excuse me, navigation patents from this century should not have been awarded.
Philips NatLab was doing that stuff in the nineties (possibly earlier). (Yes that predates GPS, they used other means to figure out where they are.) The CARIN systems were sold to the mass-market by Philips a decade ago. Philips's navigation devision became independent as VDO Dayton, later sold to Siemens who last year or the year before that sold that devision to TomTom.
So TomTom should be sitting on the patents that:
a) show prior art b) can go after Microsot for themselves.
My carreer started in Operating System Research, this was circa 1993. Even in those days there were many people addressing the shared memory issue and coming up with good ways to share memory and address the context switch issue. However this took some overhead and did not make it to the mainstream because of that.
Today the CPUs are much faster and even sacrificing 10%-20% of CPU power is not considered too much if it results in a system that is (more) stable and easier to maintain. e.g. a device driver can no longer bring down the entire system and a spyware program can no longer sniff all keys pressed...
I must admit to have lost contact with that field of research but even the old results are promising, with today's CPU speeds.
And this is a MAJOR security issue! Allowing a PC to open outside ports to itself is the perfect vehicle for creating a backdoor into the system. I always turn UPnP off for that reason.
It may be possible to make something that is both incredibly easy to use and secure but this is definitely not it.
This is to be an open system and probably end up to be quite large. I will not create all nodes. As the system grows it will aquire nodes from different sources. Each source will choose their own OS and language.
The RPC mechanism should be independent on the platform, which for me includes the language. So the object description should come with the mechanism and map to the language. Maybe I should have stated this explicitly.
I need the mechanism to communicate between nodes in a distributed telecommunications-type application. I opted for looking at one RPC mechanism rather than invent a slew of new protocols.
It requires the ORIGINATOR to qualify the type of mail. Right, for SPAM we know the originator is untrustworthy. This is an obvious hole in the system. Because of this, any system of this type is bound to fail.
Storing the email on the server side as suggested by Internet Mail 2000. Is even worse. So I will have to indicate to the sender WHEN I am readying their mail and from WHERE (which IP address)? You have got to be kidding!
This may be true for a number of webshops. However look on Amazon.com or Outpost.com, any of the big ones. They will take my foreign credit card, they will ship everywhere, but not EVERYTHING. A fair number of products listed are NOT for shipment outside the US.
Why? I can only guess, its is not export restrictions s the products are available in the shops here as well, but they are much more expensive and not widely available. Maybe the manufactuer of the stuff will not let them because they price it differnetly elsewhere?
Another thing is for instance Dell. True they have a Dutch site. But as the original poster remarked, with a different offering from the US one!. For instance only a few months after me buying my Lattitude 4150 with Dell NL, that configuration was no longer available in Europe, it was in the US.
So notice that while a traditional channel is 64 or 56 kb/s depending if you are in Europe or in the US (yes, US folks, you are literally robbed of a bit per byte, its called rob-bit signalling but I digress) a VoIP call takes 90kb/s so 50% more, thanks due to the codec over RTP over UDP over IP over......
So this is NOT done to save bandwidth, it is done do save management costs.
Although the article is a little over the top it adddress an interesting notion that has become ever more apparent.
The Internet for a very short while was a place outside the rules where anyone could do anything. This freedom was (and is) abused and the companies stepped to protect their interests, on their terms. By claiming that the Internet is beyond rules the Internet community have created a place where the powerfull lobbygroups can have their sway and impose through the US government their control over the rest of the world.
Because the way the Internet is structured you either have total anarchy or a police state we are moving from one to the other at the speed of sound. The crash is resounding and is worrying.
The previous poster makes the common (cultural) misunderstanding about the way laws work around the world. In Europe laws are nearly always a compromise of multiple interests (both commercial and public, majorities as well as minorities) and codify the result of much much to-and-fro-ing, usually striking a fair balance. If you are used to that kind of laws imposing them on the Internet seems not so bad because they protect the public's interest as well as the commercial one.
If it means taking the de-facto control away from one country and giving it to the world in general, providing a place where, my rights are protected and I do not need to live in a police state dominated by big-business, this seems quite OK to me.
the Netherlands and I have not seen them in germany nor belgium nor france. But if they are coming this way it may be interesting to just wait until they reach the lowlands.
BTW: any chance of hacking a UK one to work without the subscription?
I'd like to use a TiVO yet, building your own PVR is a necessity if you live outside the USA. No convenient on-line TV listings and your TV eats PAL not NTSC.
Indeed Linux on the desktop is dead!
Indeed the desktop is dead!
Indeed Linux is not dead! (and neither is Windows!)
So enough exclamation marks. All statements above are beside the point.
What users need is an appliance that simply works. Even power-users need things that Just-Work. What would such an appliance do? Well, reading email, browsing the web, typing documents, listening to music, burning CDs etc. Hmm, kinda like what they do with PCs today. But why have it look like a computer that users have to administer?
By claiming that Linux should conquer the desktop and wring it from evil-Bill, hordes of good people are missing the point. Don't try and re-do something that Windows has a light-year head start on, not to mention an embedded-base you can not match in 5-years.
This problem needs to be approached differently. Someone with both Vision and Money may re-invent the computer as an appliance, identify what it needs to do, how it should interact with it's users (is it a single-user or a multi-user system, point and click, keyoard and/or speech input etc.), identify a hardware platform (possibly a cheap PC), and then start looking to aquire a code base for its software.
At this point Linux and other OSS comes into the picture, for all the obvious reasons. Now the Visionary needs his/her Money. Since a lot of work needs to be done to combine the components to get the workable whole, and then to support it. Some distros are trying to do this but I have not seen one that has gone all the way.
The business model for such a company would be different from that of distro-vendors. This company would maintain the appliance it sells and get paid by the user to keep the appliance functions working and to add new functions if the user so desires.
Please note that this machine would have a radically different look-and-feel from the traditional windows and linux systems. The users don't even see the file system, the users don't administer the machine, the users use their precious time benefitting from the appliance.
Is this a dream? Yes.
Is it impossible to make this dream come true? No, it just takes vision and dedication, just re-invent the desktop.
I happened to install Redmondlinux (old iso:-) last night. Indeed the install was nice. The look and feel is OK. Great integration.
However, I am increasingly getting the idea that trying to do a me-too of Windows for the desktop is missing the point. Windows has already created its market segment and is abandonning it with.NET. Why do a me-too? As others have pointed out, people are not going to abandon their legacy files. So why ask people to use a different environment to do the same thing as they did in the past. Consider the migration costs and the little benefit. So trying to duplicate Windows on Linux just for the sake of it is barking up the wrong tree!
What would be useful is to pitch an environment where people can use their old files with little effort but get something above Windows.
The obvious choice there is security. As many IT managers are trying to address the Windows/Outlook/Word/... virus problem at the Firewall they will find out in a couple of years that there is no point in trying to do that. First, you will not stop them all. Second, in thinking you can address the issues at the gate makes you lax in addressing them elsewhere.
The best place to stop virusses is to make the workstation platform stop them, or in fact not propagate them. That is where a Linux-based distro could add value. Create an environment where users only run apps in a sandbox that prevents apps to do uncontrolled things like wipe the user's files, send virusses, send personal info to untrustworthy@offshore.spy.
The openness of Linux and other open software makes this task possible where it is impossible with closed Micro$oft apps.
Excuse me. There are still 14 companies that provide the majority of services on the Internet. I thought there were less.
If you look in the physical world.
How many food chains are there. Many brands yes, but most of them fall under the same parent.
How many truly different movie studios?
How many truly independent car-brands?
Concentration of power is an inherent aspect of the commercial world we live in. That's life.
Now why is this suddenly a revelation for the Internet? Could it have to do with the perception that on the Interent everyone is supposed to be more equal than they are in real life? That access barriers to the net are suppsed to be low or non-exisent (assuming you have the money to afford a phone line, PC, ISP & Telco charges)?
Realisticly these Internet ideals do not align with the reality of a commercial & capitalistic world. In our capitalist meat-space we are all equal...
...until we take material possesion and bank accounts into account.
This seems to be the way the world works. Face it!
And if the legal system is f*cked up to favour the establisment and those with money, there is little leeway you can expect there.
Please note: I would not like to pass judgement on the capitalist system or make any statements about alternatives. Just trying to describe the status quo.
Re:Wireless is definately the way forward.
on
On The State of Wireless
·
· Score: 4, Interesting
Nicolas Negroponte does make some valid points. 3G is not much of an improvement over what we have with 2G or can have with 2.5G (especially here in Europe with much coverage and no shortage of bandwidth like they have in Japan). Looking at the costs of 3G, licences, equipment and handhelds, one can quickly calculate that this wireless branch is going nowhere. It means that everyone who has invested in 3G technology has to write off the costs, have a good cry and start again.
Having said that. Not all is lost. As mentioned before on/., WiFi seems to be going places and nicely filling the gap between a low-bandwidth voice and short message service and wireless broadband.
On encryption however the comment is way off the mark. The between choice encryption or not does not equate wether or not there is legal intercept! The authorities need a place to get the bytes that you communicate. That place does not need to be the air-interface, in fact it is better to pick it off a router in the service provider's network. You and your wireless provider can agree on an encryption scheme that will keep your bits from being snooped by anyone with an antenna and too much spare time. (OK, well not your and your SP per-se but first the parties in the standards fora agree and that will enable a contract on privacy between you and your SP.) In fact as customers get more tech-savvy they will demand that the contract with their service provider will make statements about privacy of their data. It is then up to the service provider to keep their data safe (except from cops with warrants) even from their own employees.
Before this post gets downgraded to -infinity, think for 2 seconds (or 2 minutes if you are just waking up). This is not a technical problem, good security technology is readily available. It is a legal and commercial problem!
Some problems can not be solved just by looking at the technology, if you look at the legal and commercial framework in which services are deployed you find that you can solve some issues there as well.
How difficult would it be to convince a court that you were damaged because your service provider did not safeguard your data and somebody used it against you to harm you financially or your standing in the community...
OK, on the first case the service provider with try and claim that the technology is not available to secure this. BS On the second they will claim that the government has ordered them to leave this non-secure. Hmm, in some countries they have a point. The governments around the world are feeling the pressure from citizens organisations demanding more privacy.
So the government will listen if one can demonstrate that they can get what they want (legal intercept) and the citizens can also get what they want (privacy).
As a matter of fact I am. Not yet coding but doing the design for this. It is rather complex if you want to embed authentication services in a larger whole of multi-service commercial offerings. (answering the question why would a registrar offer this service, because he can make a buck out of it.)
I'll start coding when my daytime job evaporates. (could be any day now...)
This is where the net will be won and lost -- not with another new language/platform, but with the people who hold the keys.
And think before they code, I hope.
Why are people so fixated on development tools, when hailstorm is the real problem?
Because very few people look at the strategic issues here. The companies that should be scared shitless about this are the telcos and their vendors. Micro$oft is robbing them both from their future livelyhood in one go. But those who should take an interest are busy trying survive.
As amatter of fact it isn't. PKI is hierarchical and does not scale.
The way I see it one needs peer-to-peer trust relationships of independent registrars to make this work. That is the only way to ensure the freedom of choice for the users and the incentive for registrars to offer their services.
Achieving these requirements should not be difficult, technically.
However setting up an infrastructure like this poses some problems; how to get the right level of trust and how to get the thing to interwork?
On trust; Any on-line recipient of passport-like authorisation/information must trust the issuer.
I would like to have a competitor to PASSPORT because I do not trust microsoft. Not to keep my information accurate nor correct nor private.
How to create the trust then?
you need a (bunch of) company(s) that you trust to maintain your profile and create the necessary level of trust between registrar and user.
What organisations would be interested in setting up registries? (ISPs & telcos spring to mind)
How does a company validate material from a different registry? So how do you get the trust between registrar and etailer(you need some clearing house)
This puts the whole thing in a rather complicated organisational light.
On interworking; having multiple registrars who will all want to differentiate themselves from their competitors means that you will see no end of proprietary extentions. You need a good technical and contractual framework to handle this.
Is this solvable? yes, I think so (I'll be happy to help).
Over the last years I have given precisely this issue quite some thought. Initially I did not like the answer.
IP addresses allow remote servers and third parties to invade your privacy by linking your actions to that address. Even if you get a different address regularly it still is a way of linking actions within a certain timespan (typically a dailup session or a dhcp timeout). Also handing out your address to everyone makes you a target for hacking and DoS.
So trying to allow the user to control wether this privacy sensitive informartion is given away or obscured is a good thing.
However if you start looking at how you implement this you run into a number of interesting issues.
we are talking about some form of address translation here.
For certain applications this requires application-level awareness of the translation here. Please note that I am not calling it NAT, you simply rewrite the from address not alter anything in the packet. (Oh yeah, all of this breaks IP sec... So you need a seceure tunneling protocol to get to the translator.)
You will need an organisation that will provide this for you. This could be your ISP, it could be someone else.
At any rate you need to have a contract with those guys stating that they will keep the mapping between your real IP address and your apparent address very private and change it regularly, sometimes even for each packet you send out. (oops, you'd have to be able to select this behaviour per application, it breaks some of of the applications we have now that assume you stay on the same address during a session...)
Yet the authoraties will soon catch up and governments will demand that this information will be made available for legal interception purposes. In some countries the government is already prepared for this because they stated that every telecommunication service shall be interceptable. This is not necessarily a bad thing. It is just something to keep in mind, you are not anonymous to everyone.
In order to make yourself not immediately a suspect to legal investigation just by using it once. you'd have to use nymity all the time . It is a common misconception that only crooks require privacy. Everyone has the need for privacy! Wether it is about your bank transactions, religion, illnesses all people have things they'd like others not to know (or at least control to whom they communicate it).
If we would introduce nymity boxes we seem to have lost the transparency of the Internet. I'd not like to see this as unraveling of the Internet. I'd like to see this as a different kind of IP deployment. You could tunnel this over the Internet or have a new kind of network for it.
Is this necessarily a bad thing? No! As long as the applications remain transparent this can work. Yet it requires some thought.
While you are breaking the Internet-model anyway you may just as well go all the way and include:
QoS, the kind where you can reserve a path end-to-end (this implies authentication and billing per second)
access control, so your wireless 3rd generation terminal does not suffer a DoS attack because someone burns up the bandwidth on its wireless link or your mobile phone gets hacked so someone can access your bank-account.
I know, this sounds like heresey at first, but after a while I could see the appeal of a world in which you can have privacy, QoS and access control . Especially if this not replaces the Internet but offers you more choice.
Now let's see when Scott Bradner is going to have a BoF session on this.
Slashdot Mirror
excuse me, navigation patents from this century should not have been awarded.
Philips NatLab was doing that stuff in the nineties (possibly earlier). (Yes that predates GPS, they used other means to figure out where they are.) The CARIN systems were sold to the mass-market by Philips a decade ago. Philips's navigation devision became independent as VDO Dayton, later sold to Siemens who last year or the year before that sold that devision to TomTom.
So TomTom should be sitting on the patents that:
a) show prior art
b) can go after Microsot for themselves.
So we are left with the attack on Linux and FAT.
around 7.30 CET DST the ssh server keys were regenerated on our Ubuntu 7.10 boxes, which we noticed because the ssh client complained.
While it is good that this has increased security our first reaction was to wonder if we had been hacked.
One wonders, is there a good way to recover from a security gaff like this?
My carreer started in Operating System Research, this was circa 1993. Even in those days there were many people addressing the shared memory issue and coming up with good ways to share memory and address the context switch issue. However this took some overhead and did not make it to the mainstream because of that.
Today the CPUs are much faster and even sacrificing 10%-20% of CPU power is not considered too much if it results in a system that is (more) stable and easier to maintain. e.g. a device driver can no longer bring down the entire system and a spyware program can no longer sniff all keys pressed...
I must admit to have lost contact with that field of research but even the old results are promising, with today's CPU speeds.
And this is a MAJOR security issue! Allowing a PC to open outside ports to itself is the perfect vehicle for creating a backdoor into the system. I always turn UPnP off for that reason.
It may be possible to make something that is both incredibly easy to use and secure but this is definitely not it.
This is to be an open system and probably end up to be quite large. I will not create all nodes. As the system grows it will aquire nodes from different sources. Each source will choose their own OS and language.
I need the mechanism to communicate between nodes in a distributed telecommunications-type application. I opted for looking at one RPC mechanism rather than invent a slew of new protocols.
Storing the email on the server side as suggested by Internet Mail 2000. Is even worse. So I will have to indicate to the sender WHEN I am readying their mail and from WHERE (which IP address)? You have got to be kidding!
Why? I can only guess, its is not export restrictions s the products are available in the shops here as well, but they are much more expensive and not widely available. Maybe the manufactuer of the stuff will not let them because they price it differnetly elsewhere?
Another thing is for instance Dell. True they have a Dutch site. But as the original poster remarked, with a different offering from the US one!. For instance only a few months after me buying my Lattitude 4150 with Dell NL, that configuration was no longer available in Europe, it was in the US.
Now explain that to me.
So this is NOT done to save bandwidth, it is done do save management costs.
Although the article is a little over the top it adddress an interesting notion that has become ever more apparent.
The Internet for a very short while was a place outside the rules where anyone could do anything. This freedom was (and is) abused and the companies stepped to protect their interests, on their terms. By claiming that the Internet is beyond rules the Internet community have created a place where the powerfull lobbygroups can have their sway and impose through the US government their control over the rest of the world.
Because the way the Internet is structured you either have total anarchy or a police state we are moving from one to the other at the speed of sound. The crash is resounding and is worrying.
The previous poster makes the common (cultural) misunderstanding about the way laws work around the world. In Europe laws are nearly always a compromise of multiple interests (both commercial and public, majorities as well as minorities) and codify the result of much much to-and-fro-ing, usually striking a fair balance. If you are used to that kind of laws imposing them on the Internet seems not so bad because they protect the public's interest as well as the commercial one.
If it means taking the de-facto control away from one country and giving it to the world in general, providing a place where, my rights are protected and I do not need to live in a police state dominated by big-business, this seems quite OK to me.
BTW: any chance of hacking a UK one to work without the subscription?
I'd like to use a TiVO yet, building your own PVR is a necessity if you live outside the USA. No convenient on-line TV listings and your TV eats PAL not NTSC.
So enough exclamation marks. All statements above are beside the point.
What users need is an appliance that simply works. Even power-users need things that Just-Work. What would such an appliance do? Well, reading email, browsing the web, typing documents, listening to music, burning CDs etc. Hmm, kinda like what they do with PCs today. But why have it look like a computer that users have to administer?
By claiming that Linux should conquer the desktop and wring it from evil-Bill, hordes of good people are missing the point. Don't try and re-do something that Windows has a light-year head start on, not to mention an embedded-base you can not match in 5-years.
This problem needs to be approached differently. Someone with both Vision and Money may re-invent the computer as an appliance, identify what it needs to do, how it should interact with it's users (is it a single-user or a multi-user system, point and click, keyoard and/or speech input etc.), identify a hardware platform (possibly a cheap PC), and then start looking to aquire a code base for its software.
At this point Linux and other OSS comes into the picture, for all the obvious reasons. Now the Visionary needs his/her Money. Since a lot of work needs to be done to combine the components to get the workable whole, and then to support it. Some distros are trying to do this but I have not seen one that has gone all the way.
The business model for such a company would be different from that of distro-vendors. This company would maintain the appliance it sells and get paid by the user to keep the appliance functions working and to add new functions if the user so desires.
Please note that this machine would have a radically different look-and-feel from the traditional windows and linux systems. The users don't even see the file system, the users don't administer the machine, the users use their precious time benefitting from the appliance.
Is this a dream? Yes.
Is it impossible to make this dream come true? No, it just takes vision and dedication, just re-invent the desktop.
Would I buy such a thing? Yes
Would I work for such a company? Yes
However, I am increasingly getting the idea that trying to do a me-too of Windows for the desktop is missing the point. Windows has already created its market segment and is abandonning it with
What would be useful is to pitch an environment where people can use their old files with little effort but get something above Windows.
The obvious choice there is security. As many IT managers are trying to address the Windows/Outlook/Word/... virus problem at the Firewall they will find out in a couple of years that there is no point in trying to do that. First, you will not stop them all. Second, in thinking you can address the issues at the gate makes you lax in addressing them elsewhere.
The best place to stop virusses is to make the workstation platform stop them, or in fact not propagate them. That is where a Linux-based distro could add value. Create an environment where users only run apps in a sandbox that prevents apps to do uncontrolled things like wipe the user's files, send virusses, send personal info to untrustworthy@offshore.spy.
The openness of Linux and other open software makes this task possible where it is impossible with closed Micro$oft apps.
just my 2 eurocents.
that is just about enough to enjoy it for the next IETF meeting :-)
If you look in the physical world.
- How many food chains are there. Many brands yes, but most of them fall under the same parent.
- How many truly different movie studios?
- How many truly independent car-brands?
Concentration of power is an inherent aspect of the commercial world we live in. That's life.Now why is this suddenly a revelation for the Internet? Could it have to do with the perception that on the Interent everyone is supposed to be more equal than they are in real life? That access barriers to the net are suppsed to be low or non-exisent (assuming you have the money to afford a phone line, PC, ISP & Telco charges)?
Realisticly these Internet ideals do not align with the reality of a commercial & capitalistic world. In our capitalist meat-space we are all equal...
This seems to be the way the world works. Face it!
And if the legal system is f*cked up to favour the establisment and those with money, there is little leeway you can expect there.
Please note: I would not like to pass judgement on the capitalist system or make any statements about alternatives. Just trying to describe the status quo.
Having said that. Not all is lost. As mentioned before on /., WiFi seems to be going places and nicely filling the gap between a low-bandwidth voice and short message service and wireless broadband.
On encryption however the comment is way off the mark. The between choice encryption or not does not equate wether or not there is legal intercept! The authorities need a place to get the bytes that you communicate. That place does not need to be the air-interface, in fact it is better to pick it off a router in the service provider's network. You and your wireless provider can agree on an encryption scheme that will keep your bits from being snooped by anyone with an antenna and too much spare time. (OK, well not your and your SP per-se but first the parties in the standards fora agree and that will enable a contract on privacy between you and your SP.) In fact as customers get more tech-savvy they will demand that the contract with their service provider will make statements about privacy of their data. It is then up to the service provider to keep their data safe (except from cops with warrants) even from their own employees.
Before this post gets downgraded to -infinity, think for 2 seconds (or 2 minutes if you are just waking up). This is not a technical problem, good security technology is readily available. It is a legal and commercial problem!
Some problems can not be solved just by looking at the technology, if you look at the legal and commercial framework in which services are deployed you find that you can solve some issues there as well.
How difficult would it be to convince a court that you were damaged because your service provider did not safeguard your data and somebody used it against you to harm you financially or your standing in the community...
OK, on the first case the service provider with try and claim that the technology is not available to secure this. BS On the second they will claim that the government has ordered them to leave this non-secure. Hmm, in some countries they have a point. The governments around the world are feeling the pressure from citizens organisations demanding more privacy.
So the government will listen if one can demonstrate that they can get what they want (legal intercept) and the citizens can also get what they want (privacy).
think about it.
As a matter of fact I am. Not yet coding but doing the design for this. It is rather complex if you want to embed authentication services in a larger whole of multi-service commercial offerings. (answering the question why would a registrar offer this service, because he can make a buck out of it.)
I'll start coding when my daytime job evaporates. (could be any day now...)
This is where the net will be won and lost -- not with another new language/platform, but with the people who hold the keys.
And think before they code, I hope.
Why are people so fixated on development tools, when hailstorm is the real problem?
Because very few people look at the strategic issues here. The companies that should be scared shitless about this are the telcos and their vendors. Micro$oft is robbing them both from their future livelyhood in one go. But those who should take an interest are busy trying survive.
Paul
The way I see it one needs peer-to-peer trust relationships of independent registrars to make this work. That is the only way to ensure the freedom of choice for the users and the incentive for registrars to offer their services.
Paul
- Distributed
- Allow for multiple registrars
- Mandate good security measures
Achieving these requirements should not be difficult, technically.However setting up an infrastructure like this poses some problems; how to get the right level of trust and how to get the thing to interwork?
On trust; Any on-line recipient of passport-like authorisation/information must trust the issuer. I would like to have a competitor to PASSPORT because I do not trust microsoft. Not to keep my information accurate nor correct nor private.
How to create the trust then?
- you need a (bunch of) company(s) that you trust to maintain your profile and create the necessary level of trust between registrar and user.
- What organisations would be interested in setting up registries? (ISPs & telcos spring to mind)
- How does a company validate material from a different registry? So how do you get the trust between registrar and etailer(you need some clearing house)
This puts the whole thing in a rather complicated organisational light.On interworking; having multiple registrars who will all want to differentiate themselves from their competitors means that you will see no end of proprietary extentions. You need a good technical and contractual framework to handle this.
Is this solvable? yes, I think so (I'll be happy to help).
In time? Mwah...
IP addresses allow remote servers and third parties to invade your privacy by linking your actions to that address. Even if you get a different address regularly it still is a way of linking actions within a certain timespan (typically a dailup session or a dhcp timeout). Also handing out your address to everyone makes you a target for hacking and DoS.
So trying to allow the user to control wether this privacy sensitive informartion is given away or obscured is a good thing.
However if you start looking at how you implement this you run into a number of interesting issues.
- we are talking about some form of address translation here.
- For certain applications this requires application-level awareness of the translation here. Please note that I am not calling it NAT, you simply rewrite the from address not alter anything in the packet. (Oh yeah, all of this breaks IP sec... So you need a seceure tunneling protocol to get to the translator.)
- You will need an organisation that will provide this for you. This could be your ISP, it could be someone else.
- At any rate you need to have a contract with those guys stating that they will keep the mapping between your real IP address and your apparent address very private and change it regularly, sometimes even for each packet you send out. (oops, you'd have to be able to select this behaviour per application, it breaks some of of the applications we have now that assume you stay on the same address during a session...)
- Yet the authoraties will soon catch up and governments will demand that this information will be made available for legal interception purposes. In some countries the government is already prepared for this because they stated that every telecommunication service shall be interceptable. This is not necessarily a bad thing. It is just something to keep in mind, you are not anonymous to everyone.
- In order to make yourself not immediately a suspect to legal investigation just by using it once. you'd have to use nymity all the time . It is a common misconception that only crooks require privacy. Everyone has the need for privacy! Wether it is about your bank transactions, religion, illnesses all people have things they'd like others not to know (or at least control to whom they communicate it).
If we would introduce nymity boxes we seem to have lost the transparency of the Internet. I'd not like to see this as unraveling of the Internet. I'd like to see this as a different kind of IP deployment. You could tunnel this over the Internet or have a new kind of network for it.Is this necessarily a bad thing? No! As long as the applications remain transparent this can work. Yet it requires some thought.
While you are breaking the Internet-model anyway you may just as well go all the way and include:
- QoS, the kind where you can reserve a path end-to-end (this implies authentication and billing per second)
- access control, so your wireless 3rd generation terminal does not suffer a DoS attack because someone burns up the bandwidth on its wireless link or your mobile phone gets hacked so someone can access your bank-account.
I know, this sounds like heresey at first, but after a while I could see the appeal of a world in which you can have privacy, QoS and access control . Especially if this not replaces the Internet but offers you more choice.Now let's see when Scott Bradner is going to have a BoF session on this.