[p2p-hackers] OneWebDay, Sept. 22 - next Saturday

Bryan Ford baford at MIT.EDU
Mon Sep 17 14:12:44 UTC 2007


On Sep 17, 2007, at 1:49 AM, Seth Johnson wrote:
> OneWebDay, Sept. 22, is an Earth Day for the internet.
> [...]
> The idea behind OneWebDay is to encourage people to think of
> themselves as responsible for the internet, and to take good and
> visible actions on Sept. 22 that (1) celebrate the positive impact of
> the internet on the world and (2) shed light on the problems of access
> and information flow.

This is the first time I've heard of this event; is it just starting  
this year?

If this is a serious thing, it looks like the organizers have already  
done half the work involved in implementing a proposal I made a while  
ago, to use just such a yearly occasion to give the Internet a real  
defense against sybil attacks, ballot stuffing, sock puppetry, etc.,  
while preserving online privacy and anonymity.  Now we just need to  
take it the rest of the way.

Original proposal (Sep '06): http://www.brynosaurus.com/log/2006/0924- 
SybilParties.html
Slightly more fleshed out (Mar '07): http://www.brynosaurus.com/log/ 
2007/0327-PseudonymParties.pdf

Abstract from the latter:
Many unsolved Internet security vulnerabilities reduce to a lack of  
user accountability:  any user who misbehaves---e.g., by spamming  
from a free E-mail account or stuffing an online ballot box---can  
simply open other anonymous accounts or connect from other IP  
addresses.  The obvious solution of requiring all users to identify  
and authenticate themselves to online services, through a universal  
public-key infrastructure (PKI) for example, is inconvenient and  
impractical to deploy universally, and raises serious privacy  
concerns.  Ensuring accountability does not in general require  
identifying users, however: it only requires enforcing a principle of  
"one person, one persona" for a given online service.  This paper  
proposes "pseudonym parties", a decentralized scheme that combines  
technical tools (pseudonymous online accounts) with in-person social  
occasions (parties) to provide online accountability while preserving  
the ability of users to participate anonymously in online services.   
This approach is fully decentralized, can be deployed incrementally  
at minimal cost, and may even be fun to participate in.

Cheers,
Bryan



More information about the p2p-hackers mailing list