Re: [Sks-devel] Proposal: Start verifying self-signatures

[Robert J. Hansen]

> Your tactic adds much, much more significant legal risk since you 
> could be arrested for sexual offenses (very long prison sentence plus
> lifelong branding). Most troll organizations don't cross this line,
> and take more technical approaches to DoS'ing a system.

You're thinking like an academic.  Start thinking like a rogue whose
number one purpose is to break the keyserver network and get away with it.

(Note: there is a subtle flaw in what follows.  It is left in here in
the same spirit that science shows like MythBusters often obscure the
precise way they do something dangerous.)

The rogue knows it's irrelevant whether it's child porn... only whether
people *think* it's child porn.  Find an 18-year-old who looks 16, pay
them a couple of hundred bucks for a sexual selfie, and you're off to
the races without breaking any laws.  Or find an 18-year-old and
Photoshop the image into looking more childlike.  Or create CGI of a
little kid being exploited.  There are lots of possible ways to create
technically-legal child porn.  Upload that image and contact the media.

Next thing you know you'll see the media pushing for an end to the
keyserver networks before it becomes the next front in child porn
distribution.  After all, this thing plays into all of their hot
buttons: it's the Internet, it's a mostly-unknown technology they really
don't understand and which vaguely scares them, it's about exploited
children, clearly something must be done... this will make great fodder
for about a week.  And within hours after the first newspaper story
about it, the keyserver network would become deluged in real child porn
because the people who traffic in real child porn read newspapers, too.

Sure, it would be a crime if you told child pornographers to do this --
you'd be aiding and abetting their criminal acts.  But if the *media*
tells them how to do this, then that's just the First Amendment.

You've achieved your goals.  You've brought chaos and discord to the
world, flooded the keyserver network with real child pornography, turned
keyserver operators into social pariahs, brought governments all around
the world to bear on keyserver operators... man.  Epic lulz.  And all it
took was a photograph and a phone call to the media, and you wouldn't
have committed a single crime.

(ObDisclosure: I've spent the last seven years working in digital
forensics.  If you think I am overestimating the cunning of rogues, or
the rapidity with which child pornographers adapt to new distribution
mechanisms, I assure you that I am not.)

> Many servers are not located in the EU, so this would not DoS the 
> keyserver system.

I think "taking down all of Europe's keyservers for about twenty euros
of postage" is a critical vulnerability.

> You seem to have fallen back on the "let's do nothing, as this single
> one proposal does not protect us from *all* evil" that Arnold 
> previously mentioned.

No.  What I'm saying is, the patient has cancer and you're talking about
treating the patient's headache.  The problem isn't the headache.  The
problem is cancer.

You want to talk about fixing the security problems in SKS?  Start by
addressing the big problems: namely, a distributed, fault-tolerant,
zero-deletion database is a really tempting target for illegal data.
Come up with an architecture that addresses that problem and I'll
eagerly listen.

But right now you're talking about treating headaches.

smime.p7s
Description: S/MIME Cryptographic Signature