From: Kent Crispin <kent@bywater.songbird.com>
To: cypherpunks@cyberpass.net
Message Hash: 48b3a2694b701992be3faea0145ecd2d933c65cf53fb08c0b2623f7a57aa7604
Message ID: <19971028234553.48920@bywater.songbird.com>
Reply To: <1.5.4.32.19971027124538.006add84@pop.pipeline.com>
UTC Datetime: 1997-10-29 07:53:52 UTC
Raw Date: Wed, 29 Oct 1997 15:53:52 +0800
From: Kent Crispin <kent@bywater.songbird.com>
Date: Wed, 29 Oct 1997 15:53:52 +0800
To: cypherpunks@cyberpass.net
Subject: Re: CMR versus GAK?
In-Reply-To: <1.5.4.32.19971027124538.006add84@pop.pipeline.com>
Message-ID: <19971028234553.48920@bywater.songbird.com>
MIME-Version: 1.0
Content-Type: text/plain
On Tue, Oct 28, 1997 at 10:50:14PM -0800, Bill Stewart wrote:
> At 07:03 AM 10/27/1997 -0800, Kent Crispin wrote:
> >Implicit you make the notion there is no merit. But experience is a
> >harsh mistress -- employees do steal. This is not fiction, but fact.
>
> Sure. The securities industry is especially concerned about the problem,
> since there are many combinations of people who can rip of the others;
> there's enough money floating around fast enough that anybody even
> marginally dishonest can make lots of money quickly,
> just as they can make money by arbitraging other market inefficiencies.
>
> - broker and customer conspire to rip off the house
> - broker and house conspire to rip off customer
> - broker and insider conspire to rip off insider's company
> - broker and insiders conspire to rip off outsiders
> - broker leaves for another house, taking customers
> - broker, customer, and house conspire to avoid taxes
> - broker and customer conspire to otherwise hide money
> - broker and customer conspire to transfer money to another customer
> - broker and house conspire to deceive auditors
>
> Some of these get controlled by the house to preserve its money;
> some get controlled by regulators trying to "help" consumers,
> some get controlled by the house because too many disgruntled customers
> cuts into your reputation capital. (Insider trading is especially like this.)
> For the most part, this gets handled by extensive recordkeeping and auditing,
> and the value of CAK/CMR is diluted here because it's mostly providing
> access to information that was already being provided anyway.
> You're better off using the PGP SMTP filters to _require_ encryption....
Requiring encryption is a win, of course. However, requiring
encryption increases the value of CMR, because you have more
opportunity for important records to be lost. Especially as legally
binding digital signatures become common -- you could have an actual
contract, worth large sums of money, lost forever because someone
forgot their passphrase.
My wife works for an "investment banking boutique" and my freedom to
invest is pretty tightly constrained. I have first-hand experience
with the controls involving insider trading, and I have a fair
familiarity with the business practices there. IMO you have it
exactly backward: the CMR model fits extremely well with the type of
controls I am familiar with. Indeed it is true that there is
extensive record-keeping and auditing -- highly secure record-keeping;
secured conference rooms, careful procedures controlling who has what
information, etc. CMR would fit right in as a valued addition, not a
useless redundancy.
--
Kent Crispin "No reason to get excited",
kent@songbird.com the thief he kindly spoke...
PGP fingerprint: B1 8B 72 ED 55 21 5E 44 61 F4 58 0F 72 10 65 55
http://songbird.com/kent/pgp_key.html
Return to October 1997
Return to “Kent Crispin <kent@bywater.songbird.com>”