
Anonymity and the Internet - gthank
http://www.schneier.com/blog/archives/2010/02/anonymity_and_t_3.html
======
mortenjorck
_Accept that you'll never truly know where a packet came from. Work on the
problems you can solve: software that's secure in the face of whatever packet
it receives, identification systems that are secure enough in the face of the
risks._

Schneier is spot-on as always, but the social problem is that this requires
actually doing the hard work of building a secure product instead of calling
for an impossible solution from outside.

------
thinkbohemian
When i meet someone in the real world I don't, or can't possibly know
everything about them immediately, and thats been fine for thousands of years.
Our standard mode of operation is quasi-anonymous.

~~~
vaksel
that won't last.

How long till Facebook releases an iPhone app that lets you take a photo of a
person on the street, then query that photo with facial recognition software
against the millions of photos on their servers.

5 years? 10 years?

You don't even have to query a ton of people.

1\. Query the immediate area around the person to see if the guy you took a
pic of has the app installed on his phone.

2\. Query all people in a 10 mile radius

3\. Query all people in the state for a $5 fee.

4\. Query all people in the country for a $50 fee

------
zck
Also read the counterpoint to Schneier's article (linked at the bottom of
Schneier's):
[http://searchsecurity.techtarget.com/magazinePrintFriendly/0...](http://searchsecurity.techtarget.com/magazinePrintFriendly/0,296905,sid14_gci1380347,00.html)

~~~
loup-vaillant
Two thing about this rebbutal:

The difference between crime and anonymity on the internet is that we can have
a substantial influence on crime. If someone wants to commit a crime, he will
likely be caught. If someone wants to be anonymous on the internet for a
while, however, there is nothing anyone can do. "Never worry about what you
can't control."[1] By that principle, security problems caused by the internet
have to be solved by other means (or not at all, if the costs are too high).

About his suggestion to implement identification mechanisms in the network
itself, I strongly disagree. Currently, the internet is a "dumb" network on
which "intelligent" machines plug in and exchange information. If we add some
intelligence to the network, it will be disastrous for civil liberties
(selective filtering, browsing logs… all in very few places). Plus, such
centralization will require the collaboration of most countries. If one ever
get rogue, the "intelligent" network is doomed.

[1] Tom ripley: <http://en.wikipedia.org/wiki/Tom_Ripley>

~~~
orangecat
Also, the idea that most people taking advantage of anonymity are spammers or
criminals is absurd. The default pseudo-anonymity of most discussions makes it
possible to say things that you don't want your boss or customers to find in
Google. Yes, we should live in a world of perfect tolerance where you could
express a reasonable opinion on controversial issues without suffering ill
effects, but we don't.

------
celticjames
Maybe in the future we will all have our own certificate authorities.

------
sern
The people who push for anonymity are those who don't understand the Internet
(or anything else, quite often), usually politicians - the antithesis to the
scientist or engineer.

~~~
sketerpot
Do you mean "push for an end to anonymity"?

