Encryption on Mailing lists sensless?
Garreau, Alexandre
galex-713 at galex-713.eu
Wed Nov 19 20:31:16 CET 2014
On 2014-11-19 at 18:17, Robert J. Hansen wrote:
N>> I agree with several other important points you raise, but this one is not a big
>> deal. I have a highly customized mail setup. My SpamAssassin downloads rules
>> from the internet, but trains its Bayesian filter on only the e-mail I
>> personally receive.
>
> I don't mean to sound like I'm dismissing your experience, because --
> well -- your experience shouldn't be dismissed. (Nobody's should.)
> But I do think you might be overlooking something: you already
> experience a significant benefit from the aggressive, God's-eye-view
> anti-spam efforts of Google, Yahoo!, Microsoft, and more. The things
> they do for their users have a ripple effect in making your own
> anti-spam fight a little easier.
>
> A couple of months ago Mike Hearn wrote a brilliant treatise on
> end-to-end cryptography and anti-spam technologies, with a long
> digression on how anti-spam technologies work at Google. It's worth
> every second it takes to read.
>
> https://moderncrypto.org/mail-archive/messaging/2014/000780.html
He’s mainly explaining how do you fight spam in a centralized way, and
then explain how all the centralized techiques are unusable when using
crypto. That’s normal, crypto and decentralization comes together. You
need to think according other paradigms.
It’s like when you live in society. You can either think the
autoritarian way “if I were the Great King Controlling Everything what
could I do to fix the problem?”, or the social/free way “what should I
do so that if everybody did like me the problem would get fixed?”.
So that involves way much complex maths (well, actually, *different*: in
the centralized world it’s already really complex, but the complexity
you need to decentralize is compensated by the local private data you
can access and the crypto techniques you become used to), DHTs, meshes,
crypto, symmetric communication, political thought, users education, etc.
I don’t consider that an issue. Quite the opposite: the result —and we
always end finding it— is *beautifull*. It’s like admiring the almost
perfectness of the way human body chemical biology works. It’s like
admiring a fractal. You just end with something approaching what you
observe within organic structures, something more resilient, perennial,
big, free, flexible…
Also he speaks about using bitcoin, which is not a good point bitcoin
not being really secure: you just need more computational power than the
half of the network and you can takeover it. Big government can do
it. Also bitcoin needs anyway a lot of computational power, worse, it
*encourage* it by competition. That’s really catastrophic
ecologically. And finally it suffers from the problem of globalizing
everything, contrarily to the Internet (and GNUnet) historical
architecture where everything is the most local possible (within the
Internet only IP attribution and DNS are global, within GNUnet *nothing*
is, so you could transparently divide, join and grow GNUnets without any
problem).
Yet proof-of-work can be effectively used to prevent abuse. GNUnet use
it to prevent spamming its global DHT with lot of revok’ certs it will
store for a while. It could be made on messages if we didn’t need a
certain fastness (merging all asynchronous communication means even
microblogging will have the same requirements) and we didn’t already had
concepts of mesh, WoT, bayesian filtering, F2F and cryptographic
signature.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20141119/86ddd280/attachment-0001.sig>
More information about the Gnupg-users
mailing list