From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
To: Nesta Stubbs <cypherpunks@toad.com>
Message Hash: f5013588950a3602e89186fe6a6c9aa013848248699c964666100109669c0572
Message ID: <ab3b21760302100490ca@[132.162.201.201]>
Reply To: N/A
UTC Datetime: 1995-01-12 18:13:52 UTC
Raw Date: Thu, 12 Jan 95 10:13:52 PST
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Thu, 12 Jan 95 10:13:52 PST
To: Nesta Stubbs <cypherpunks@toad.com>
Subject: Re: Data Havens..A consumer perspective
Message-ID: <ab3b21760302100490ca@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain
At 4:30 AM 01/12/95, Nesta Stubbs wrote:
>> 4. It is no concern (only idle curiosity maybe) where the data is parked.
>
>it matters alot too me, that's the security of the dat, what if your data
>is sem top secret plan to bomb the pentagon, and you are using the data
>haven to distibute to your band of anonymous terrorists, I am sure you
>woudln't want your data stored ona public access Unix system, or in
>plaintext.
You shouldn't ever give the operator the info in plaintext. Encrypt it,
public or otherwise, and distribute the key to your Band of Merry Men.
Then it doesn't matter even it's sitting on a public access Unix system, no
one can read it anyhow. The main point of this kind of data haven seems to
be providing you a remote location to store your data, in an anonymous way,
so even if it does end up being found out, you can't be linked to it. I
wouldn't trust the operator to do anything particular with the data other
then keep it safe enough so I can retrieve it later, and I'd take the
neccesary precautions to account for that lack of trust. The only reason
I'd trust him to even keep it safe for me, is because of reputation market.
If he routinely loses people's data, word is going to get around. On the
other hand, if he routinely shows people's data to the FBI, no one is even
going to know about it. I don't trust him not to routinely show the data to
the FBI, or store it in public. Use encryption.
Of course there are different purposes for data havens, which would require
more trust of the operator. But I'm not sure how well those are ever going
to work, because I'd much rather trust my encryption then trust the
operator.
Return to January 1995
Return to “Nesta Stubbs <root@nesta.pr.mcs.net>”