July 29, 2010
The difference between 0 breaches and 0+delta breaches
Seen on the net, by Dan Geer:
The design goal for any security system is that the number of failures is small but non-zero, i.e., N>0. If the number of failures is zero, there is no way to disambiguate good luck from spending too much. Calibration requires differing outcomes.
I've been trying for years to figure out a nice way to describe the difference between 0 failures, and some small number N>0 like 1 or 2 or 10 in a population of a million.
Dan might have said it above: If the number of failures is zero, there is no way to disambiguate good luck from spending too much.
Has he nailed it? It's certainly a lot tighter than my long efforts ... Once we get that key piece of information down, we can move on. As he does:
Regulatory compliance, on the other hand, stipulates N==0 failures and is thus neither calibratable nor cost effective. Whether the cure is worse than the disease is an exercise for the reader.
An insight! For regulatory compliance, I'd substitute public compliance, which includes all the media attention and reputation attacks.
July 16, 2010
Perspectives: the difference between the 1990s money guys and the 2000s p2p guys
And, only because I wrote it in the same thread as Zooko's post, here is a retrospective on how the 1990s payments startup guys saw life, as compared to the 2000s p2p generation.
On 18/06/10 12:27 PM, Serguei Osokine wrote:
> > In fact, I thought that this was exactly the hint that Zooko was
> > dropping with his question about MN history. Was kind of surprised
> > to read all the serious history descriptions that followed - though
> > enjoyed them anyway... :)
:) Maybe to add to your surprise, there was a serious history! Perhaps a little more background will help.
In the late 1980s, a guy called David Chaum invented a cryptographic form of cash which he called digital cash. His invention was a variation of the RSA formula that allowed a transfer of something from one person to another, that a third party could prove as valid, but not track the transfer. This allowed the third party to be an issuer of value, and users to transfer coins without being traced.
Continue reading "Perspectives: the difference between the 1990s money guys and the 2000s p2p guys"NewGenDosh: Flattr
Editor's note: Zooko writes in p2p-hackers forum, and editor gladly copies:
That there is also a new generation of interesting payment systems including The Love Machine and Flattr.
I think Flattr is very interesting. Founded by founders of The Pirate Bay, they do several things that are very promising:
1. The marginal cost to you of clicking on someone's "flattr me" button is zero. This is due to the scheme of subscribing to Flattr.com with a monthly fee and then at the end of the month your money gets split among everyone whom your clicked on. This is the most promising solution to the problem of "mental transaction costs."
2. The pitch is that this is a way to express love to people. ♥ > $
3. Look: content! It is very easy to find things to love on the flattr.com web site.
This has a lot in common with the "tipping" feature that we advertised as a future feature of Mojo Nation (e.g. it features prominently in the write-up of Mojo Nation in The Economist). (Inside Evil Geniuses For A Better Tomorrow we called that feature the "Pay Lars" button, in honor of a certain musician who had publicly criticized Napster for depriving him of well-earned income.)
From a historical perspective Flattr is a fascinating example of the evolution of ideas. The founders of The Pirate Bay are probably intimately familiar with BitTorrent, but as far as I know, they are unfamiliar with anonymous Chaumian digital cash. I wouldn't be surprised if they got the idea for Flattr from their experience with BitTorrent and basically observing that there was a "hole" in BitTorrent where micropayments could go. :-) Does anyone know the inside story on how they got the idea for Flattr?
Regards,
