1997-09-29 - Re: Digital Postage (fwd)

Header Data

From: Jim Choate <ravage@ssz.com>
To: cypherpunks@ssz.com (Cypherpunks Distributed Remailer)
Message Hash: 19b73ace7a1d058402f60e53c5e812ce545930c6e846ac0b28f47b8a7d3b1aa9
Message ID: <199709290409.XAA10643@einstein.ssz.com>
Reply To: N/A
UTC Datetime: 1997-09-29 04:10:06 UTC
Raw Date: Mon, 29 Sep 1997 12:10:06 +0800

Raw message

From: Jim Choate <ravage@ssz.com>
Date: Mon, 29 Sep 1997 12:10:06 +0800
To: cypherpunks@ssz.com (Cypherpunks Distributed Remailer)
Subject: Re: Digital Postage (fwd)
Message-ID: <199709290409.XAA10643@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text

Forwarded message:

> Date: Sun, 28 Sep 1997 21:03:59 -0400
> From: Anonymous <anon@anon.efga.org>
> Subject: Re: Digital Postage (fwd)

> Jim Choate wrote:
> >> No, there is only one system which provides anonymity.  It's called ecash.
> >> The other systems do not have the features we want.
> >
> >Yes, but it does not have a clear market advantage. In fact the
> >anonymity issue may actualy work against it.
> We are not talking about an abstract "what will the market do" issue
> here.  We are talking about how to get a working payment system up for
> remailers which gets us great service and provides privacy and
> security.

That is exactly what we are talking about, he who predicts what the market
will do AND invests somebodies elses money will win big. That 'abstract'
market motion is EXACTLY what the market will do in practice. In other words
it's the service you will be buying because the people with the money think
it will make them money off your willingness to spend your money.

As I have said before, privacy and security are not issues in remailers.
Being able to plausibly deny any involvement is, a subtle but important

> The rest of the world may or may not catch on to ecash, but if it's
> going to start, it will start with a small group.  I think it should
> be this one.

It will not start with a small group. Anonymous remailers are big traffic -
big buck operations in the long run. The price per message must be in the
milli-cent range which means the traffic must be in the mega-message range
to make money; simple multiplication.

> Businesses use multiple forms of payment all the time, even in the
> United States where multiple currency use is legally discouraged.

It isn't a question of which currency you use - that is NOT the same as the
economic system in place. Businesses may use dollars or dinars but at the
end of the day they put them in a bank which at least at times follows
international agreements on banking. This is why we can transfer money from
one denomination to another.

> When I go to a restaurant I can pay in cash or use a variety of credit
> cards.  And credit cards cost the establishment a substantial amount
> of money and headache, too.

Yes, but that is not a different system. You are still taking money from
your bank account (on loan from a bank if through a CC) and putting it in
somebody elses bank account. The banks define our system of economics to a
great degree. Banks don't like anonymous transactions so whatever system we
put in place must buy the support of the traditional financial institutions
at some point. How do you convince a bank that anonymous cash transactions
are in their best interest?

> I hope we are all assuming that The Enemy knows who is using
> remailers, at least at the moment.

If they do then the users aren't anonymous anymore and hence any 'security'
or 'privacy' they may derive is one of delusion.

> There's no hiding those telltale
> PGP messages sent to a certain short list of suspected remailer
> addresses.  Some day we will have good steganography and it won't be
> possible to tell who is using a remailer, but this is not the best
> problem to solve right now.

Stego won't be any harder to detect than a PGP encrypted message.

> >Can do what? Anonymity cracking or create a payment system that
> >allows for the intermediate parties to be paid but doesn't
> >over-burden the user? The point is not to have the poor end user have
> >to create a half- dozen payment arrangements to get chaining. It
> >becomes a real hassle to do at that point.
> No it doesn't.  Watch carefully:
> $remailer{'cyber'} = '<alias@alias.cyberpass.net> alpha pgp';
> $remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
> $remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
> $remailer{"jam"} = "<remailer@cypherpunks.ca> cpunk mix pgp hash middle latent cut ek money25cents";
> $remailer{"winsock"} = "<winsock@rigel.cyberpass.net> cpunk pgp pgponly hash cut ksub reord ?";
> $remailer{'nym'} = '<config@nym.alias.net> newnym pgp';
> $remailer{"squirrel"} = "<mix@squirrel.owl.de> cpunk mix pgp pgponly hash latent cut ek";
> $remailer{'weasel'} = '<config@weasel.owl.de> newnym pgp';
> $remailer{"reno"} = "<middleman@cyberpass.net> cpunk mix pgp hash middle latent cut ek reord ?";
> $remailer{"cracker"} = "<remailer@anon.efga.org> cpunk mix remix pgp hash ksub esub latent cut ek money25cents reord post";
> $remailer{'redneck'} = '<config@anon.efga.org> newnym pgp';
> $remailer{"bureau42"} = "<remailer@bureau42.ml.org> cpunk mix pgp ksub hash latent cut ek";
> $remailer{"neva"} = "<remailer@neva.org> cpunk pgp pgponly hash cut ksub ?";
> $remailer{"lcs"} = "<mix@anon.lcs.mit.edu> mix money25cents";
> $remailer{"medusa"} = "<medusa@weasel.owl.de> money25cents mix middle"
> $remailer{"McCain"} = "<mccain@notatla.demon.co.uk> mix middle";
> $remailer{"valdeez"} = "<valdeez@juno.com> cpunk pgp pgponly hash ek";
> $remailer{"arrid"} = "<arrid@juno.com> cpunk pgp pgponly money25cents hash ek";
> $remailer{"hera"} = "<goddesshera@juno.com> cpunk pgp pgponly hash ek";
> $remailer{"htuttle"} = "<h_tuttle@rigel.cyberpass.net> cpunk pgp hash latent cut post ek";

I guarantee that neither your mother or mine will look twice at that
gobbeldy-gook. Hell, I won't use it because I have to create such files
every damn time I have to send a message. Too much work, too much room for
errors. When you can arrange to chain remailers without the user having to
touch the above you will have a winner.


> See if you can figure out which remailers accept money and how much
> they accept.  Now, in figuring that out, did you do anything that
> would reveal your identity?  Do you think a simple program could
> handle the task?

Actualy, yes I did do something to reveal my identity. I have to pass that
entire list of chaining along to the first remailer who passes it along to
the second minus the first entry and so on. If I can grab a single remailer
in that chain I can back track because that remailer knows where that list
came from.

To really make chaining secure neither the user or the individual operators
should have a say in it.

> You might be.  I'm interested in smart people who want to protect
> their privacy.

Then they won't use remailers at all. A smart person is not going to trust
any 3rd party channel they don't have total control over. A smart person is
not going to get involved in a conflict in the first place. The situation is
sort of like the comparison between reasonable and un-reasonable men.
Progress is caused by the un-reasonable man. If the commercial remailer is
ever going to arise (which I doubt) it will be one of 'regular joe's' as
users and must be about as complicated as getting a coke from a machine
(which is a long way off currently).

> >This is the silliest thing I think I have heard so far in this
> >discussion....
> >...And my experience is that prices move up and people expect them to.
> Mind your manners.

I am, that doesn't mean I can't call a spade a spade. I didn't say anything
about you personaly, deal with it.

> Then look around.  For the last few hundred years just about
> everything has been dropping in price.

Really? I suggest you look at newspapers from say the mid-60's and compare
them to now. Very few things will be anywhere close to where it was then in
price, and the vast majority will not be lower.

Bread went up, water went up, electricity went up, etc.

> And, in the computer and
> information industry in particular, prices drop like crazy all the
> time for decades, even when you adjust for inflation.  Buy memory
> recently?

No, prices don't drop the machines that used to cost the current price
aren't made anymore. Any entry level machine costs about $1,000 just like
it did 10 years ago. The difference is that you get a lot more hardware
and a new os. Again, a minor but important distinction.

Yes, I have bought memory recently - 64M as a matter of fact. The memory has
dropped in price because the new machines don't take it anymore or else
the motherboards with the new many-megs-required OS's won't work on 8M
anymore. Theres no mystery other than obsolescence at play. Try buying one
of the new 4G DRAM's....

> If you want to run a remailer and charge a fraction of a cent for each
> message, or for an account, or whatever, please be my guest.

I looked into it for several months about a year and a half ago. The result
was the current economic, social, and legal environment simply aren't going
to support such operations in the near future with anything like the
indipendance that we would like.

Hell, your the one offering $50 or somesuch for a commercial remailer. Take
that $50 and set up your own site. Nothing like experience to teach a hard
lesson. If you're right you should be making money in short order.

> >The key to anonyous remailers is not the cost per message but rather
> >the amount of traffic to be carried.  Anonymous remailers are beasts
> >of mass markets measured in millions of recipients.
> That is obviously untrue.  Remailers are used by a small highly
> specialized market of perhaps a few hundred people.  Some day, if we
> do good work, there will be millions of users.

While remailers may be, commercial remailers still don't exist and are a
completely different beast than some philanthropic enterprise. If you don't
get the millions up front you won't be getting anyone. The other aspect you
seem to ignore consistently is not the cost to submit the original message
but the cost to send that message to the world, the real cost I might add.
The purpose of commercial remailers (and I suspect all remailers) is to
reach a mass market. If your market can't reach millions for pennies nobody
will use it because you can't give them what they want.

Whether its drugs, sex information, or political views the central party
must reach a large group to succeed.

> Can you think of any mass market which started out as a mass market?
> I can't think of a single one.

Once the pioneers worked out the technology: Cable television, music videos,
automobiles, air transport, bicycles, telephones.

> >But the system to post charges BETWEEN remailers must be pretty
> >consistent to be acceptable.
> Untrue.  You just have to know what each remailer charges.  That's
> about as hard as knowing what services it offers or that it exists.

Only if you feel obliged to arrange payment between the remailers yourself,
which provides a link between remailers and you further eroding your
expectation of anonymity. The point, which you miss, is that the chaining
remailers should know nothing of the original user which your system fails
to do.

> >That is the key and it has NOT been discussed too any great
> >degree. That inter-remailer traffic must be anonymous also or else
> >traffic analysis can back-track.
> I may be misreading this, but you do realize ecash is anonymous,
> right?  Nobody can tell who sent the money, just who received it.

ecash is anonymous but it is not an accepted standard between remailers, let
along commercial ones. Furthermore, under your system I as a user must
contact each remailer and arrange payment to some account. So we know not
only who received it but who sent it as well, otherwise how does the
remailer know to take your payment and apply it to your account and not
mine?. If we further accept your premise that mallet knows who is using those
remailers then we are completely devoid of anonymity.

> Perhaps you are arguing that The Enemy would notice that you withdrew
> a bunch of coins and then make a guess that all those remailers making
> deposits three minutes later are depositing your coins?  That is
> easily solved by generating the ASCII ecash certificates once a week
> or so and then pasting them into your messages when you send them.

I am arguing that under the current system the checks and balances are such
that true anonymity can't be attained on a scale that is commercialy

> >It seems to me that the remailers need some sort of anonymous payment
> >server that is put in place for some other reason, that way they
> >don't have to deal with the justification issue.
> What justification issue?  Ecash is available right now.  You don't
> have to justify it to anybody, just use it.

Really? How about explaining how I purchase a car or house anonymously with
ecash? I can't.

Also, you seem to have missed an important point. When we get a system where
anon remailers can survive we will have created an anonymous money laundry,
not something that a lot of people want or desire.

> Hopefully, once the cypherpunks start using it regularly, it will
> begin to catch on with people peripheral to the group, and then with
> everyone.

If this were true it would have already happend. The thousand or so people
on this list might be involved in the technology and its application, I
doubt that we will have any say in its eventual success.

> >> You are confusing one cost of doing business with the price the market
> >> will bear.
> >
> >How?
> You seem to think that because the cost of transporting mail is
> inexpensive, the price for protecting somebody's identity can't be
> high.

First, you don't know what I think - ask questions don't make assumptions
(speaking of manners). Please keep your ad hominims at home.

What I am saying is that because the cost of individual mail is low I as a
commercial business trying to make a living off each of those emails can't
expect a lot from them, therefore I need a lot of them.

> >What I am saying is that physical mail and the system developed for
> >dealing with it went hand-in-hand. The design and advancement of the
> >Internet technology is not driven by email or it's technology. That
> >perhaps because of this difference perhaps we need to look at models
> >other than the postage one. It in fact may be coloring our perception
> >and a look at alternative models might help.
> The only models that have been proposed so far require a lot of work
> and evangelism.  Ecash doesn't require much work, and it will be
> easier to evangelize.

ecash is not what I am talking about here. Which by the way will take a lot
of work to get people to use it as ubiquitously as needed by a commercial

I am talking about the entire infrastructure that will be required to support
commercial remailers. What will be required is not clear to anyone involved
in the issues. I furthermore don't have any interest in religion (re
evangalism) but rather in running a business and making money. I don't want
to change your mind, I want you to spend your money with me (as an anon
remailer operator) with the security that no matter what you submit it can't
be traced back to you. Even your much vaunted ecash can't do that yet.

   |                                                                    |
   |    The financial policy of the welfare state requires that there   |
   |    be no way for the owners of wealth to protect themselves.       |
   |                                                                    |
   |                                       -Alan Greenspan-             |
   |                                                                    | 
   |            _____                             The Armadillo Group   |
   |         ,::////;::-.                           Austin, Tx. USA     |
   |        /:'///// ``::>/|/                     http:// www.ssz.com/  |
   |      .',  ||||    `/( e\                                           |
   |  -====~~mm-'`-```-mm --'-                         Jim Choate       |
   |                                                 ravage@ssz.com     |
   |                                                  512-451-7087      |