[p2p-hackers] OneWebDay, Sept. 22 - next Saturday
baford at MIT.EDU
Mon Sep 17 14:12:44 UTC 2007
On Sep 17, 2007, at 1:49 AM, Seth Johnson wrote:
> OneWebDay, Sept. 22, is an Earth Day for the internet.
> The idea behind OneWebDay is to encourage people to think of
> themselves as responsible for the internet, and to take good and
> visible actions on Sept. 22 that (1) celebrate the positive impact of
> the internet on the world and (2) shed light on the problems of access
> and information flow.
This is the first time I've heard of this event; is it just starting
If this is a serious thing, it looks like the organizers have already
done half the work involved in implementing a proposal I made a while
ago, to use just such a yearly occasion to give the Internet a real
defense against sybil attacks, ballot stuffing, sock puppetry, etc.,
while preserving online privacy and anonymity. Now we just need to
take it the rest of the way.
Original proposal (Sep '06): http://www.brynosaurus.com/log/2006/0924-
Slightly more fleshed out (Mar '07): http://www.brynosaurus.com/log/
Abstract from the latter:
Many unsolved Internet security vulnerabilities reduce to a lack of
user accountability: any user who misbehaves---e.g., by spamming
from a free E-mail account or stuffing an online ballot box---can
simply open other anonymous accounts or connect from other IP
addresses. The obvious solution of requiring all users to identify
and authenticate themselves to online services, through a universal
public-key infrastructure (PKI) for example, is inconvenient and
impractical to deploy universally, and raises serious privacy
concerns. Ensuring accountability does not in general require
identifying users, however: it only requires enforcing a principle of
"one person, one persona" for a given online service. This paper
proposes "pseudonym parties", a decentralized scheme that combines
technical tools (pseudonymous online accounts) with in-person social
occasions (parties) to provide online accountability while preserving
the ability of users to participate anonymously in online services.
This approach is fully decentralized, can be deployed incrementally
at minimal cost, and may even be fun to participate in.
More information about the p2p-hackers