has largely been grass-roots in nature, exactly
>like it is in the real world... Also, its uncertain
>that there's much of a business model in protecting
>people from government tyranny..
The cool thing about ZKS's business model is that it claims to make
running remailers sufficiently worthwhile for ISPs to do themselves
that there should be a large number of them Real Soon Now,
and they'll be unlikely to close them down on the first complaint because
they're making money. The main governmental attack isn't tyranny,
it's subpoenas from lawsuits by people who don't like things you wrote.
Tyranny attacks have higher technical quality, but volume can be a real
killer.
Addressing the "protection of personal information" issues is a long
discussion for later.
>From a theoretical standpoint, encrypting messages has been Done Now,
but stopping traffic analysis is much harder, and it's much much harder in
practice.
Similarly, untraceable outbound email is much harder than untraceable inbound.
And deploying a Pipenet that performs efficiently for thousands of users is
still tough.
The good thing about cryptography and universal communication connectivity
is that a grassroots effort _can_ provide effective security.
The catch is that widespread protection that's scalable enough for everyone
to use
requires more infrastructure than a grassroots effort typically produces
unless you've got other hooks encouraging widespread deployment.
Over the last half decade, there have typically been about a dozen remailers,
and shutting down anon.penet.fi didn't need a government tyranny attack -
Scientologists could do it. (Yes, they used government to help, but
a serious government attack could easily take down the whole thing.)
And one individual got a dozen or so remailers shut down by complaing to ISPs
after forging Usenet attacks on himself through the remailer network.
And that doesn't even count the potential uses for spammers if they were
smarter;
dealing with that sort of heavy abuse is one thing that makes remailer ops
quit.
I don't know if their business model will succeed or fail -
it depends a lot on implementation quality and on marketing efforts,
and on deploying enough stuff (and getting enough customers)
to bootstrap other activities that use it.
Some of that's protecting people from government tyranny,
some is letting you surf without getting spammed (anonymizer does this too),
some of this is letting your kids chat on line without risking Bad Things
and letting your kids say Stupid Teenager Things now without it haunting them
the rest of their lives (e.g. not getting into college because of that
misdemeanor copyright violation from trading MP3s, or saying Harvard's
Hockey Team sucks...)
There are other business models that might work - building remailers into
Napster?
Anonymizer.com works well, though it could be shut down - what if Apache
shipped
with an anonymizer module that was enabled by default? (And what would the
spammers
or other abusers figure out to do with it? :-) Usenet supports a wide
ecology of
ways to build anonymous connections, though they're slow and not highly
efficient,
and Usenet's in a "Nobody goes there because it's too crowded" kind of
decline.
Anonymizers plus not-overly-Javascripted Free email systems are enough to
keep out
most attackers, though they probably won't stop a government attack if you're
using it over a long period of time.
Will ZKS succeed? I hope so, and more power to them - but they'll need to
get their product more distributed, and probably more polished, and
get their marketing engine in gear before their previous PR splashes fade
away.
Thanks!
Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
