Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 15 submissions in the queue.
posted by janrinok on Monday March 12 2018, @03:05PM   Printer-friendly
from the full-of-300bps-goodness dept.

Professor Steve Bellovin at the computer science department at Columbia University in New York City writes in his blog about early design decisions for Usenet. In particular he addresses authentication and the factors taken into consideration given the technology available at the time. After considering the infeasiblity of many options at the time, they ultimately threw up their hands.

That left us with no good choices. The infrastructure for a cryptographic solution was lacking. The uux command rendered illusory any attempts at security via the Usenet programs themselves. We chose to do nothing. That is, we did not implement fake security that would give people the illusion of protection but not the reality.

For those unfamiliar with it, Usenet is a text-based, worldwide, decentralized, distributed discussion system. Basically it can be likened to a bulletin board system of sorts. Servers operate peer to peer while users connect to their preferred server using a regular client-server model. It was a key source of work-related discussion, as well as entertainment and regular news. Being uncensorable, it was a key source of news during several major political crises around the world during the 1980s and early 1990s. Being uncensorable, it has gained the ire of both large businesses and powerful politicians. It used to be an integral part of any ISP's offerings even 15 years ago. Lack of authentication has been both a strength and a weakness. Professor Bellovin sheds some light on how it came to be like that.

Despite weaknesses, Usenet gave rise to among many other things the now defunct Clarinet news, which is regarded to be the first exclusively online business.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Informative) by canopic jug on Monday March 12 2018, @04:23PM (1 child)

    by canopic jug (3949) Subscriber Badge on Monday March 12 2018, @04:23PM (#651399) Journal

    The last paragraph of the blog post is very interesting, too, though it dwells on conjecture and not history. He ponders about how differently things would have turned out in regards to the first crypto war [schneier.com] in which Phill Zimmerman and PGP [philzimmermann.com] were caught in the middle along with Eben Moglen. If Usenet's developers had moved a little differently, they would have been in a position to roll out heavy cryptography and, with the cat out of the bag, the US government would not have been able to persecute the nation's cryptographers at the time. Or at least they would have had to take a vastly different approach:

    There's an amusing postscript to the public key cryptography issue. In 1979-1981, when the Usenet software was being written, there were no patents on public key cryptography nor had anyone heard about export licenses for cryptographic technology. If we'd been a bit more knowledgeable or a bit smarter, we'd have shipped software with such functionality. The code would have been very widespread before any patents were issued, making enforcement very difficult. On the other hand, Tom, Jim, Steve Daniel (who wrote the first released version of the software—my code, originally a Bourne shell script that I later rewrote in C—was never distributed beyond UNC and Duke) and I might have had some very unpleasant conversations with the FBI. But the world of online cryptography would almost certainly have been very different. It's interesting to speculate on how things would have transpired if cryptography was widely used in the early 1980s.

    History does not repeat but it does rhyme. So now we are seeing the beginnings of round two, or perhaps a full out second crypto war [vice.com].

    --
    Money is not free speech. Elections should not be auctions.
    Starting Score:    1  point
    Moderation   +3  
       Informative=3, Total=3
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 2, Interesting) by Anonymous Coward on Tuesday March 13 2018, @12:55AM

    by Anonymous Coward on Tuesday March 13 2018, @12:55AM (#651604)

    The second crypto war is already lost, because something far worse than Clipper is in almost all new chips. Once they have it top to bottom in everything (If we see this with the VC5 based RPi4 and newer ARM SBCs, you will know the end is near...)

    Once they have management processors in everything, combined with the software backdoors already existing in the majority of networking hardware, they will have everything they need to turn on 'always on' surveillance on ALL our devices, instead of just some cell phones, some windows systems, and some Intel PCs (OS agnostic) as it is today.

    Wait and see, the plan is already in motion, and while it has had a few roadbumps the drooling masses are almost ready to allow it. Gone are the days of the Crypto rebellion, CPUID riots, or 'Glassholes' being berated for spying on you in public. Instead everyone has slowly acclimated and soon they won't raise their voice as the final nails in the surveillance coffin are enacted, leaving us unable to hide, even in our online lives.

    People heard storie about the Gestapo and Stasi and all the grounds before and since acting similiarly, but nobody has learned why you can't live in fear nor why you cannot give your government too much nosing into other's lives, even if it seems like it is for a good cause. Because sooner or later it will stop bieng for a good cause and taken for granted, and then you have no rights left, even if you gave them up seemingly for all the right reasons.