[hashcash] Re: Opportunistic signatures - a proposed design
- From: Atom 'Smasher' <atom@xxxxxxxxxxxxxx>
- To: hashcash@xxxxxxxxxxxxx
- Date: Wed, 1 Sep 2004 03:36:37 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Wed, 1 Sep 2004, Eric S. Johansson wrote:
500 users minting stamps on 500 desktops is not a significant burden.
500 users having all stamps generated by an outbound "stamp server"
could be.
yup, that's right. Unless of course the organization says "we're not
touching the desktop. If you tell us to, go pound sand and have a nice
day." In my experience, this is any organization with more than 100
desktops.
===============
those organizations NEVER lead the way... they adapt reactively, not
proactively. if they could get away with rotary phones, typewriters and
carbon paper, they'd still be there.
so, those organizations ONLY adapt when they have to, and only to the
extent that they have to. if/when hashcash becomes a universal standard,
they will reluctantly adapt. maybe they'll spend 0.00000001% of their IT
budget on a "stamp server"... maybe they'll wait until the next 10-20 year
cycle when they're forced to upgrade their desktops... they're neither
movers nor shakers... they'll follow what technology dictates they must,
and they'll bitch and moan every step of the way. a public-key system will
be greeted with the same enthusiasm.
no, that is not what I am talking about. I am talking about individual
signatures associated with a given e-mail address. I was talking also
on the context of an enterprise or ISP environment. The same technique
will also scale down to the individual user.
==========
except that individual users won't have an in-house IT staff providing
24/7 support for their "network". if the fortune 500 companies can't keep
from getting infected with electronic diseases, granny doesn't have a
chance.
anyway, when i hear about an outbound server (since the desktops are off
limits), that usually involves keys per site, not per user. i suppose they
could configure it per user...
Personal boxes will get more secure. They are significantly more secure
than they were five years ago.
=========
that's debatable. i'm guessing that you don't subscribe to bugtraq, risks,
or crypto-gram. the way i see things, it's getting worse every day.
how secure is this: Zombie PCs spew out 80% of spam
http://www.theregister.com/2004/06/04/trojan_spam_study/
read that article, and think about what impact hashcash would make vs what
impact signing keys would make.
Continuing to dither about stolen keys due to viruses and other
intrusions will only serve to keep security off the desktop. If there's
nothing there to protect, why protect it. As soon as there is something
that to protect and a few people get burned, then they will be action on
many fronts to make the desktop more secure and quickly.
==============
if that were the case, bill gates would have been eating out of garbage
cans and begging for change years ago. do you have any idea how many
password-stealing viruses there are? they're coming out faster than they
can be added to anti-virus software! the whole paradigm of M$ is like
whack-a-mole... they'll never win... they'll only get further behind...
there are things on desktops that need to be protected, and every time
they get stolen or destroyed people just shake their heads and throw their
arms up.
If you're going to continue to dither about this, you might as well bend
over, grab your ankles and say "I'm ready for my close-up Mr. intruder"
because there isn't going to be a solution that is either practical or
one that will make you happy.
===============
freeBSD makes me happy. linux makes me happy. the thought of bill gates
eating out of a garbage can makes me happy.
i would assume that a machine gets owned, and between 2-3am that night
the spam will start... send out a flood of spam while the mark is
sleeping, and when they wake up they'll have a lot of people ~very~
angry at them.
see my point above. If there's something to protect, the people will
demand some way to protect it. It's not going to happen a minute
before.
==============
start reading crypto-gram.... one of schneier's repetitive points is that
software manufacturers should be liable for damages caused by their faulty
software. that would create an incentive to create better software.
viruses have been blamed for everything from bank failures and railroad
delays to power outages that spread through several states. if THAT'S not
enough to light a fire under someone's ass, i don't know what is.
since the average user's desktop CAN'T be kept secure, i really think
personal keys on auto-pilot is a net-loss. signed spam is still spam.
agreed then: M$ is the problem ;)
actually, computers or the problem. It doesn't matter which OSes out
there, compromises will happen, people will get burned, lawyers will get
rich.
in all this argument of risk factor vs. risk factor, one thing neither
of us can show is actuarial tables. Until you can show that for a given
number of hours on the net running particular piece of software etc. you
have a 0.000x percent intrusion rate, all discussions of risk are just
blowing smoke. 100 percent fine Caribbean smoke.
============
anything related to computer security (M$ press releases excluded) will
show a clear trend in what systems are more/less secure.
we have to assume that systems are insecure, and will remain insecure in
the foreseeable future. given that assumption, i see no useful role for
signing email on auto-pilot.
when risks are categorized, people will demand protection analogs of
police, fire, insurance.
==============
the risks have been around as long as computers, and those analogs have
yet to materialize. some companies have insurance, but that's tantamount
to admitting defeat. as long as commercial software can hide behind
shrink-wrapped indemnity clauses, they have absolutely no incentive to
make things better.
understood. But the human factors aspect of dropping the cost of
hashcash and substituting a signature as a forgery resistant channel
between two parties, is hugely beneficial to the end-user. The reason
all security measures fail today is because of human factors.
============
yes... people are stupid. there are some incredible algorithms and
protocols that ~can~ keep computers and data secure, but they provide no
defense against a sticky-note with the admin password.
a password-less signing key on an inherently insecure computer is worse
than the problem that it's trying to solve. and your theoretical
organization will be just as reluctant to implement that system as
anything else that involves writing a check.
Why do we still use passwords? It's because they suck less than all the
alternatives.
==============
hehe... try using the public-key feature of ssh.... that's way better than
a password!
Why is e-mail plaintext? Because it's easier to use than trying to
remember a passphrase. Why do e-mail and browser applications remember
passwords for you? Because it sucks less than remembering passwords.
so, we can go around this barn again or we can figure out a good, human
factors friendly way of minimizing stamp load when it is really needed.
This is important because a large number of attacks against hashcash are
political. They are "I'm not touching my desktops", "why should I spend
stamp time every time I send a message to someone I know","what about
mailing lists", and a host of others. They all appeared to boil down to
a resentment to spending CPU cycles unnecessarily. but what they really
are is failures of human factors. And when it comes to human factors
vs. security, human factors always win unless there is some dude with an
M-16 standing near you.
====================
all of those political arguments apply equally to a public-key system.
well, except for the CPU load of minting a stamp... but watch your CPU
meter next time you sign something, that's not quite free.
i understand that implementing hashcash could be a big and costly step in
some settings... to those organizations i can only (in the most respectful
way) give a one finger salute...
here's the deal, the way i see it; if you use hashcash, and mint a unique
stamp for me with a value greater than n, you will be granted the
privilege of bypassing my spam filter and getting a green light to my
inbox. if you don't, then my spam filter will decide which pile to toss
you into.
like all good things, it will have to reach some critical mass, and then
everyone will see that it is, ultimately, in their best interest to use
it. they can bitch and moan, kick and scream and complain the whole way,
but just like upgrading from typewriters to word processors, from carbon
paper to photocopiers, from telegraph to telephone... they will have to
come along or be left on the side of the technological highway.
i will concede on one point: if/when hashcash is being used in 100% of
mail systems, then spammers will have to accept that fact, and they too
will have to adapt or become extinct. extinction is fine with me, but many
will adapt, and accept that they must operate with a new restriction.
if/when this happens, then the arms race of stamp size will begin... i'm
not sure what that will lead to....
...atom
_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"Politics would be a helluva good business
if it weren't for the goddamned people."
-- Richard M. Nixon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures
iQEcBAEBCAAGBQJBNXwKAAoJEAx/d+cTpVciSPUIAJcwDBLyL/tqqIUb41L114oi
yL13P9qvLtaiv9kTqWajYZK5QTp2ZmW5diVOwSlOOoXx+x6ncphIo6+cKA0J5jBV
Q6I2Lqwybgv+dUV5S0jtXIBbo8ZsjgwTXWsWOj7DW7YHCUUiLydyNJ6OeeSDTADM
2WfAzjAKcvFsWXdqNeoqHa0O6sjGPkSFzunKmV6Yr3ZhIi2gsR9EW3G2mOkxq43g
WWwTEIKg4mQ/+fw0BRSDMIyuvrTYcPpBQ5V3YoMwY9INCM1zBgXF13uRYmf76vW0
T8+OuNDWpSpYL/JoMaF1dL8O/SiK68RObU5eN1iyn44x3xZNzlkVmCz1dhncP94=
=/kYn
-----END PGP SIGNATURE-----
Other related posts: