1996-05-18 - Remailers & what they get out of it…

Header Data

From: Jim Choate <ravage@ssz.com>
To: cypherpunks@toad.com
Message Hash: 1b99774796c13cb93237e46537115e47a960f78803401c57ae5ac7c3e29af178
Message ID: <199605171909.OAA09791@einstein.ssz.com>
Reply To: N/A
UTC Datetime: 1996-05-18 20:15:37 UTC
Raw Date: Sun, 19 May 1996 04:15:37 +0800

Raw message

From: Jim Choate <ravage@ssz.com>
Date: Sun, 19 May 1996 04:15:37 +0800
To: cypherpunks@toad.com
Subject: Remailers & what they get out of it...
Message-ID: <199605171909.OAA09791@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text

Forwarded message:

> From: Alex Strasheim <cp@proust.suba.com>
> Subject: Re: SEVERE undercapacity, we need more remailer servers FAST
> Date: Fri, 17 May 1996 13:18:24 -0500 (CDT)
> The remailer net won't stand up to challenges of any strength because no
> one gets anything for running a remailer.  It doesn't matter if the
> challenges are strong enough to win, or if they ultimately have any merit. 
> If you don't get anything for winning and you'll get burned if you lose,
> the expected value of the game is negative no matter how unlikely losing 
> is.

As long as the remailer is run a 'grins & giggles' affair you are right.
The moment they are run as a business enterprise then the game changes.
Several of the Austin Cypherpunks and myself have set up a remailer here
in Austin (kourier.ssz.com) using MixMaster. The intent is that once we get
out of testing the software and other mods we are in the middle of we will
have a commercialy viable service. I am currently discussing with a couple
of local lawyers possible strategies we can employ if CoS or others start
legal motions. The idea that we are exploring is a defence by offence. One
aspect is 'work in progress' protection of both our development mods as well
as our customers work. I also hope to build part of the defence on the fact
that to bring the remailer down denies access to the public key-server which
is integrated into the remailer as a value-added service.

(NOTE: don't waste your time trying to get to kourier over the next few
       weeks. A more public announcement is in the works)

To me the biggest problem with the crypto work right now is that not enough
professionals are involved. If more remailers and such were initiated as 
a business there would be legal avenues to explore. Also, in this vain is
the apparent lack of support for commercial ventures by developers of such
apps as MixMaster (whose license explicity prohibits commercial use).

And for the record, yes, we expect to charge real $$$ for access. Our
current plan is $10/month for each account. Money orders prefered. We have
at this point pondered e-cash methods but it doesn't seem popular enough
at this juncture.

> If you want the remailer system to stand up you have to make the expected
> value positive.  The expected value of bookmaking is positive, even though
> it's illegal to take sports bets in most states.  As a consequence it's
> not hard to find someone to take a bet.  Individual bookies may come and
> go, but the system will always be there.  If the expected value of running
> a remailer was positive, the remailer system would thrive even if it was
> illegal to run one.
> To make the expected value positive, you have to (a) make it profitable to
> run a remailer, and (b) set up a protocol that gives someone who runs one
> a fighting chance of not getting busted.  (a) is easy enough in theory,
> but I don't know how you could do (b), at least not if you wanted to let
> people do public things with the remailers (like post to usenet). 

I agree with (a) completely. The way to make a remailer profitable is to
charge for access. As to (b), step one is get a lawyer on board from the get
go. One aspect of (b) is that it should be no more illegal for me to allow
my users to post to usenet anonymously via my guest account than to do it
via a remailer. In fact, one could argue that if anonymous remailers are
truly illegal then so are 'guest' or other demo accounts on systems that
don't get personal info (and verified at that) prior to accessing any system
services. This means that systems such as l0pht.com or ssz.com are illegal
to operate.

                                                        Jim Choate

                                    \\/////    "Don't have a cow, man"
                                    |     |  / 
                                    (.) (.)

         Tivoli an IBM company                  CyberTects: SSZ
         Customer Support Engineer              SOHO Consulting/VR/Robotics

         9442 Capitol of Texas Highway North    1647 Rutland
         Suite 500                              #244  
         Austin, TX 78759                       Austin, TX  78758

         Email: jchoate@tivoli.com              Email: ravage@ssz.com
         Phone: (512) 436-8893                  Phone: (512) 259-2994
         Fax:   (512) 345-2784                  Fax: n/a
         WWW:   www.tivoli.com                  WWW: www.ssz.com
         Modem: n/a                             Modem: (512) 836-7374
         Pager: n/a                             Pager: n/a
         Cellular: n/a                          Cellular: n/a