At 04:40 PM 8/7/01 -0700, Tim May wrote:
>I disagree, slightly. The same old "improvements" are still not
>implemented. Notably, pay-for-use remailers.
Let me play devil's advocate here and say I'm not sure that the existence
of PPU remailers would change much.
First, the current state of remailers may be enough for many
cypherpunks-interesting projects that do not quite reach the
national-security-threat level. Second, it's not clear that even if the
improvement existed, there would be sufficient market demand for the
service to keep the operators interested in providing continued for-fee
operation. (There's overhead involved in just setting up such a service
that the activists currently running no-charge remailers don't have.) Other
improvements such as better user interface may be necessary. Third, there
already is a cousin of a pay-per-use remailer, albeit not with the same
utility as mixmaster, in the form of ZKS' Freedom application.
You'd think that if there were sufficient market demand, someone would try
to set up such a PPU service. It hasn't happened yet. Explanations might
include market inefficiencies in the communication of user preferences to
prospective remailer ops, government regulation (spoilation alert!), lack
of reasonable payment structure.
Yet some form of PPU remailer could exist today: A remailer would find a
cookie and an encrypted-to-PPU-public-key credit card in the body of the
message it receives. It would then debit a credit card for, say, $3 and
award a credit to that cookie for $2.95 (5 cent per email message charge).
Next time another message appeared with that cookie, that same "account"
would be debited five cents. The remailer would, unless it's the entry
point in the chain, not be able to contact the "account" holder for a
recharge, so a client application should handle the balance accounting.
The honesty of the remailer could be verified and published via the usual
reputational mechanisms. Though I admit I'd be a bit hesitant to give
today's remailers my credit card number.
The usual objection to such a system would be that the feds would impose
pressure on the banking system (or credit card companies would do it
themselves) and prevent remailer ops from securing merchant accounts. That
may be true, but remailers at least today aren't seen as a serious threat.
They could get away with it for a while.
Besides, other payment mechanisms, while not quite Chaumian, would work. I
presume a similar, and perhaps less complicated, system could be crafted
using egold or paypal. Peter Wayner's already using paypal, per his post
this week, to sell lightly-protected content. There's always the option of
sending physical dollars or 7-11 money orders to open "accounts" with
remailers too.
Tim says that "interest in running remailers is waning" and says it's the
lack of a Clipper threat. I'm not sure that interest, as a factual point,
is actually waning. The remailer-ops mailing list has received 1730
messages since February. There seem to be over a dozen to a score of
well-known remailers (perhaps many more lightly-advertised ones), which I
recall is about where matters were five years ago. I do of course agree
interest in cypherpunks is due in part to a lack of a big, nasty threat.
Any political interest group picks up in activism when its enemies are in
power or actively threatening them; NOW gains members when Ashcroft is in
office; the NRA got a boost under Clinton.
I did note in May 2000 -- and was the first reporter to do so -- that the
Council of Europe treaty requires "websites and Internet providers to
collect information about their users, a rule that would potentially limit
anonymous remailers" (http://www.politechbot.com/p-01136.html). But that's
theoretical since the COE is still a far-off threat and doesn't have the
same urgency as a House committee voting to make it a felony to manufacture
or distribute unescrowed crypto (this actually happened).
Tim says "the heyday" of cypherpunks was during Clipper and Zimmermann.
True. But much has changed since then. People have gone off to start
companies; cypherpunkly ideas are no longer new; early cypherpunkish
predictions turned out not to be true, at least not yet; there are other
interesting areas such as Freenet and P2P to work on; crypto is
more-or-less mainstream and certainly corporate; people have peeled off
from cypherpunks to join other communities that don't have the same volume
of traffic; more sub-par humans seem to infest the cypherpunks list than
before; prosecutions of cypherpunks subscribers may have scared off others.
Right now the "crypto activism" equivalent is over in the DMCA camp, trying
to "Free Dmitry."
-Declan
