1995-11-03 - Anonymity and integrity

Header Data

From: fc@all.net (Dr. Frederick B. Cohen)
To: cypherpunks@toad.com
Message Hash: 515998b5ebdf55ad1122e8da6cd7b3c320ff9ac81ebc9fbc619b3e7fedf66d20
Message ID: <9511022111.AA15199@all.net>
Reply To: <199511021934.OAA22117@opine.cs.umass.edu>
UTC Datetime: 1995-11-03 02:49:28 UTC
Raw Date: Fri, 3 Nov 1995 10:49:28 +0800

Raw message

From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 3 Nov 1995 10:49:28 +0800
To: cypherpunks@toad.com
Subject: Anonymity and integrity
In-Reply-To: <199511021934.OAA22117@opine.cs.umass.edu>
Message-ID: <9511022111.AA15199@all.net>
MIME-Version: 1.0
Content-Type: text


Futplex <futplex@pseudonym.com> opines:

... [example was here - saving bandwidth]...

> It seems to me that the integrity of the statements was rather easily verified
> based on the merits of the statements themselves. In particular, one or two
> participants in the forum denied the claims made that they were members of
> the editorial board.
> 
> Granted, some people would have been more inclined to look askance at the
> messages if they had known the author's True Name. But as the saying goes,
> "past performance is not a guarantee of future results". You can choose to
> doubt or believe a message because of the author's past reputation. But
> reputation is not a reliable predictor of the integrity of future assertions.
> It's a nice psychological crutch, but reliance on a "rational expectation" is
> a long way from anything I would call "assurance" or "verification". It
> doesn't prove anything. The only acceptable method of assurance I can see is
> careful analysis of the propositions posited, and empirical verification of
> the facts presented. Leaning on past reputation is accepting an odd form of
> Proof by Authority.

You are correct in stating that it doesn't prove anything, but that, it
seems to me, is universally true.  Nothing you can ever do can prove
absolute integrity.  The issue then comes down to whether you get more
integrity by knowing (or having access to) the full body of informaiton
about a source.  I think you do.

> As it happened I had never heard of the True Name of the sender, so the
> knowledge wasn't useful to me.

But with the name, if you had chosen to, you could have done a great
deal to learn about the history of the individual - through his
published works, the many fine and not so fine things he has done in his
career, etc.  It is the availability of this reference material that
makes the identity that much more useful. 

> > I understand that over time, reputations can be built up for pseudonyms
> > (which are not necessarily anonyms) but then, with a pseudonym we might
> > reasonably ask what the motive is for hiding the real identity.  
> [possible motives...]
> > Without knowing the motive, how can we assess the statements? 
> 
> By asking yourself if they seem to make sense, checking them against known
> facts and beliefs, etc. The same methods, IMHO, that are mainly appropriate
> to assess anyone's statements.

It is interesting that you take this line, especially in a forum where
so many people trust so much that is posted without verifying it.  For
example, who on the cypher punks list verified the posting made by the
people from MIT regarding Java?  Was it simply the trusted MIT name that
caused you to take int on faith?

One of the underlying assumptions of the scientific establishment, and
in fact science itself, is that results be published and verifiable, but
in reality, almost all results are not verified, and even the most
startling results aren't verified before many people begin to place
trust in them.

Example of a relatively quick response to such an assertion was the Cold
Fusion situation a few years ago.  On the other hand, the professor at
the University of Pittsburgh who published results based on faked data
(this is a gross simplification, I know) was widely believed for many
years.

The fact is that, today, there are simply too many results to verify
them all along with the underlying data they depend on, the software
used to generate them, etc.  As a result, we are increasingly left with
trusting the people rather than the results.  Another issue is that the
resources required to reproduce "big science" are not available to most
people.  Has anyone reproduced Adleman's experiments on bilogical
computation? I know of nobody that has, and would love to do it myself,
but I don't have the necessary equipment.  This is an Earthshaking
result with enormous long-term consequences, and I'm certain it's right
because I agree with the underlying theory and don't see any reason for
anyone to lie about it, but if Nostragnia of the Crydon Republic had
published it anonymously, I would be much more hesitant to accept it
and so would you (all).

> > In fact, how can we know that the original pseudonym still
> > applies? Someone could kill you and take over your pseudonym, and even
> > though we might hear of your death, the pseudonym might continue based
> > on your reputation but with another actual source.
> 
> Of course, the is-a-person problem has been discussed at great length. 
> Digital signatures are as effective for pseudonyms as for anyone else.
> The messages we've seen "from Alice de `nonymous" might all have come from
> different senders. They exhibit a common tone and style, but that doesn't
> assure us of anything. In a sense that makes them more inviting,
> since there's always the chance that a third party is attempting a clever
> parody or a sly bit of character assassination.

The question is not whether the signature is right, but rather, are
there other reasons to believe or not believe - trust or not trust -
etc.  the sender.  The less anonymity, the better this is revealed.

> [...]
> > It's an interesting concept that each statement should/could be taken on
> > its own and evaluated independently of the rest of a person's life
> > context, but in my experience, that has serious problems.
> 
> In my experience, that's about all I can usually do in network communication.
> In principle I _could_ devote scads of time to background investigations of
> my correspondents, for all except strongly anonymous and strongly 
> pseudonymous parties, but I don't find that approach realistic.

The point of non-pseudonyms is that if you want to know you can try to
find out.  If others know additional relevant information and decide to
reveal it, you can tell that much the better.  It also reuces blatant
character assasination (which brings some level of civility) and forces
people to take personal responsibility for what they say and do.  All
of these things, in my opinion, increase integrity.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





Thread