Domain: rubin.ch
Stories and comments across the archive that link to rubin.ch.
Comments · 7
-
Re:Sorry, Slashdot doesn't understand APIs.
No, sorry, there is no such thing as a trust network.
No, sorry, there is, even if the technical term is slightly different.
http://en.wikipedia.org/wiki/Web_of_trust
http://www.rubin.ch/pgp/weboftrust.en.html
http://en.wikipedia.org/wiki/Friend-to-friend -
distributed search engine
Seems like what we really need is a distributed search engine (a la bittorrent) with a PGP Web of Trust thingy added in. First of all, I want to do searches, you want to do searches, we all want to do searches. So why not use our machines cooperatively to search the web? But why should I trust any of the links you find for me? (you could be a commercial spammer after all) Well, that's where the web of trust comes in. I might not know you, but I might know someone who knows someone, who knows someone who can vouch for your trustworthiness. Why would anyone cooperate? Well if you're tired of the same old crap, maybe you wouldn't. And if you wanted your stuff to be found, you'd have great incentive to cooperate. We'd just need to build something into the protocol to ensure reciprocity. Ta, da. Surely, that would be an interesting project for someone to start hacking on.
-
PGP Web of Trust
The answer the problem of trusting articles could be solved very nicely by implementing a PGP-like Web of Trust idea. For example, if you came across an article that you found especially good, you could be given the option to digitally sign it. Then anyone who trusted you would have confidence that the article is sound. Or maybe they don't know you, but they trust someone who trusts you. And so on. Then you come across an article which stinks to high heaven. So you put the author on the untrusted list. And now the system would block you from seeing contributions from this user. And everyone who trusted you would end up censoring this user to some extent. In the end, everyone could end up with their own personal, customized fork of wikipedia.
-
Re:Unfortunately, posting to /. can generate spam.
Moral: spammers hoover slashdot, so don't post your email here, ever.
Screw that. I refuse to hide or obfuscate my email address. I've been using the Internet for 15 years. I remember the time when the Internet was mostly spam-free, and people rarely forged email addresses even though everyone knew how to.
My real email address is deven@ties.org -- this is my primary personal email address, not a spam-trap address. I know that the spammers are harvesting address from Slashdot and everywhere else. I don't care. Let them have the address. I've never hidden it, and I never will. I'm stubborn that way. (It's akin to refusing to change your lifestyle in response to terrorism, even when you know you're at risk...)
Of course, since I don't hide my email address, I get tons of spam, along with "Joe job" bounces/replies for spams forged in my name, plus more bounces copied to postmaster, since I receive postmaster mail for several domains. Bring it on! It just provides me with a larger corpus of bogus email to use for Bayesian filtering, or whatever other technique I may experiment with...
I firmly believe that a technical solution will be required to solve the spam problem. Legislation won't prevent the virtually-untraceable international spams, and may not even prevent local ones if it's not zealously enforced. Social controls haven't been effective. We need to prevent the spam from being delivered in the first place, or at least mark it as suspicious so legitimate mail doesn't drown in the noise so easily.
Beyond basic filtering like SpamAssassin and Bayesian filtering, there are other technical solutions worth exploring. Human validation techniques like TMDA might help. Finding a way to punish spammers and drive up their costs, such as E-Stamps or selling interrupt rights (original paper: HTML or PDF), might be effective. (But likely a higher barrier to legitimate mail.) Some sort of PGP-style Web of Trust might be very effective if done well, but it would be difficult to build. Perhaps some "soundness" principles could be borrowed from Usenet II to create a similar system for email...
Let's cross our fingers and hope to find a truly effective solution (or combination of solutions) in the near future! -
Re:Rating System
I agree. It seems pretty flawed. I'm sure the theory is the number of users rating it will overcome the RIAA's attempt to mark it bad. But, what if the RIAA is the first one to mark it bad? And what if they register 1000s of accounts? It seems to me the answer to this file trust problem is to assign a modified web of trust to people using PGP/GPG keys. Maybe someone will implement it in giFT...
Ian -
sig2dot, the GPG signature relationship grapher...is cooler.
Ever wondered what a plot of a portion of the PGP web of trust would look like? Here it is.
sig2dot generates plotting data from the signatures in your GPG keyring; this data can be rendered by springgraph or graphvis. Many pretty sample plots on the page.
-
Re:...wanna tell us something we DON'T know, Kurt?
black is white. stop is go. SSH's handling of the situation is most certainly not more secure than a central signing authority.
You are right - it is a matter of opinion. I based my statement on the fact that any system that involves Alice, Bob and Trent automatically has one more place to attack than a system just involving Alice and Bob. Hence, because SSH does not support the model involving Trent (or more to the point, Trent is the system administrator or user), if Trent's real name turns out to be Mallory it's less of a problem. (Alice and Bob are the two people trying to communicate, Trent is a trusted arbitrator, and Mallory is a malicious user)
On the other hand, if Alice and Bob don't know how to ensure that their communications aren't being snooped (ie, they don't know to pick up the phone and verbally check, or swap keys, or securely exchange SSH keys), and the system they are using doesn't present suitable warnings and instructions, then yes - the certificate authority is more secure. But IMHO this is a flawed "bullshit security" model that happens to be what Certificate Authoritys' business models are based on.
For anyone who hasn't taken the time to read the article yet, or ever learn basic security stuff, let me boil it down: In every single system known to man or mathematics, to identify an entity X, you must trust something to say "method Y is an accurate method to identify X".
Don't be so hostile. How do you know I'm not an encryption expert?
The point I was making was that it's better to get those identification methods straight from the horse's mouth than trust some agency that might be corrupt. And I explained why there are financial incentives for them to be selectively corrupt; the "purchase-key" attack.
IMO, the only way that works is the web of trust model, designed for PGP, but the concepts apply equally to SSH keys or anything else really.
Why do you think Carl Ellison and Bruce Schneier warn of the risks of PKI?
To me, the CA's are selling people the right to cast aside the problem of teaching and learning secure key exchange, whilst reaping in the profits. They are capitalising on "the path of least resistance" - either learn some basic security concepts, and go to great lengths to ensure your keys are exchanged properly or pay them $5 a year for their "snake oil" certificates of security that cost them next to nothing to produce.