Hacker News new | past | comments | ask | show | jobs | submit login
Anonymity and the Internet (schneier.com)
32 points by gthank on Feb 3, 2010 | hide | past | favorite | 9 comments



Accept that you'll never truly know where a packet came from. Work on the problems you can solve: software that's secure in the face of whatever packet it receives, identification systems that are secure enough in the face of the risks.

Schneier is spot-on as always, but the social problem is that this requires actually doing the hard work of building a secure product instead of calling for an impossible solution from outside.


When i meet someone in the real world I don't, or can't possibly know everything about them immediately, and thats been fine for thousands of years. Our standard mode of operation is quasi-anonymous.


that won't last.

How long till Facebook releases an iPhone app that lets you take a photo of a person on the street, then query that photo with facial recognition software against the millions of photos on their servers.

5 years? 10 years?

You don't even have to query a ton of people.

1. Query the immediate area around the person to see if the guy you took a pic of has the app installed on his phone.

2. Query all people in a 10 mile radius

3. Query all people in the state for a $5 fee.

4. Query all people in the country for a $50 fee


Also read the counterpoint to Schneier's article (linked at the bottom of Schneier's): http://searchsecurity.techtarget.com/magazinePrintFriendly/0...


Two thing about this rebbutal:

The difference between crime and anonymity on the internet is that we can have a substantial influence on crime. If someone wants to commit a crime, he will likely be caught. If someone wants to be anonymous on the internet for a while, however, there is nothing anyone can do. "Never worry about what you can't control."[1] By that principle, security problems caused by the internet have to be solved by other means (or not at all, if the costs are too high).

About his suggestion to implement identification mechanisms in the network itself, I strongly disagree. Currently, the internet is a "dumb" network on which "intelligent" machines plug in and exchange information. If we add some intelligence to the network, it will be disastrous for civil liberties (selective filtering, browsing logs… all in very few places). Plus, such centralization will require the collaboration of most countries. If one ever get rogue, the "intelligent" network is doomed.

[1] Tom ripley: http://en.wikipedia.org/wiki/Tom_Ripley


Also, the idea that most people taking advantage of anonymity are spammers or criminals is absurd. The default pseudo-anonymity of most discussions makes it possible to say things that you don't want your boss or customers to find in Google. Yes, we should live in a world of perfect tolerance where you could express a reasonable opinion on controversial issues without suffering ill effects, but we don't.


Maybe in the future we will all have our own certificate authorities.


The people who push for anonymity are those who don't understand the Internet (or anything else, quite often), usually politicians - the antithesis to the scientist or engineer.


Do you mean "push for an end to anonymity"?




The deadline for YC's W25 batch is 8pm PT tonight. Go for it!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: