From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Mon, 9 Jan 95 19:09:47 PST
To: dfloyd@io.com
Subject: Re: Data Haven problems
In-Reply-To: <199501100125.TAA29250@pentagon.io.com>
Message-ID: <Pine.3.89.9501092040.C8850-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Jan 1995 dfloyd@io.com wrote:

> My problem is not that people will bitch about my DH.  My problem will
> be arfholes or yellow journalists uploading K*dd*e p**n to my DH, then
> making a long report how I cater to p*dofiles and other evil denezins
> that pop from time to time.  Then, I get the police knocking at my
> door, asking me to come to Club Fed for a looooonnnggg vacation.
>
I myself see nothing wrong with selectivly choosing your users at this 
juncture.  With an experimental server that wouldn't have the back-up to 
protect itself fomr attacks in real-space(police feds guns dogs fundies) 
you DO need to be careful.  If you wanna turn this into a profit 
thing(which is possible) you then would get to choose your clients.  I 
guess what I meant o say in tha tlast letter, was directed towards a 
full-fledged, well established and backed DataHaven that was not run for 
profit, but rather as a service to help the public(yeah, I know this 
lists idea on those projects, I wont go that direction no more) and thus 
would need to be open liek that.
 
> Of course, the DH will be hidden by a good remailer (anon.penet.fi), but
> it is trivial to use traffic analysis to find where the DH lies.  Just
> monitor traffic from/to the remailer and do a series of store/retrives.
> Then for confirmation, forge a mail from the dh site to the remailer with
> the password (obtained from sniffing) to yourself.
>
Well for an experiemnt that is fine, and I don't see it then much mroe 
then a listerv file service with encryption, unless i am missing 
something in teh DataHaven you have planned.  But later on when you wanna 
get serious and shit, you could get better shielding then that, depending 
on how much money you wanna spend.  Everythign from offshore sites with 
sattelite feeds or radio feeds(encrypted of course) with physical securiy 
measures and such.
 
> This is the main reason I haven't worked on this code for so long, as
> well as finals and other distractions.  Until I find a decent solution
> to this problem (The alpha test will be a snap... just allow certain
> people to send/get and ban all others, but once in full working mode
> this ceases to be a solution.) I am hesitant on setting up a working
> DH.
> 
I would set one up if I had the code tha tmet my standards(I don't have 
time right now to write it myself, but maybe if this thread goes well i 
will be inspired enough to order a few pizzas and go for it).  Right now 
my connection is muc much too slow to allow such traffic.  This is 
somethign i have been doing some serious thinking about also.  I cn 
actually see it bieng possible for me to have a small scale experiemntal 
data haven up and running in the near future, acting not only as a drop 
box, but also as a storage place and database of obscure information.