A "moral" dilemma.


PDA






twoblink
December 23, 2002, 01:02 AM
I have worked for about 5 years on a project; and I have finally figured out the solution.

Here's the problem (and yes, this relates to RKBA)

The capitalist in me says, do whatever is not illegal that makes you money. This certainly will make me a multi-millionaire.

The libertarian in me says do whatever will maximize your own freedom without infringing on others. This kind of qualifies.

The problem is, this system can and WILL eventually be used for evil... I have set the scenerios up in my mind and the conclusions are BAD.

Brief summary of what it is:

I have been working on an electronic method of micro payments (such as $1.00 being the smallest payment amount) Unlike Paypal etc.. You can go and get that $1.00 from them if you so wish (physically). But more than likely you'll just want it transferred into your account, and a notice to you they've sent it.

Micropayments is a daunting task, and I believe I've finally after 5 years, came up with a solution.

Data is useless bits of knowledge that has no meaning.

Information is data that has been arranged into a meaningful system, and thus is useful.

The solution is a link of identification to a physical location (i.e. a mailing address) and thus that would mean that the entire system will be interlinked to the postal system) and the system WOULD reside in the post office (that's how I can guarantee that you can walk in and physically claim that $1.00 instead of claiming it electronically) But that means anonymity is gone, and if this method is very secure (which it should be) then gun registration becomes pointless, they will just say, all firearms have to be purchased this way, and now they would know: who sold it, (and where they lived) who bought it (and where they live) and the can attach the serial information of the gun as meta-data to the purchase, when it was bought would be known, and how much it was sold for. It would be the ULTIMATE gun grabber's dream system.

So I'm saddened this day, by the fact that something I have worked on for 5 years, which will make me a lot of $$$ will result in the lost of quite a bit of RKBA rights.

The capitalist in my justifies it by saying, like those who use a gun for evil, it's the people who use it for evil, not the system itself that is evil. So make money, and help out in the RKBA dept as much as you can.

The libertarian in me says, I don't think I can "sleep well" at night knowing if my system eventially becomes what is used as the demise of RKBA.

By the way, as a cryptgrapher, that means I will force a two way authentication, and so it will be very unlikely of fake indentities..

I don't want to be another Mr. Nobel and see my dynomite get used for a purpose that it was otherwise intended for...

Thoughts? :confused:

If you enjoyed reading about "A "moral" dilemma." here in TheHighRoad.org archive, you'll LOVE our community. Come join TheHighRoad.org today for the full version!
Derek Zeanah
December 23, 2002, 01:06 AM
Why can't you set it up so that the authentication is there (you can verify that the token is legitimate), but that it's still anonymous? Don't make me break out my Schneier -- I've got too much else on my plate right now. ;)

labgrade
December 23, 2002, 01:26 AM
"I don't want to be another Mr. Nobel and see my dynomite get used for a purpose that it was otherwise intended for... "

B'lieve Dr. Gatling had something to say about that. ;)

For what it's worth & to help assuage any "guilt," anything can be used for ill or good - maqtches or can opener.

On this one, make a buck if you can & sleep easy.

Others misuse it?, ain't your call.

Maybe Beta the thing to prevent the best misuse contrap you can ....

twoblink
December 23, 2002, 01:28 AM
Ahh, yes, the dual anonymous method. You can. You can make a transaction between 3 or more parties and keep them all anonymous.

The problem (and why micropayments are so hard) is entry and exit.

If the account is anonymous, how do I "exit" the money into something spendable gracefully? E-cash, E-gold etc.. have this VERY problem. Money circulates in the system, which is great (for me, because I make like a 1% commission on each transaction) and the less it exits, the more I make. But at some point in time, it HAS to exit the system into "the market" so to speak.. But this presents the toughest part of the micropayment problem, authentication of the recipient since the transaction was done ANONYMOUSLY. So the only way to do this, is to attach a physical verification to it.

Every physical address would have it's on X509 certificate. When you open up the account, you SIGN the address certificate with your own certificate. You've now activated your account, and read to take and make payments.

How do you do that, and keep it 100% anonymous when I FORCE you to walk into a post office?? You don't, and the system is not designed so you can; this is what keeps the method clean and with recourse.


ANSWER TO YOUR QUESTION::
If there are two anonymous transactions, and each are doubly verified, then I cannot deny that the transaction has occurred; as digital signatures prevent it. Fine, so the transaction happened, but PROVE that it was with me!!! That's right, you CAN'T if it's 100% anonymous. So the system falls apart in the real world with the requirement of recourse.

I sell you a gun, I ship it to you, and the post office COD's for me. That will be how the system gets used.. (ouch)

twoblink
December 23, 2002, 01:31 AM
labgrade,

Yes, I make a buck.. But I don't know how much money (if there is an amount) that would make me feel ok with the fact if the system eventually gets used by the government to control pretty much all activites. 100% of ALL activites are tracked.. I mean, 1984, Brave New World, etc.. ALL MY DOING. That's a tough thought to live with, yes?

Kaylee
December 23, 2002, 01:44 AM
Albert.... just for the sake of argument... this is different from say, using my credit card to buy a gun in a store how? Or for that matter, my electronic checking account? If FBI or BATF can tell my bank they "need" the info bad enough.... what does your system give them that they don't already have?

Further... can I still just withdraw cash and buy that way?

Or say, a friend and I each buy something through the system, and then a week later "decide we don't want 'em anymore" and private sale it to each other?

No offense, but I think you might be overestimating the potential bad effects of your system. Besides... *ahem* if you have the idea, you're not the only one with it. Ideas don't come in a vacuum like that. And with that in mind.... I'd rather have an RKBA, liberty, privacy-minded guy building the system than a statist guy, know what I mean? At least you'd code anonymity into the system. And could leave all sorts of delightful little Easter Eggs, I'm sure. :)

-K


Oh.. two more thoughts.

1 -- your direct competitor it looks like is PayPal.. most folks I think using a mircopayments system will want money wired into an existing account, not have to go somewhere and pick up pieces of paper and little bits of metal. Besides being inconvenient, it's so 20th century. :p
So... what do you offer for the world at large (who DONT by and large care about privacy as much as convenience) that paypal doesn't?

2 -- Another option might be a Swiss-type "numbered account" without any names/contact info on file, just issued ATM cards and either a series of private ATMS (one HECK of an infrastructure cost), or licensing agreements with existing financial institutions with ATM networks in place. No need for direct Phyiscal electronic Post Boxes, I wouldn't think.

Anyhow.. sounds like a neat idea. Personally, I'd like to hear more about it sometime. It's good to be the bank. :)

labgrade
December 23, 2002, 01:55 AM
My observation, twoblink, certainly wasn't that you could make a buck.

Seems your quandry was that it could be misused.

What can't/won't be, if some have a mind to? Hence my ref to Gatling.

Do your best, make that buck & do what you can to ensure a semblance of privacy - more the better.

Every FFL transaction is 4473-tracked - ain't your doing, that's fer sure.

Every $ transaction, other than cash (& wait for the punch line ;) ) can be/is.

Whatcha gonna do?

I say make your mark, make a buck, do the best you can to do what your heart & mind tell you to.

I could (theoretically) come up with a better tadpole. There's some out there might use it to ill repute.

Ain't my call.

My hat's off for your consideration of the possibilities, Sir.

tyme
December 23, 2002, 03:39 AM
Twoblink, what are you trying to keep anonymous? The payment? You can't keep the delivery address private. Someone could simply follow the purchase to its destination.

twoblink
December 23, 2002, 04:24 AM
Wow.. I have some 900+ pages on the "problems" of micropayments, too hard to summarize..

But what's so different then say, buying with my credit card?

It's what is known as "information farming".

There is absolutely no new information that I am introducing that does not exist anymore. But what I am doing is TYING the information together, and that's where the danger lies.

I go and buy a gun, from the store, with my Visa card. They have my information, my address, my credit card number, etc.. Yes.. but they are separate databases. They don't know if I bought $500 in ammo, or a gun, and even if they knew I bought a gun, which gun? What serial number? It is currently possible to find all this out, but it takes a LOT of leg work.

Constrast that with my system.

Kaylee; She bought on Dec 11,2002 a CZ rifle serial #12356135 for $235, from Bob, Kaylee lives at 1600 Pennsylvania Ave, Bob lives at 233 TFL street. Kaylee has purchased 8 guns in the last 2 years; from the following people: Oleg, Runt, Tamara. They each have purchased a total of 500 guns (mostly Tamara) each at these prices, with these serial numbers. Oleg has moved 3 times, and since moving to TN, he has purchased 7 guns, while only purchasing 2 when he was in MN. This is SCARY and can be gained in about 2 seconds. Not 2 months... By some 18 year old in front of a computer terminal chewing bubblegum...

This is all possible with my system. Think about that for a moment. It's just a database query.

What keeps the monster at bay is the fact that while they have all this data, none of it is in a usable form. It's data, not information; until someone like me comes along... FBI doesn't talk to the local police doesn't talk to the Sheriffs doesn't talk to BATF doesn't talk to <insert alphabet soup here>

Yes Kaylee, I will be competing with Paypal, and this is a system that's designed for mostly e-commerce, but the problem is every system has to have an exit. The "better" the exit, the more widely used the system. My system would make the post office into a bank. Which gives you more warm fuzzies, that you can get CASH at the post office for the item you just sent, or you see a few digits in your paypal account?

Visa versa; which gives you more warm fuzzies, when a payment is made )in escrow) pending the delivery of the item, and once the item is delivered, the post office generates a password and lets you unlock the payment and receive it. Fully escrowed vs. paypal.

I found the solution because that is how it is in Taiwan; they have none of the micropayment problems that the states has; because they forced the same banking software on everybody, and so 100% of all the banks in taiwan are compatible; also, the post office _IS_ the biggest bank in Taiwan. The fact that you can tie a non-floating ID (like a physical mailing address) to a floating one (like people) is a HUGE advantage. I could write a 400+ page book about it and not scratch the surface. The same reason that makes real estate one of the best investments in the world, is the same reasons for it's use as identification.

Identity theft will be hard, as while I can fake more "persons" electronically, I cannot fake more "property" electronically very easily. When they are linked, it is very very difficult to fake.

Kaylee, you can "still" withdraw cash and buy it that way, but what if laws change to reflect that all firearms must be purchased via this method??

My system offers an ability to tie the physical item, to the payment. It now becomes the norm to COD again. Because the post office _IS_ your bank also. You have 100% recourse; in paypal, I send you money, and I'm suppose to believe you will send me the item. No guarantees. I send you money, you take off, how now brown cow? Hunting you down will become a problem. Less so when there's a physical address that's tied to you.

BTW, swiss banks aren't safe. That's mostly a falsehood. They aren't anonymous either. The last of the fully anonymous systems was the "Austrian Anonymous Savingsbook". When that EURO emerged and killed the Austrian spartsbook, I almost cried... Very very few fully anonymous systems left.

While it's true that a fully anonymous system would be great i.e. numbered accounts, you do understand why they aren't anonymous right? No banks now in the world will take a wire from a numbered account without secondary verification; you cannot get money into the US due to US banking laws pretaining to numbered accounts; and getting money out of the country while possible, constitutes as "tax evasion" and so if you are somehow caught, you will be wearing silver jewelry around your wrists for 25-life.

The US is the problem; or rather the laws that one has to deal with is the problem.

Kaylee
December 23, 2002, 10:39 AM
So... help me Albert, I don't understand.

WHY does your system need to have all that metadata attatched? Why can't you just say, for example,

Account 3454634454 tied to 453 TFL Street, Suite 35 (A Mailbox etc. box, for instance) sends $565 to account 349859384 tied to 1600 Pensylvania Ave on December 11, 2001?


Why add all the other metadata in the first place? I mean, you can do escrow painlessly without all that other stuff. If you could enter and receive cash at your physical address point, so much the better.

I guess I just don't see why you're making the problem in the first place? :confused:

-K

twoblink
December 23, 2002, 11:13 AM
Because, I need to have a recourse against a specific purchase.

Let's say I buy from the "$99" store. Every receipt says "$99". I say, I gave you $99 on Jan 1st. You say, that was for something else.. Because there's no item specified, then you can't prove the payment was for a specific item.

That's why you have itemized lists on receipts. It allows for reciprocity and recourse.

For example, Paypal doesn't really allow for recourse..

Albert

Don Gwinn
December 23, 2002, 11:29 AM
I can't make myself care. If "they" want to know what I have, they can do it now. Your gizmo might make it easier, but it sounds like a leap forward for legitimate uses. Were I you, I wouldn't worry too much about it. If it's really worth that kind of money, you might be able to negotiate some kind of agreement that leaves you with enough control to prevent that type of use.

If there's ever the kind of government we all fear, after all, absolute proof will not matter much. They'll take whoever they suspect and screw proof.

Besides, as someone said, you didn't create this possibility. You discovered it. Someone else could discover it tomorrow and take it straight to the TIA for development money. Can't uninvent technology.

Kaylee
December 23, 2002, 11:30 AM
For example, Paypal doesn't really allow for recourse..

And yet, it's thriving.

I think often we're so busy working out "What ifs" that we forget that most people really are basically honest. Ebay (or our own for sale forums) wouldn't have lasted a month if that weren't the case.

Further, it seems to me that receipts can be privately handled between the parties without need for your system to be involved. Again.. look to the credit card. My bank doesn't know that my $215 off my check debit card bought a .22 in the gun section or a bunch of frilly stuff and stuffed mooses (meese?) from the "keep the chick busy" section. But my store recepit itemizes it out. Surely the same thing can be done with your system?

Or is the very idea to offer more latitude in tracking than current system, as a means to achieving another goal?

-K

C.R.Sam
December 23, 2002, 12:54 PM
So... what do you offer for the world at large (who DONT by and large care about privacy as much as convenience) that paypal doesn't? Hopefully an onshore entity that offers recourse to those who have a problem with it. PayPal, being offshore and largely unregulated has been able to shine on some pretty large screwups.

Sam

cordex
December 23, 2002, 01:23 PM
twoblink,
Option 1: Don't require all the information on all transactions.
If the parties involved don't want the remote receipt stored on your machine, it becomes a direct transfer of currency without all the excess info stored on there, but they have no recourse.
If they include the information, they have recourse - for a minor fee.

Give options. Charge for options. Make $$$. Buy ammo. Give your brass to cordex. Be happy.

Option 2: Have your systems located at an offshore data haven. When Big Brother asks to run a query to determine how many guns Cordex has purchased over the last year, tell BB where he can shove the SQL. Then you still have access to the info yourself if'n you want to sell information on purchasing trends. Have an onshore company associated with your offshore server farm to resolve disputes.

Option 3: Allow vendors to give codes to their own merchandise. For example, a Bushmaster AR-15 could be "Sporting Goods Item 410102917". Meaningless to the computer, unless someone tracked other information (say, store inventory) but since that is possible already, there's no reason to refrain from making big money for that reason.

Correia
December 23, 2002, 01:45 PM
Anything invented for good can be twisted for evil. I can invent a gun that can be used in defense of life, or it can be used to take innocent life. The same printing presses that create SWAT also create Rosie magazine. TV can broadcast good information, or it can carry CNN. :)

If you have thought of it, somebody else can too. Do it before they do.

Just my opinion of course.

twoblink
December 24, 2002, 12:59 AM
Cordex, what brass do you need? Next time I'm headed over there, I'll bring you brass! ;-)

If there exists a system, like Paypal that allows for recourse, trust me, if I build it, they will come. If this system was up, Paypal would get killed.

Not putting in all those "extras" makes the system pointless; that's like not asking the car dealer to throw in the floormats for free. You think they are going to say no to a car purchase because of $50 floormats??

Kaylee, most people are honest. I'm not talking or addressing most people, I'm talking about the GOV'MNET. They are about as honest and trust worthy as #)$(*$%*&!@#.

I can tell you right now, I'm not playing what if's here. Guns aside, this would be the ultimate method of commerce. Because it has real world exits, and internet compatibility. This would mean, I can estimate and calculate your income tax "requirements" with a click of a button; this has very very far reaching effects..

Kaylee, as you said, a brand new system with it's own ATM's would be $$$, that's why the postoffice seemed a logical choice, every place has at least one, and you are assigned one without you lifting a finger.

Cordex, allowing venders to code their merchandise sounds great; until you consider this: You say "my receipt says I purchased item stock number #19081234." They say, I'm sorry, but according to OUR books, that item is a 1911, not a Glock. Sorry. Nothing you can do about it. The listing must be something that both you AND them recognize and they cannot change on-the-fly. Otherwise, there is no recourse due to vagueness.

If the receipt said "Glock Model 27" that's a lot tougher for them to get out of then "Item stock #1089414" isn't it?

Preacherman
December 24, 2002, 02:09 AM
Blinkblink, with the greatest of respect, ol' buddy, I think you're worrying yourself into a hissy-fit over this when in reality, there's nothing much to worry about. Yes, the Government would be able to track things more easily: but they can do precisely and exactly the same thing with the Department of Homeland Defence and its plans to destroy our privacy by linking databases all over the place. Your system might connect the dots faster, but it won't do something that the Government won't be able to do anyway, with a bit more effort.

That said, I appreciate your concerns for user privacy, etc. It's great to find someone looking at things like that! But whether or not your system is implemented, our privacy is effectively down the tubes anyway. Go ahead and build the thing! (If you need it blessed before marketing it, my rates are very reasonable... if this makes the money you think it will, I might even operate on a commission basis!!! :D )

cordex
December 24, 2002, 08:43 AM
Cordex, what brass do you need? Next time I'm headed over there, I'll bring you brass! ;-)
.45 ACP, .357mag/.38spcl, .44mag/.44spcl
That should do it for me (the .44 is so I can shoot Kcustom45's 629)
Not putting in all those "extras" makes the system pointless; that's like not asking the car dealer to throw in the floormats for free. You think they are going to say no to a car purchase because of $50 floormats??
*shrug* Make the charge insignificiant. 1 cent per transaction or somesuch. You're already taking more than that in transfer percentages. Or just give the option for free. Allow them to make the choice between obscurity and recourse and whether you charge them or not and how much is a decision that can be made in the marketing department.
Cordex, allowing venders to code their merchandise sounds great; until you consider this: You say "my receipt says I purchased item stock number #19081234." They say, I'm sorry, but according to OUR books, that item is a 1911, not a Glock. Sorry. Nothing you can do about it. The listing must be something that both you AND them recognize and they cannot change on-the-fly. Otherwise, there is no recourse due to vagueness.
In this instance, the shop is obviously doing a great favor to the buyer. *grin*
But seriously folks. Some good points, but even your system cannot prevent totally dishonest merchants.
If the receipt said "Glock Model 27" that's a lot tougher for them to get out of then "Item stock #1089414" isn't it?
"We don't sell the full Glock 27 ... we just sell top ends. He ordered a Glock 27 slide and barrel - says right here on our sales slip - and that's what we gave him. Don't come whining to me because he thought we had to send it to his FFL."

It sounds like you're trying to provide anonymity and Total Information Awareness at the same time. I think it's really a choice of either/or.
I can tell you right now, I'm not playing what if's here. Guns aside, this would be the ultimate method of commerce. Because it has real world exits, and internet compatibility. This would mean, I can estimate and calculate your income tax "requirements" with a click of a button; this has very very far reaching effects..
How's that?
You can see how much I've spent on your system but unless you're going to push for this to be the only legal form of payment, money will continue to be earned and spent completely apart from TwoblinkTreasuryTransaction Co.

m.i.sanders
December 24, 2002, 03:27 PM
Twoblink

Just off the top of my head here, but could you not run this through a data scrambler that could be keyed by the vendor? The vendor could still ship a physical receipt with the merchandise for recourse and they would have the key to unlock the data in case they needed too. The gubment or some teenage script kiddie wouldn't find it that easy to peruse the data.

Blackhawk
December 24, 2002, 04:42 PM
Cash CAN be anonymous, but that's about it.

Go for it, and don't worry about the evildoers who will neither be enabled nor dissuaded by your system.

Stetson_CO
December 25, 2002, 10:06 AM
I think the pure anonimity, in part, would be borne by the customer. Like having thier address be a Mail Boxes Etc.

The only part you should even think about worrying over is the encryption. Once you have that down, let each customer worry about theirs.

You cannot be completely anonymous, not in this day and age, unless you are bent towards criminal activities already and have lots of fake IDs or you just have the money to buy by proxy.

My $#%#$%(encrypted) worth

c):{

BigG
December 25, 2002, 10:14 AM
Lissen to the capitalist, Twoblink. ;)

twoblink
December 26, 2002, 02:55 AM
Being born a Taiwanese; I'm Capitalist by birth!! :D ;)

Wildalaska
December 26, 2002, 05:54 AM
The privacy concerns you raise are the reason that your system will not catch on...at least in our lifetimes...

Cash is king....

If you enjoyed reading about "A "moral" dilemma." here in TheHighRoad.org archive, you'll LOVE our community. Come join TheHighRoad.org today for the full version!