1996-08-27 - Re: Spamming

Header Data

From: John Deters <jad@dsddhc.com>
To: “Chris Adams” <adamsc@io-online.com>
Message Hash: 6bda0fbe338cc8c2d53f33c81ec7e8340b1f940fb7aa9f87756192aa77f5e80e
Message ID: <2.2.32.19960827180935.008cd398@labg30>
Reply To: N/A
UTC Datetime: 1996-08-27 21:41:46 UTC
Raw Date: Wed, 28 Aug 1996 05:41:46 +0800

Raw message

From: John Deters <jad@dsddhc.com>
Date: Wed, 28 Aug 1996 05:41:46 +0800
To: "Chris Adams" <adamsc@io-online.com>
Subject: Re: Spamming
Message-ID: <2.2.32.19960827180935.008cd398@labg30>
MIME-Version: 1.0
Content-Type: text/plain


At 09:27 PM 8/26/96 -0800, Adamsc wrote:
>On Mon, 26 Aug 1996 13:26:04 -0500, John Deters wrote:
>
>>>What do cypherpunks think about the following practice or law (I realize
>>>that it may be impossible to implement): each email message should carry
>>>a little digicash check for, say, 20 cents. Mail reading programs should
>>>reject (send back unread) all messages not carrying these digital
>>>checks, unless the senders are in the "friends list". The MUAs should
>>>ask users whether they want to "cash" the digital check or not.
>>
>>I do not believe it is possible to have a secure executable that exists on
>>an uncontrolled user's machine.  "Tamperproof" encryption chips still
>>require communications in and out from the user's program.  A determined
>>attacker could continue to use the pieces of their code that talk to the
>>encryption chip.
>
>>Never underestimate the allure of "free money" when you're planning to >give
>>it away.
>
>Methinks you don't understand e-cash.  It's not executable, and uses public key
>crypto to prevent "minting".  It uses records to prevent replays.  In other
>words, it'd be like Ed McMahon including a quarter in the envelope.  You'd only
>be able to use it once....

Maybe I misspoke; I wasn't referring to minting e-cash.  I was referring to
the fact that if you can get spammers to enclose a 20e coin for every junk
e-mail advertisement you agree to read, then you can write a mail reader
that will read their spam and collect all their 20e coins.  To me, that's
better than "minting" e-cash.  Totally legal, and the net effect transfers
funds from the spammers to me.

The rest of my letter was in regards to writing that mail reader.  And no,
even if they were to succeed at getting stupid users to install their own
special mail reader just for the privilege of reading their advertisements,
without secure hardware in the users' machines, their mail server would not
be secure against a spoofing attack.

John
--
J. Deters  "Captain's log, stardate 25970-point-5.  I am nailed to the hull."
+-------------------------------------------------------+
| NET:   jad@dsddhc.com (work)    jad@pclink.com (home) |
| PSTN:  1 612 375 3116 (work)    1 612 894 8507 (home) |
| ICBM:  44^58'36"N by 93^16'27"W Elev. ~=290m (work)   |
| PGP Key ID:  768 / 15FFA875                           |
+-------------------------------------------------------+






Thread