1995-08-02 - NYET–attempted formal specs (again)

Header Data

From: pjm@ionia.engr.sgi.com (Patrick May)
To: cypherpunks@toad.com
Message Hash: 2918009c6753445f470233ddd2aaca70395838be658d665a2b32ce1ae601bff1
Message ID: <199508021853.LAA10598@ionia.engr.sgi.com>
Reply To: <Pine.3.89.9508020848.A4868-0100000@maria.bga.com>
UTC Datetime: 1995-08-02 18:53:49 UTC
Raw Date: Wed, 2 Aug 95 11:53:49 PDT

Raw message

From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Wed, 2 Aug 95 11:53:49 PDT
To: cypherpunks@toad.com
Subject: NYET--attempted formal specs (again)
In-Reply-To: <Pine.3.89.9508020848.A4868-0100000@maria.bga.com>
Message-ID: <199508021853.LAA10598@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Nathan Zook writes:
[ . . . ]
 > NYET-- Non-Youths Exhibit Temperance.
 >  
 > This is a rising, legitamate concern among parents that their children
 > have all-to-easy access to porn on the internet.  Last year, there
[ . . . ]
 >  
 > But none of these proposals can ultimately succeed.  Here I restate my
 > NYET proposal from last year for your consideration.  The system is of
 > necessity ISP-based.  Home-based systems are subject to attacks at
 > home.  Since many (most?) children are better with computers than
 > their parents, these attacks can be expected to succeed.
[ . . . ]
 >
 > The NYET-software runs as superuser on the ISP's machine.  All minor
 > accounts have a corresponding configuration file sitting in their
 > account owner's parent's directory, which is locked with read/write by
 > owner only flags.  The correspondence between minor and parent
 > accounts sits in a file owned by root and similiarly locked.
 >  
 > The parent sets the configuration file to permit and deny access to
 > various parts of the net.  Since it is unreasonable for the parent to
[ . . . ]

     Your solution fails against your specified threat.  Children who
are more software-proficient than their parents will, in many cases,
be able to access their parents' accounts and modify the configuration
file (or simply use the account to access the blocked areas).
Ultimately, all such systems are "home-based" if any accounts used by
members of the household have or can be granted access to the naughty
bits (tip o' the hat to M. Python).

     While your proposal is obviously marketable, given the success of
Prodigy and the prospects for SurfWatch, it does not appear to be
inherently more secure than schemes that utilize subscriber software.

Regards,

Patrick May

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMB/Jqe5Yg08fDKehAQH16gQAp78uOJX02xNz7/5XYPBcaRZRC8pCWx6K
oUdOxbGta/l1rKrRGWhJ7WLJy9iaopBcbr4YXNOMPL4Va91DEXkJ5rfJKXC+o7Mz
jA0wBujVu0DK+S0C49Ah3OoXxX6H0SorbuscvDF2IIw9aGLSezD49H4/GgWvhklo
Y1Gu5Tfok+Y=
=FsYi
-----END PGP SIGNATURE-----





Thread