From: Michael Higgins <higgins+@CMU.EDU>
Date: Mon, 18 Nov 1996 23:18:49 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: The Utility of Privacy
In-Reply-To: <199611190651.AAA00275@mailhub.amaranth.com>
Message-ID: <gmYJvGG00YUn0Ttc00@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Forgive me if I missed it, but there seems to have been little
discussion of the link between privacy and identity in this thread.
(The list is so noisy that I miss a lot of things.)

On most computer systems, one's identity is represented by some
secret, whether it's a login password or a private key.  Obviously, to
maintain the integrity of the identity the secret must be protected
which requires privacy.

Now whether or not I have "something to hide", I very much want to
protect my identity from being usurped.  (He who steals my purse
steals trash...)

Now is it the case that people are interested in stealing identities?
Certainly.  My account on the CMU Andrew system (where this is being
written) was compromised once.  Not out of any animosity toward me,
but simply as a platform to launch a hacking attack on some other
system.  (Universities, and I suspect other networks, are rife with
packet sniffers.  Having been burned once, I rely tremendously on
encrypted connections.)

This is not to say that one's identity-secret is the only secret worth
protecting.  But I thought I'd mention it as something to think about.

	Mike

P.S. In a way, credit card numbers are identities --- the fact that we
just hand them out to people is very disconcerting.  (I'm told that
most credit card fraud is by vendors.)