Information Security News mailing list archives
Online and Unidentifiable?
From: InfoSec News <isn () C4I ORG>
Date: Fri, 30 Jun 2000 00:07:58 -0500
http://www.washingtonpost.com/wp-dyn/articles/A21689-2000Jun29.html By John Schwartz Washington Post Staff Writer Friday, June 30, 2000; E01 Everyone knows two things about the Internet. First, it's impossible to censor. Second, the Internet is anonymous. As it happens, neither is true: The increasing ability to trace Internet surfers' wanderings and the threat of lawsuits have considerably dampened the online medium's Wild West spirit. But that hasn't stopped people from trying to help the Net live up to its reputation. Today researchers at AT&T Labs will announce the creation of Publius, a new system that could go a long way toward eliminating online censorship. The innovation could bring the full promise--and, critics warn, the perils--of unfettered speech to the global medium. "It seems like more and more, technologies are being introduced that limit the freedom of individuals--especially in repressive administrations" around the world, said Aviel D. Rubin, who developed Publius with AT&T colleague Lorrie F. Cranor and graduate student Marc Waldman. "We are hoping that by providing some tools to help the individual, we can help offset this trend a little bit." The researchers chose their system's name carefully: "Publius" was one of the pen names used by Alexander Hamilton, John Jay and James Madison to anonymously publish the Federalist Papers. The twin notions that the Internet is uncensorable and that it is anonymous have become deeply ingrained in public perception. A popular New Yorker cartoon tells us that "On the Internet, nobody knows you're a dog," and Internet activist John Gilmore's famous statement that "the Net treats censorship as damage and routes around it" has become an online cliche. Yet a team of cryptographers and privacy activists turns out to be a poor match for an army of lawyers. Time and again, attempts to shut down speech on the Internet have succeeded. The Church of Scientology has been able to bring substantial pressure to bear on Web sites that publish documents that the church considers to be copyrighted property, and activists fear the effects of the new Digital Millennium Copyright Act. Companies often use subpoena power to uncover the names of online employee-critics, force them to withdraw their comments and fire them, said Michael Godwin, author of "Cyber Rights: Defending Free Speech in the Digital Age." "People are so used to thinking of the Net as ephemeral, anonymous and unchanging that they forget the one thing computers are really good at is remembering things and searching for them," Godwin said. The idea of making the Internet truly resistant to censorship is not new, and a number of online projects with names like "freenet" and "Anderson's eternity service" attempt to evade the controls that currently exist over Internet content. But the entry of the prestigious AT&T Labs researchers into the field raises the movement to a new level. Publius works by encrypting files--from text to pictures and music--and dividing them into fragments like pieces of a jigsaw puzzle to be distributed over a number of servers, the computers that store and distribute information on the World Wide Web. Someone wanting to receive materials from the Publius network would look through a directory of offerings on a Publius-affiliated Web site; the network itself would do the work of reassembling the pieces of the requested file. Because Publius puts documents on a number of servers, any effort to censor is greatly hindered. The Publius network would make it hard to trace the original transaction, and files placed on the network could not be removed without the direct action of the owners of the participating servers. The sender can decide into how many pieces to break the file and how many owners of servers would have to act together to eliminate it. The researchers' announcement today will lead to a two-month trial of the technology with a limited number of servers. If that works, they plan to create a permanent version of the system. Internet experts who have learned about Publius say they are impressed. "This is a unique approach and it is well executed," said Edward Felten, an associate professor of computer science at Princeton University. "We think it's a pretty cool system," said Adam Shostak of Toronto-based Zero Knowledge Systems, which sells software for anonymous Internet use. Not everyone is pleased, however. Bruce Taylor, an anti-pornography activist with the National Law Center for Children and Families, said, "It's nice to be anonymous, but who wants to be more anonymous than criminals, terrorists, child molesters, child pornographers, hackers and e-mail virus punks?" Taylor said the researchers might be motivated by good intentions, but the uses to which Publius is put won't always be for the best. "That doesn't mean they shouldn't do it, just because somebody might abuse it, but it does raise questions." So far, AT&T Labs' corporate parent has allowed the project to continue. "The truth is that researchers at AT&T Labs have quite a free rein to pick topics for their work," Rubin said. "The culture at the labs here is that we are scientists, and we are expected to solve forward-looking problems that contribute to basic knowledge." AT&T Labs spokesman Michael Dickman acknowledged that internal memos from corporate officers raised the possibility that the system could be used to disseminate child pornography and other undesirable content. He said the company is unlikely to follow the course of American Online, which canceled work on Gnutella, a technology for distributing music over the Internet that was criticized as a potential boost to copyright piracy. "It is only a research project at this point in time," Dickman said, and part of the trial is intended to see whether the system will be abused. Publius is not a commercial product; the researchers will give the software away. They have published a full description of Publius and the technology behind it at www.cs.nyu.edu/waldman/publius. Rubin said that he and Cranor saw the ideal user of Publius as "a person in China observing abuses, on a day-to-day basis," of human rights. In nations where freedom of speech is severely limited and people might suffer great hardship for speaking out, Publius could be an instrument of social change. "That's what motivates Lorrie and me," he said. "That's why we were interested in this project." Rubin said the administrators of the Publius computers can band together to remove content that they collectively find abhorrent, and that he believes child pornography would certainly fall under that category. "There's always historically been a fear of new technologies," Rubin said. "When cars were introduced, there were fears that they would help bad guys get away. "We just hope that the good uses outweigh the bad," he said. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Online and Unidentifiable? InfoSec News (Jul 01)