The future of security

bear bear at
Fri May 28 19:02:14 EDT 2004

On Fri, 28 May 2004, Anne & Lynn Wheeler wrote:

>connecting systems that were designed for fundamentally safe and isolated
>environment to wide-open anarchy hostile operation exposes all sorts of
>problems. somewhat analogous to not actually needing a helmet for riding a
>motorcycle ... or seat belts and airbags to drive a car.

Perspective on things...

Where I grew up, safety equipment inside your car (or on your head on
a motorcycle) was limited to that which prevented you from becoming
more of a hazard to *OTHER* drivers.  Motorcyclists didn't need
helmets, because helmets don't prevent crashes or change the
consequences of crashes for anyone who's not wearing them.  But they
did need eye protection, because eye protection reduced the
probability of crashes that could be dangerous to others.

I thought this was actually a well-considered system.  The law
required us to take whatever reasonable precautions we needed to
protect others from our actions, but it was entirely up to us whether
we attempted to protect ourselves from our own actions.

Now, in most states, law doesn't work this way any more -- protecting
people from each other has gotten fuzzed into the idea of protecting
"the people" (monolithic unit) from "themselves" (monolithic unit).

But I think there is some wisdom here that may apply to the spam
situation. Have partial solutions been getting rejected because we're
seeing that we can't protect users against their *own* stupidity?
What we actually need is systems to protect *other* users from their


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list