Sunday, February 7, 2010

Round two, featuring Bruce Schneier

 Bruce Schneier just wrote a post on all the suggestions to add authentication to the internet. The idea behind those is that if nobody on the internet was anonymous, legitimate users would be largely unaffected and the bad guys would be out of business. Schneier does a nice job refuting this. He says that the technological problem of attaching real names to everyone on the internet is "insoluble", and that trying to implement such a scheme will only hurt free speech, especially in countries that try to censor their citizens. As his first commenter summarizes, "if you outlaw anonymity on the internet, only outlaws will have anonymity on the internet."

Then, Schneier draws a parallel between universal authentication and copy protection:
The whole attribution problem is very similar to the copy-protection/digital-rights-management problem. Just as it's impossible to make specific bits not copyable, it's impossible to know where specific bits came from. [...]
Just as the music industry needs to learn that the world of bits requires a different business model, law enforcement and others need to understand that the old ideas of identification don't work on the Internet. For good or for bad, whether you like it or not, there's always going to be anonymity on the Internet.

Couldn't agree more.