[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[freehaven-cvs] second pass editing
Update of /home/freehaven/cvsroot/doc/fc04
In directory moria.mit.edu:/home2/arma/work/freehaven/doc/fc04
Modified Files:
minion-systems.tex
Log Message:
second pass editing
Index: minion-systems.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/fc04/minion-systems.tex,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- minion-systems.tex 9 Sep 2003 04:33:05 -0000 1.5
+++ minion-systems.tex 9 Sep 2003 09:43:21 -0000 1.6
@@ -45,7 +45,7 @@
Soon after the first business-related telegram was sent to an
untrusted telegraph operator, businesses have recognized the
-importance of encrypting communication on communications networks.
+importance of encrypting messages on communications networks.
Less well-recognized, however, is the importance of protecting business
communications against traffic analysis.
@@ -81,15 +81,18 @@
These attacks are certainly feasible today. On the simplest level,
corporate website administrators routinely survey logs to learn which
competitors and customers have viewed which parts of their websites,
-and how often. [XXXX have a sentence about mid-level adversaries like
-most corporations?] The more sophisticated attacks are almost certainly
+and how often. The more sophisticated attacks are almost certainly
within capabilities of the NSA-supported ECHELON eavesdropping system
(which has been probably used to advance the commercial interests of
its sponsor nations) [XXXX must confirm this], or the capabilities of
any COMINT-sophisticated nation inclined to use its resources for
-economic goals. [not to mention janitors at phone companies]
+economic goals. But while companies doing secure digital commerce
+are right to consider the threat of mid-sized foreign governments,
+perhaps the threat of espionage from competing companies is more
+compelling. The risk that an adversary might pay off a janitor in a
+nearby telcom isn't something well-explored in the public literature.
-Indeed, traffic analysis resistance is also a critical component to
+Traffic analysis resistance is also a critical component to
more advanced financial cryptography systems, such as anonymous digital
cash schemes and private auctions: without anonymous transport, these
schemes provide very little security.
@@ -181,9 +184,7 @@
hide them among. (Thus usability directly affects security
\cite{econymics,back01}.) The current Mixminion client runs only from a
command line on Unix-like platforms, though a Windows32 client is
- planned within the next few months.
- [XXX mention that the server runs on win32? does it? -RD]
- For maximum user acceptance,
+ planned within the next few months. For maximum user acceptance,
more work is needed to integrate Mixminion with existing email
applications.
\item {\bf Distributed directory design.} It's essential that all
@@ -214,9 +215,18 @@
\end{itemize}
[XXXX Should we talk more about the academic/research side of our
-status?]
+status?] [what would we say?]
-[XXXX have a real conclusion.]
+[ i think the paper should conclude with an emphasis
+on systemsy stuff, as well as a call for the finance / data security
+industry to explore whether they need anonymity systems.
+
+how's our performance? what's our strategy for increasing user
+adoption? how does getting more individuals using the system translate
+to increased security for enterprise users? in a sense this is a white
+paper touting our technology and how useful it is, and in another sense
+we're trying to talk up the next people who want to fund us but don't
+realize it yet.]
\bibliographystyle{plain}
\bibliography{minion-systems}
***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs in the body. http://freehaven.net/