[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Data Havens..A consumer perspective
On Thu, 12 Jan 1995, Jonathan Rochkind wrote:
> At 4:30 AM 01/12/95, Nesta Stubbs wrote:
> You shouldn't ever give the operator the info in plaintext. Encrypt it,
> public or otherwise, and distribute the key to your Band of Merry Men.
> Then it doesn't matter even it's sitting on a public access Unix system, no
> one can read it anyhow. The main point of this kind of data haven seems to
> be providing you a remote location to store your data, in an anonymous way,
> so even if it does end up being found out, you can't be linked to it. I
> wouldn't trust the operator to do anything particular with the data other
> then keep it safe enough so I can retrieve it later, and I'd take the
> neccesary precautions to account for that lack of trust. The only reason
> I'd trust him to even keep it safe for me, is because of reputation market.
> If he routinely loses people's data, word is going to get around. On the
> other hand, if he routinely shows people's data to the FBI, no one is even
> going to know about it. I don't trust him not to routinely show the data to
> the FBI, or store it in public. Use encryption.
>
first note that in carol ann's post she previously said it doesn't matter
to her how the data is transported, and thus it could be in paintext, I
made. and also that she said that the operator should be able to specify
how it was transmitted.
once again we're running with different definitions of data haven. I see
the ata haven as more than just aplace to safely store data if it's
encrypted, I see it capabel of alot of other things, like acting as a
central point to BlackNet type operation, with the proper structure set
up to carry out the transactions with safety, or relative safety. also,
as a anonymous drop box type of place, I can then send my encrypted data
to the data haven, and let them hold it until some anonymous client or
eployer and I complete an agreed upon contract and both give word to the
data haven to complete it's aprt of the contract, wether it is allowing
the other person to now access that encrypted information, or doing a
monetary transaction with net-cash or whatever. Also, as a data base of
illegl information, like old credit records and such.
> Of course there are different purposes for data havens, which would require
> more trust of the operator. But I'm not sure how well those are ever going
> to work, because I'd much rather trust my encryption then trust the
> operator.
>
agreed. there are also other operations besides data storage that can be
protected by your own crypto, and only use the data haven as a mid-point.
argh, I'm sorry fo the poor typing in this letter, and the other one i
sent to Eric ont his subject, it's really late and I am dogged, just got
done 9 hours of work. BUt this topic is so interesting for me I couldnt
resist. Tommorow if I get a chance I will atttempt to outline what *I*
think of when I am saying data haven, maybe it will help us be more
productive, not that we arent doing that now...