On Tue, Nov 19, 2002 at 06:31:13AM -0600, Mark J Roberts wrote: > fish: > > we all know why anonymity and a distributed network is needed for that, > > right? :) > > Constantly inserting predictable keys is a great way to throw away what > little anonymity you have.
It is really tiresome to hear this kind of commentary. It is analagous to me saying: "Given sufficient resources, I can break RSA encryption". This statement is perfectly true, and like MJR's comment, perfectly useless. What would be useful is to give an indication of what resources it might take for me to break RSA encryption. By the same token, MJR - if you would like to make yourself useful, why not figure out what it would take for someone to compromize someone's anonymity, and that would actually give us a better idea of how they might take advantage of repeated insertions - and then perhaps help us to make it more difficult for them. This is called "Constructive Criticism". And while I am ranting, it isn't uncommon to hear comments analogous to: "Hey, [Security architecture X] is so powerful that even if someone had the ability to torture and extract information from anyone in the world, they wouldn't be able to decrypt your message". This is an extreme example, but it highlights the point. Clearly, if someone had the ability to extract information from anyone, they *wouldn't need* to decrypt my message, they could simply rubber-hose the information out of me. Security is like a chain, in that it is only as strong as its weakest link, and that weakest link is often not where most people focus their attention. Typically they put all of their energy into strengthening one link in the chain, which of-course becomes energy wasted (and false sense of security created) as soon as that is no-longer the weakest link. Yet another good example of this would be people who go through extraordinary lengths to encrypt their emails, where it would be relatively cheap for someone to break into their home, and tap their keyboard. The last, and definitely the one that offers the best snide response, is the biometrics sales rep who gleefully proclaims that "someone would need to cut your finger off to circumvent this security system!". The obvious response being "Why the hell would I want to give someone an incentive to cut off my finger?!". Ok, rant over. Ian. -- Ian Clarke ian@[freenetproject.org|locut.us|cematics.com] Latest Project http://cematics.com/kanzi Personal Homepage http://locut.us/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20021119/b71a15e3/attachment.pgp>
