From: "Igor Chudov @ home" <ichudov@algebra.com>
Date: Thu, 27 Mar 1997 16:51:35 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: OPINION: moderation and anonymity
Message-ID: <199703280044.SAA01846@manifold.algebra.com>
MIME-Version: 1.0
Content-Type: text/plain


Jay Denebeim (denebeim@deepthot.cary.nc.us) wrote
* Igor Chudov @ home <ichudov@algebra.com> wrote:
* 
* >3. It is a common misconception to think that since anonymity means no
* >accountability, it will lead to abuses. Even though such an argument may
* >be made in general (it is subject to a significant disagreement), it
* >does not apply in the least to moderated groups. Since moderators are,
* >generally, responsible for the content of the messages that they allow,
* >the final responsibility and control is in their hands. If a certain
* >anonymous posting does not satisfy the newsgroup charter, moderators can
* >always reject it.

I would like to thank Jay for his thorough and thoughtful comments. I 
agree with many of his point, and leave only those that I disagree on.

* You can have both accountability and anonymity.  From a newsgroup
* moderator's perspective it's not necessary to know the account of the
* person, only a way to uniquely identify the individual.  There is
* cryptography available for every machine that can provide these unique
* signatures without requiring a valid from address.

You are correct, there are tools allowing individuals to sign
their articles and verify electronic signatures. My moderation bot
STUMP even has built in support for PGP signature verification.
Some of its features are directly indended to be helpful for anonymous
users who want to not only post to newsgroups, but also maintain their
reputations. As you know, I think that anonymous users can be
great contributors to moderated newsgroups.

I am not sure that this article is the place to go into  a lot of detail
about these features, but I can summarize them for those who are interested.

However, there is a big and sticky question of what identity really is.
For example, I can establish several PGP keys and post anonymously using
all of them in turns.

What would be my identity? And if I use one of the keys to post 
off-topic articles and you "punish" that key not knowing that the 
same physical person uses several others, what's the point of such
"punishment"?

That is not to say that using PGP signatures in moderated groups is
bad: it is great, especially since anonymous users who use PGP to 
sign their articles can be safely put to the preapproved list of 
robomoderator bots. 

The problem is that while we have IDENTIFICATION, there is little
we can to do enforce ACCOUNTABILITY.

* However, the current newsgroups where this issue has been raised are
* all robo-moderated purely for spam elimination.  That means that there
* must be some way to identify posters so they can be mechanically
* blocked if necessary.  Cryptography and/or valid e-mail addresses
* (whether those addresses actually show up in posts or not) are
* necessary for the filtering function to be totally bullet-proof.

I disagree with this point. First of all, forging email messages to
look like they come from non-anonymous addresses is very easy (just telnet
to port 25 and type 3 magic lines). Second, a person can secretly have 
multiple keys.

If someone is determined to bypass a robomoderation bot that does not
require EVERY preapproved poster to positively identify herself, they
will get through. By the way, I believe that most forgeries in moderated
groups are results of personal problems of posters AND moderators, and
moderators need to honestly take care of the underlying problems.

It is very hard if not impossible to deal with determined and
knowledgeable forgers. I would much rather ensure that they get
equal access to the group than try to fight them by technical means.

* Actually, the cryptographic signature posts are the only 100% reliable
* ones, although all newsgroups I'm aware of only accept the forgable
* from: lines currently, the spammers have not figured out how to get

This is 99% correct, but not 100% correct. Newsgroups that are
moderated by STUMP will NOT ACCEPT forged From: lines pointing to
posters who have requested special cryptographic protection. All articles
purporting to be from such persons pass mandatory check of a PGP
signatures.

* past robomodded groups yet, and if they do forge addresses, they are
* breaking the law currently (fraud), so I don't know that this will
* ever become an issue.
* 
* Now, there are some other, even less reliable, methods of
* robo-moderating.  The 'clue test', which requires a password on your
* first post that is listed in a FAQ is one that I think would work
* quite well today.  It does have a problem in that if the spammers ever

Yes. It is an absolutely great method for newsgroup that do not
want to bother themselves with the costs of having a human moderator,
while at the same time eliminating spam and multiposted "flame"
threads.

We now have two bots, one of which is yours, that allow to quickly
set up such automoderated groups.

People who are determined to post off-topic articles to such groups have
very many ways of getting past the robomoderator bot.  That is usually
OK since it is not the regulars who are the problem.

	- Igor.