1994-02-15 - Re: The Difficulty of Source Level Blocking

Header Data

From: tytso@ATHENA.MIT.EDU (Theodore Ts’o)
To: hughes@ah.com
Message Hash: 9fb047e518096ccc64e52c91462c1282025de0bd862655cd39f0df525e661046
Message ID: <9402152211.AA08059@tsx-11.MIT.EDU>
Reply To: <9402152059.AA23156@ah.com>
UTC Datetime: 1994-02-15 22:21:44 UTC
Raw Date: Tue, 15 Feb 94 14:21:44 PST

Raw message

From: tytso@ATHENA.MIT.EDU (Theodore Ts'o)
Date: Tue, 15 Feb 94 14:21:44 PST
To: hughes@ah.com
Subject: Re: The Difficulty of Source Level Blocking
In-Reply-To: <9402152059.AA23156@ah.com>
Message-ID: <9402152211.AA08059@tsx-11.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Tue, 15 Feb 94 12:59:55 -0800
   From: hughes@ah.com (Eric Hughes)

   As I recently argued, the problem is not individual disrupters but
   salience in general.

I agree; this is indeed the problem.  And when we try to sell the
moderation software to individual groups, it should be sold as solving
the salience problem --- and that it solves the individual anonymous
disrupter as only side effect.

The way I'd design this service is that the newsgroup would be
moderated, and so postings would be mailed to a central site.  The
moderation group would have to have internet access, and would connect
to the central site using a client program.  The client program would
display the message to the moderator, and then the moderator would have
a chance to give a "thumbs up", "thumbs down", "abstain", or "decide
later" vote.  The software on the central site would send out the
message after the threshold number of moderators had approved the
message, or would kill it after the threshold number of moderators had
given it the thumbs down.  Of course, with something like this you'd
want to make sure authentication was done right --- which in this case,
probably means using a password-based challenge-response authentication
system.

Note that this proposed solution does not solve a lot of problems.  It
does not solve the moderation selection problem.  (The moderation group
can not be left wide open; otherwise a Detweiler could approve his own
postings.)  It does not solve the "forge a faked approved: header"
attack.  Yet for the problems it does solve, it would probably be a good
thing.

						- Ted

P.S.  Wow, a productive, constructive, relatively flame-free discussion
on cypherpunks!  I was beginning to think it wasn't really possible.  :-)







Thread