Cover of Darkness - What will happen when everyone is anonymous?

Cover of Darkness - What will happen when everyone is anonymous?

Summary:

When assessing big-picture trends such as these, it’s not always helpful to think in terms of one mass aggregate score. Nevertheless, I think that the overall influence of online anonymity will remain a positive one for individual and social liberty. Anonymous trolls are a nuisance, but you can’t start outing them without also revealing the human rights activist or undercover journalist. That’s the kicker: anonymity is often valuable and important at different times and in different places, which is reason enough to defend it. Because once it’s gone, it’s usually gone for good. As a general rule of thumb, once governments have powers to monitor citizens, they rarely surrender them. Perhaps anonymity in the future will be even more important than it is now.

Online secrecy is not an absolute right, of course; it is, on occasion, in the interests of general liberty that some people are spied upon. But a prima facie right to act unseen is something worth defending. Oscar Wilde once wrote that if you give a man a mask, he’ll tell you the truth. True, but he’s more likely to be mean and nasty while he’s at it. We just have to live with that.

Twister is part of a trend toward a decentralization of the net. Another is called ‘MaidSafe’, which is a UK start-up that aims to redesign the internet infrastructure towards a peer-to-peer communications network, without centralized servers. Its developers are building a network made up of contributing computers, with each one giving up a bit of its unused hard drive. You access the network, and the network accesses the computers. It’s all encrypted and bits of data are stored all across the network, which makes hacking or spying far harder.

The internet pioneer Brewster Kahle has a dream – universal access to all knowledge – and it’s in reach

Nick Lambert, the chief operating officer for MaidSafe, explained the vision to me. When you open a browser and surf the web, it might feel like a seamless process, but there are all manner of rules and processes that clutter up the system: domain name servers, company servers, routing protocols, security protocols and so on. As Lambert explains, that centralisation results in powerful groups – whether governments, big tech companies, or invisible US-based regulators – exercising control over what happens on the net. That’s bad for security, and bad for privacy.

I think absolute privacy has to be the aim. Any lower aim wont yield a trust worthy system. Pushing transparency to the limit can cut down on the state spying and on state actions that enrage people to the point of doing desperate things.

Warren there is no such thing as absolute privacy. There is access control policies, and levels of privacy but it’s not absolute. If it’s absolute then only you can know about it (such as your private key). How many people actually can protect even their passwords?

In a world where everyone is anonymous only reputation can protect you from everyone. Reputation is going to become much more important so being anonymous means no reputation, no trust, and anonymous entities might be discriminated against, seen as “terrorists” and pre-emptively targeted.

My own opinion is before we build the technologies for anonymity we should build the technologies to allow for pseudo-anonymous order. This means decentralized reputation and decentralized identity. I don’t see any point for anonymity if you cannot develop a reputation. Also I don’t see absolute anonymity as being valuable but pseudo-anonymity is valuable.

Absolute anonymity means there is no individual. Everyone is a faceless number with no reputation. I’m not sure anyone really wants that. On the other hand we do want privacy and decentralization but we want it only when it increases security.

To have it work in your favor where your security improves you need an ability to in my opinion to have access control over your personal identifiable information rather than complete secrecy. That means you should be able to always control who can access what about you and under what conditions, which means programmable privacy (access control) instead of complete secrecy.

Programmable privacy means you can be trusted, have privacy (without secrecy), control who can access what (which isn’t the same as saying no one can access it). So ultimately you want to give the user/participant the maximum control over their data.

Networks which provide secrecy without giving the user/participants control are actually putting the user/participants in danger. It’s the same kind of danger that a user/participant faces when given a private key to their life savings with instructions to keep it a secret or else when no one really wants that responsibility.

On the other hand if you divide the key up into an M of N scenario then you can let the user/participant choose to keep one authorization vote, and then maybe 4 or 5 other people also have an authorization vote. It is only when you divide the responsibility up and distribute the responsibility that each person can manage the information security.

Conclusions below:

A group of peers who control keys spreads the risk. A single individual who controls one key concentrates the risk onto an individual who can be targeted and cheaply. Access control should be multi-sig or a “shared secret” among a group of anonymous peers or trusted pseudo-anonymous peers. It’s a really bad idea to promote for individuals “secrecy” or “total anonymity” because it’s very unlikely any individual can handle the responsibility indefinitely and a majority will irresponsibly hurt themselves.

Facebook’s model is terrible because users aren’t in complete control of their data. Users do not have control over who can access their data and the terms of service are in unreadable legalese.

The opposite model is to give the users/participants absolute control over their data. To the point where the user can decide who is responsible for which kinds of data. If the user takes full responsibility for their data then it’s actually less secure than if responsibility is distributed.

This is why just giving a user a “password to their life” is irresponsible most of the time. On the other hand you give them a key, and then tell them to divide the key among a group of people, where they can all vote to authorize or not, that is the most secure you can do it.

If the user forgets their password then some third party can still get them access.

We aren’t that far apart on this. I agee with all of the aims, the general reasoning and potentially all of the means. A change in the use of language that I’d like to see is secrecy coming to be equated primarily with organizations and to take on a completely negative connotation. I still want a place for unnumbered total anonymity as I still feel states and corporations should be made completely transparent as soon as possible. As you know I propose that good search and activism be coupled to sift the noise the anonymity will yield. I strongly feel that somethings that need to be said will never be said without this tech and the broad quick uncensored desemination it makes possible. I understand it could lead to riots and violence as people get used to it- that it might even wipe us out. I get that all of people’s private data could be dumped. I understand that the global financial keys could be published. But look at Scott Walker and the GOP. They think ordinary people will elect this guy based on his record of screwing ordinary people over. And just like Romney he is running on trying to start WW3. Drafted to protect the GOP? Real transparency is how we get rid of this kind of stupidity pemanently.

So for me there is a place for systems like Slur on SAFE, it the potential I am most excited about. But in the end I think our minds are connected we already know everything about each other, but we run on denial here.

What if something like Slur is turned against ordinary people? What if elite individuals use information as a weapon to keep control and authority?

I don’t understand why you would think the activists would somehow have control over the media when activists already don’t control the media. So now with Slur anyone’s reputation can be ruined overnight no matter what side they are in politically.

Information warfare is something the paramilitaries and governments of the world have mastered. Civilians will likely be a victim of this kind of warfare and have no way to deal with it socially or psychologically.

There might be something that civilians can do but once again civilians haven’t been trained. Those institutions you talk about have private armies of trained individuals who have spent decades using information warfare tactics.

And it’s a similar deal with encryption. Amateurs might play with encryption but they won’t know how to protect their private keys properly. In fact I would say even experts can’t protect their private keys because in most cases it’s more expensive and difficult to protect the private key than it’s reasonably worth.

The only way to make it something everyone can use is to delegate the responsibility. A group can protect a secret key better than an individual. It would be not feasible to hack an entire group of dispersed people but it’s very feasible to target a local individual.

Warren

You don’t think corrupt agents will take full advantage of the “Cover of Darkness” and technologies like Slur?

What would stop them from blackmailing everyone anonymously, secretly, under the cover of darkness? Or what would stop them from doing what those two guys did, steal everyone’s money, and then put it into their pockets? At this point we don’t know what happened to the MtGox money and for all we know some agents could have pocketed it.

If the money is completely anonymous then it doesn’t actually exist as your property. It’s simply a private key which is protected by some password which they could confiscate as part of their job.

It’s this sort of corruption which is exactly why you cannot expect people to be responsible with these technologies.

From a practical point of view, starting with privacy and encryption as a foundation makes it easy for users to choose what information they want to make public. It’s difficult to do the opposite as is the case today on the Internet to start with a public unencrypted network and try to add privacy and encryption as ad hoc layers on top. So the SAFE network removes that messy need for struggling with making information protected. From a political and law enforcement perspective it becomes trickier but hopefully it will be like someone said about the early days of the World Wide Web, how people predicted that it would foster huge criminal activities spreading out of control. We know today that the benefits of the Web far outweighs the danger of criminal use. The same will probably (or at least hopefully) be the case with the SAFE network.

Absolute anonymity (which you do not favor).
If you’re anonymous, or can be when you so choose (24x7, or maybe most of the day), there’s nothing to blackmail you with (in fact they may not even have a way to contact you online).
As Warren said, there’s nothing to collect on you if you are anonymous.
So there is a lot of value in absolute anonymity.

And if you don’t care to be identifiable you can use disposable anonymous “identities”.

@luckybit, like you pointed out: groups. And we out number them. This is not the cover of darkness, that is what we’ve had. This is a new enlightenment that will rid us of dirty hand actors, and solve the now fake and manufactured “economic problem.”

So if an anonymous federal agent tells you to pay up or you’re going to be charged and convicted of lots of crimes what do you do? Or what if the federal agent simply illegally searches you and confiscates your private key?

How are you supposed to protect your private key? Being anonymous can help people in authority even more because they’ve got power in the legitimate world combined with anonymity to abuse it. The IRS is what stopped those two guys not “anonymity”.

@luckybit, Sorry to be dense, but I just don’t get it. Power has anonymity now. Try auditing the IRS. With anonymity and instant ubiquitous distribution of large data sets, search to filter the noise and a community of open source ethic type specialists that review and analyze we can audit power.

The idea that power has power and will be more powerful with anonymity doesn’t compute for me. The state is so bad with this stuff. First, you can’t know about it, you just have to trust them even given their horrid record. If you do know about it you are going to do time and pay a fine. Finally, you can’t even talk about what you know or its inadmissible, even if you need to do so for self defense, not without more time and a greater fine or worse. Sorry, but those abilities need to be taken from every state and corporation in the world and that is what this new tech can do. Say some state entity wants blood and decides to disappear someone without a paper trail which is what a recent NDAA rider in the US was attempting to authorize for the branches of the military to do with regard to US citizens in the US. Now the Colonel behind such an action ends up with a verified video tape of the action and his name and address and the names and address of all the other people involved showing exactly what they did and where they took the person and why they did it, what they were retaliating against or setting an example about. That is the power of transparency it’s quite powerful in its power to dissuade because when they transgress they get tried by the power of the mob in the court of public opinion.

We want the situation where any still existing state fears us not the other way. The other way is a ever hotter hell.

Obviously I’d deny.
But if they knew who you are they’d inform you about it when they were about to press charges.
If they don’t know, then it’s “vs. Doe”, isn’t it?

I don’t think you understand. Government agents specifically are not anonymous and are checked by other government agencies.

Suppose government agents start breaking the law? How do you deal with that? You require transparency not anonymity. Something like Slur could end up helping corrupt government agents, corrupt cops, and others but how does that help you? You’re not doing anything illegal, and you don’t have any authority, so how does it benefit you?

Consider that government agents probably know everything about anyone they want and can be corrupt. Wouldn’t Slur allow them to make a profit from that corruption?

I don’t see how it benefits liberty to help corrupt officials. Looks like you’ll have to pay the bribe like they do in some other countries which have the level of corruption which can come with anonymous cash.

I think you can defend against this but it would require empowering the IRS to track and detect certain things. Otherwise assume every public official is corrupt once anonymous cash is ubiquitous.

Oh I see. But remember under Bush the intelligence agencies were consolidated because they didn’t want them checking each other, they wanted centralization to help with their dirty hand stuff.

But to answer your question… after 911 there were 50000 gag orders issued most (if memory serves on the claim) against Federal Employees. If they had had a way to dump the data anonymously through Slur.io on SAFE without fear of retribution we could have taken the Bush Admin apart and got what we didn’t get with the Nixon impeachment. I wonder if at the time of the Nixon impeachment if the US people knew that Nixon had deliberately prolonged the Vietnam war by asking them to hold out for a better peace deal through the election Iran Contra style and then re-nigging on peace, I wonder if Ford would have been able to pardon him.

I also tend to think anonymous cash is more of a pipe dream than people think. For instance when electrons are traversing a transatlantic cable there is a bit of a black box and still to day that’s followed up by a shell game on both ends. Making harder to track a transaction through the black box cable, or impossible may improve the shell game on both ends a bit but there is still that shell game and still the ability to use anonymity for anyone with knowledge to provide evidence against those running the games and even provide keys.

Cyber cash is certainly part of the SAFE Network

Anonymous value transfer networks have always existed which is why authority is always corruptible. Cybercash or anonymous digital cash could make the corruption problem much worse not because it’s something which couldn’t have been done before but because of the ease of use.

Hawala allowed anonymous value transfer for example. And also it is well known that intelligence agencies conduct espionage by bribing and corrupting people in positions of authority which is exactly why you don’t want to trust authority in the first place.

Example of the sort of corruption: