[cap-talk] Capability accounting

Norman Hardy norm at cap-lore.com
Sun Jun 25 23:08:52 EDT 2006 

On Jun 25, 2006, at 8:44 AM, Ian G wrote:

> Norman Hardy wrote:
>
>>>> I am extremely enthusiastic about introducing money into the  
>>>> system.
>>>> DSR <http://cap-lore.com/Economics/DSR/> even includes a 32 bit
>>>> money amount in most network packets.
>
>>> DSR almost certainly will not work.  I'd have to
>>> read it in full to be clear, but here are a few
>>> issues I spotted.
>
>
> I should point out that I'm normally down
> on payment systems, including my own :)  The
> theory that we have predicts in all academic
> seriousness that they should all fail.  So
> hats off to anyone who pulls it off, I myself
> have failed so far.
>
> ( Paypal should have failed a dozen times, and
> remains interesting *because it survived*.
> The inside story will only be gathered
> slowly, as the PR angle took over very early.
> e-gold was sound, but failed to migrate, and
> theory predicts it should have failed by now.
> Webmoney also was subject to massive fraud
> problems, but they escaped. )
>
>>> 1. It has no security built in.  So it is in
>>> effect an accounting system where everyone has
>>> to participate and rely on everyone else.
>>
>>
>> Yes, it has no security, except  for the ability to observe
>> the fidelity of participants and share those observations.
>> This, being tedious, must evolve into a service.
>> Also critical is the ability to choose those with whom
>> you do business.
>> Coins evolved amid much counterfeiting.
>> Today's banks are indeed quite reliable, but
>> they evolved to that state.
>> Crypto helps vastly for it helps those who want to know,
>> who cheated, whether or not there are police to call.
>
>
> Fraud has an interesting relationship with
> security.  There is a contrasting view to
> what I wrote above, that indicates that we
> should not put any protection in a system
> at all, we should let the fraudsters do the
> work of pointing us to which things to plug.
>
>  From the perspective of security practitioners
> it feels dangerous, but from the perspective
> of risk managers, it feels fine.  It's natural.

Warning: overly philosophical paragraphs follow.

Yours is a provocative statement, but does raise the interesting
issue of why most of us reading this list think there
is hope for "mathematical security" within one computer,
(but not with current platforms)
but feel we must resort to crypto for any hope of distributed security.

Two things are necessary for mathematical security:
   A small sound design
   Enough correct code to carry out that design.
As an engineering issue I think we can achieve that for a computer.
I will call this the secure OS.

It seems hopeless to me to achieve this for much larger systems.
Crypto protocols are about as difficult as the secure OS and they need
the same two elements to succeed.
With a sound OS and sound crypto we might well achieve a few
federated and distributed machines that provide a robust platform
for distributed applications.

I don't hope for much more.

I think of the network as the jungle and DSR tries to suggest
that incentives, rather than security enforcement mechanisms,
can allow constructive cooperation of diverse players where
no central planning could be hoped for.

.........

More information about the cap-talk mailing list