[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Los Angeles Times article on Helsingius and anon.penet.fi
At 02:06 PM 9/2/96 -0700, Stanton McCandlish wrote:
>You have to have an anonymizing system that crosses a dozen or so
>national boundaries to make such an attack infeasible for most large
>organizations. You'd need a system that crossed 50 or more widely
>disparate jurisdictions to make it infeasible to large intelligence or
>law enforcement agencies, and even then you'd have to NOT have broad
>international agreements, such as you'd called for or it would be trivial
>to force all the remailers in the chain to cough up personally
>> My assumption is that there will be a wide variety of Net communities with
>> different rules/regulations/attitudes towards anonymity that would apply ex
>This is already true.
>> some kind of international sanctions; I think that's appropriate.
>That's what bugs me - if there are some kind of sanctions coming from a
>governmental body (I may be misinterpreting you here), that's probably
>enough to kill private and well as public anonymity on the Net.
>Incidentally, if something does happen from a governmental direction to
>kill online anonymity, it will probably be readily broadenable to all
At the risk of sounding like a broken record (a phrase that will get ever
more obscure now that we're in the CD era...) that's why I pushing AP
(Assassination Politics.) While anonymous remailers and chains are great
for security, there ought to be some final bulwark against violations of our
security and anonymity that doesn't depend on legal arguments, or even
technical refinements of encryption. When organizations such as CoS can
seek Penet data with impunity, and when courts in Finland can let them,
we're not safe.
Remember the saying, "The best defense is a good offense." Playing as we do
now, it's like saying, "We'll try our best to maintain our security, but if
it fails too bad." I propose changing it to, "We'll try our best to
maintain our security, but if you manage to violate it anyway you're dead."
As rude as it may sound, one of the best advantages is that this defense is
free while it's not needed, and is pretty cheap when called upon.
In case anybody has any residual doubts as to whether we should enforce our
rights in this way, consider this: if we've decided that we have the right
to anonymity and security (through remailers and encryption) EVEN IF some
people might misuse those tools to cause crime and potentially even death
(which, of course, would be an exceedingly rare outcome) then I suggest
we've already accepted the principle that our rights to use these tools
daily are more important than the possibility of a rare negative outcome.
(in the same sense that occasional fatal car accidents don't justify taking
away all cars.) And if that's the case, we should also be willing to
DELIVER a rare negative outcome to anyone who acts to take these rights
away, particularly if such a person is adequately forewarned of our