As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options
A non-anonymous Internet
ege02
__BANNED USERS regular
__BANNED USERS regular
Anonymity is the enemy of civility. The lack of accountability it brings is a problem.
I was having a chat with one of my professors the other day, and we started talking about the nature of the Net. We both agreed that making the Internet an anonymous place was a truly dumb idea.
Let's take a look at what the anonymous nature of the Net has given us:
- Online services, especially e-commerce and auctions, working poorly because of theft and fraudelent bidding.
- Email is falling apart, largely because of spam.
- Newsgroups and other discussion environments are being ruined by people who show up to rant, rave, spam, and otherwise distrupt useful conversations.
- Information exchange is increasingly compromised as a result of anonymous rumors. Online stock tips, national news, the decision to go to war... they all become suspect when we can't tell who said what.
The real world analogies of these do not make sense. Imagine a work place where everyone came in wearing masks, took anything that interested them, said anything they wanted to say, and then disappeared. You wouldn't know who said or did what. Nothing would ever get done.
Or you're auctioning your 100-year-old piano, and the room is full of masked people who yell their bids. How could you trust them?
What if we built a parallel Internet where no one is welcome unless they have a verifiable identity. This would require everyone to take responsibility for their actions if they want to participate.
No more email spam, because we could trace it to the individual who sent it -- and send them a bill with the costs incurred. No more trolls. No more thefts. No more dumb rumors -- or at least you could know who said what and know what to believe.
Privacy vs. Anonymity
But, you say, doesn't such a non-anonymous environment jeopardize our privacy?
It wouldn't. You could still be private in your dealings; only the necessary parties would have the ability to look you up (because, analogically speaking, they are outside the room). Jon Smith down the street wouldn't know that you bought that Astrolube for your wild sex parties. But you, for example, would know who I am, because we're here having a conversation.
The real world is an example of a place where we have a reasonable amount of privacy, yet we can still be accountable for our actions in day-to-day life. That is, in fact, how modern society is able to operate. If we can do it in real life, why can't we emulate that online?
Anonymity and Freedom of Speech
What about freedom of speech?
Same thing. We can have a non-anonymous Internet and still make it so that our freedom of speech laws apply to the online medium. You can still say whatever you want -- except this time, you can be held accountable and someone can trace it to your person.
--
Thoughts?
Which Internet would you visit, the anonymous one, or the one in which everyone is secure in who they are dealing with?
Personal opinion: sure, there are times when being fully anonymous is nice, but overall I find it to be more of an annoyance -- or even frustration -- than a convenience.
ege02 on
0
Posts
EDIT: As an additional point, the idea that we could have a non-anonymous internet is essentially going to be security at it's worst - there will always be a way to anonymously connected (i.e. operate under a pseudonym) but because people assume what they see is not necessarily anonymous getting away with it will be that much easier.
EDIT 2: And a further point is that technically the ability to operate with a verifiable identity (which is really what you're talking about) has existed for decades. One of the features of PGP and other cryptography programs has always been the ability to digitally sign email against a verifiable public key. Sure, you don't know specifically who I am but you know the communications is coming from the same source.
I'm sure it does.
There's no need for a parallel internet. Website and forums that want no anonymity could achieve it. Require detailed information/CC # for anyone who signs up. I doubt it's something a lot of people would go for.
A more practical suggestion might be that multiple companies create a shared database of users which extends into other services. For example, in order to play online, you must have a proven account with one of their associated company databases (Amazon, etc) and any marks against you in that game would also count against your business account, which is irreplacable. The real problem with this is that most databases identify individuals by email addresses, which as we know are useless as long-term individual identification. Databases would have to switch over to using global ID numbers, since not everyone has a social security number in the world...
However, such an invasion of privacy would probably not go over well in our current society. It would take an extreme crisis for anyone to even think that the mild inconvenience of jerkoffs is worth giving up our current privileges. Besides, there are better things to worry about/spend money on/create beaurocracy for than mister fuckwad on Halo 3.
On the black screen
Dissident A criticizing the the government or whistle blower B would sure LOVE to be "held accountable" and take comfort that their comments could be "traced to their person"
What about newspapers? You can send a letter for "letter's to the editor" or opinion pieces without any identifiable information, allowing you to express what may be an unpopular opinion without reprocussion.
edit: also with the current internet you CAN have what you want. Create a website that requires you verify your identity and require real name's and contact information. Voila!
Wait....why isn't anyone signing up?
I wasn't aware that auction-houses required bidders to give their names and details prior to bidding.
C) No-one is forcing you to trawl through internet message boards. If thine eye offend thee, pluck it out.
D) People would still be assholes even if you knew where they lived and what their name was. Get into an argument with an acquaintance/friend-of-a-friend at a dinner-party about a contentious issue and see how long it stays civil and pleasant. The world doesn't end because people have differing opinions which they express publicly, and accountability doesn't remedy hurt feelings or human stupidity. Stop being such a wuss.
But that's not how the internet works, particularly in the areas where what you describe costs interested parties money and/or status.
You've never been to an auction, have you. Anon bidders, proxies, and random shenanigans are par for the course. Also, online auctioning doesn't work like that. Again, how is this different to RL?
Go for your life, it'd probably do quite well for about a month before someone cracked your system.
That would never happen. It doesn't happen in real life, you'd never manage to make it reality in an online realm. Even specialised hardware could be fooled.
Firstly, you can;t guarantee that; secondly, I know who you are. You're ege02. We're here, having a conversation. I don't need to know where you live or what your mum wrote on your birth cert for that to take place.
Do we? Because I think the existence of RL fraud and stalking counter this point nicely. Some people take advantage of the level of anonymity afforded to meatspace and use it to do awful things, and often we aren't adequately protected against this in practice or even in theory.
We can't!
This is dumb, you and your prof sound like somebody's granddad raving about those dang intertubes and the sinister folk at the other end of them.
You say that in your normal dealings with people, you're not anonymous. It's worth noting that your normal dealings with people also cannot be searched by the untold billions on the earth.
Even with just a name, in this country, it's not difficult to find an address or phone number with a little context, and any more information simply magnifies the potential for abuse.
And what's the advantage? The loss of anonymity won't stop people from ranting, raving, and being jerks. Spam and bots might get a little more difficult, but each time you increase the information required to verify your personhood, there's a little more that can potentially be exploited.
Except that PGP does not guarantee a verifiable identity, for specifically the bolded reason. There's nothing stopping multiple people from using a single PGP keys, nor is there anything stopping a single person from using multiple PGP keys, nor is there any kind of tethering at all of a PGP key to an identity or business. The web of trust does not satisfy any of these requirements, as all it requires is a single individual to start verifying public keys willy-nilly for the whole system to crumble. PGP is fundamentally not an identification system, it's an encryption system. Apples and oranges.
Honestly, the lack of deep infrastructural identity verification is AFAIC the Internet's Achilles' heel. I mean, it makes sense on one level - most of the technologies that make up what we call "the Internet" were built with flexibility in mind; anybody could connect a device at any point on the network and use that device to communicate with any other device at any other point. In some ways, identity verification is anathema to the principles guiding the fundamental technology. That was fine when the only people who had physical access to it were already vetted as employees or students of a major institution, but when it opened up to the general public and anybody could throw up an SMTP server anywhere he wanted... well, as you know, all hell broke loose.
And I fully agree with your identification of the problem. Just because we're used to the problem (spam, fraud, etc.) doesn't mean it's not a real problem. But it's also a problem without an easy answer, which I'll get to in a second...
I don't see this as a privacy vs. anonymity issue; I see it as an infrastructure vs. endpoint issue. Right now, (with the exception of website SSL certificates) the infrastructure provides absolutely no method by which identity of a site or sender can be verified. This means that it's up to the people at the endpoints to kludge on an identity verification method.
...and I do mean "kludge" in the harshest sense of the word. It's up to website operators, auctioneers, email admins, etc.; to start with fundamentally anonymous connections and wrap them up in a system to make them non-anonymous. I think it's pretty clear how this is ass-backwards; you're trying to pile trust on top of an untrustworthy foundation.
The ideal system would be one in which identity information is stored in every packet transmitted and is carried from endpoint to endpoint. It would have to act basically as a layer on the OSI model immediately below the Application layer, ignored by the lower layers by default but occasionally verified by various relay points (ISP routers, firewalls, etc.) performing verification in much the same way some devices perform stateful packet inspection. That way, the infrastructure carries a header indicating who the packet is from, and it is up to the app to determine what to do with it. If a website or service wishes to provide anonymity, they may do so by stripping or obscuring the identity info coming in. If they do not, they do not have to.
This is basic common sense: it's better to start with more information than you need and drop that which is irrelevant than to start with less and try to fill in the blanks later.
But what complicates this, at least right now, is how do you verify in the first place that the identity info being transmitted is actually correct? How do you verify somebody's identity, in a way that would work for every possible user of the Internet? Driver's license? Not everybody has one. Credit card? Not everybody has one. Not everybody has identity documents at all. Would lack of verifiable identity documents mean that some kid in the third world who's getting Internet access in his village for the first time basically mean he was quarantined in a non-identity-secure ghetto of the net? And of course you're looking at issues of forgeries, identity theft, lost documents, etc.
As enormous as the technological complications are, the social complications are several orders of magnitude larger.
the "no true scotch man" fallacy.
This is exactly what people do. It's how secure online services work, how webmail works, how this forum works, even.
The only difference between what we have now and what you seem to be suggesting is the degree of disclosure required. I don't see any reason why (for example) the forums should have access to my name and street address. My identity can be verified to the extent required to hold me accountable for my actions on the forum. That is to say, I can prove that I'm the person that set up this account, and if I break the rules, I'll get banned.
Admittedly I do subscribe to a forum that is relatively area specific and extremely open where I have met many of the members in person and it is a great place where everyone is courteous but it's rather boring especially since everyone got so paranoid due to the lack of anonymity.
Also, the plausibility of even making the internet non-anonymous is very remote. The only real way to ensure that people are, for the most part, honest would be government regulation. However, it's an international entity, so regulations would be based on individual country policy, and getting them to agree, as much as it would be awesome, on a set policy, I just don't see that happening.
Isn't that what we're REALLY talking about?
I'm not sure I understand what you're getting at.
You wouldn't go to a doctor having discovered it was him who was swearing at you last night during TF2 or something would you?
However, what would be wrong with a network in which any one person could only have one name. Their name is their one and only usable login no matter what site they visit. Privacy could be maintained, while still achieving greater accountability.
The only theoretical problems I could see are issues with something of a banlist eventually forming, where being banned for a ridiculous reason gets you banned from a great number of other websites, which share the banlist.
Alternatively, a system could be enacted which is connected to our already existing network. It would keep a database of verified individuals, and websites could use a sort of verisign feature for the verified users, or it could only allow verified users access. That would eliminate the issue of trying to rebuild an entire physical network.
The image of society contained within the OP is, I'm afraid, laughably narrow.
Sure, it's a good idea, and not so different from these forums, or the kinds of places where people use public crypto-keys. Just so long as it's not a government in charge of it, or any of the other lovely organisations that treat people like objects.
Having decentralized authentication lowers the risks of having your identity stolen. I like it that if someone inadvertently came to know my forum password for example, he does not really come any closer to knowing who I am than knowing my e-mail address. I'm sure there is an almost perfect way to have secure centralized authentication, but you can't trust anyone enough to make that system reality.
Identification should always be voluntary. I do not like it one bit that some countries are requiring people to have identification on them at all times. You might as well get it over with and tattoo people with bar codes or implant them with RFID chips.
Exactly. Insufficient anonymity generated by stuff like Facebook and its currently-inherent inability to allow you to tailor what info other people can see on your profile sufficiently is leading to rampant cases of TMI (like, you really can't have a fun profile and a professional one; you just have to only let work people see the limited profile and clamp that right down. We're judgemental little fuckers, and as a result people are being held back by others over things that shouldn't be relevant all the time.
Oh, crap. She's right. Humans are sort of bad about that.
Thinking on it, it probably isn't the anonymity itself, but the completely unattached state from real human contact or affairs. A monitor just isn't the same as a real crowd. Also, humans are, on average, pretty bad judges of the consequences of their own behaviors, if my knowledge of sociology is accurate at all.
A less anonymous internet would probably see only slightly less asshole-ism, and just many more problems and celebrity news stories... lawsuits...
I don't see the appeal in a world where people are afraid to say what they think because someone might show up at their door with a baseball bat.
A much more simpler system would be to enact a tax or surcharge on email....per email. It could be a penny or less per email. Legitimate business (I know we generate approximately 1000 external and 5000 internal emails a day, and were a communications firm so we are at the high end) could still conduct business fairly simply, especially if you make bulk rates for legitimate business of like 3 or 4 tenths of a penny. But what it would instantly stop is the ability for junk mailers to start up and do business on minimal capital. Want to send a million emails about penis enlargement? 10k$. 10 million emails (which is the standard that comes out of most spam servers every day)...100k a DAY. It would end literally overnight. And all taxes collected could go to subsidizing infastructure, plowing it right back into the hardline upgrades that make the internet possible.
And this is from someone that believes taxes are just above pedophiles in likeability. There are just so many better solutions to solving "spam" than trying to make the net less anonymous. It already isnt that anonymous...with a little bit of skill and software you can pretty much find where anyone is banging away at there qwerty...you dont need any more identifying marks than that. IP is a wonderful system that WORKS. Why try to fix it when it aint broke?
$10K for someone making hundreds of thousands per scheme just isn't going to cut it, completely leaving aside the fact I have some serious doubts about how enforceable something like that would be. I'm not an expert in network theory, but I can't think of any way to limit email only to those services that have paid taxes without routing all email through a centralized monitoring system, and THAT is a whole other bag of trouble.
So . . . cheers.
I can go on forums and discuss things with people anonymously. This means I can be totally free to express my opinions without fear of reprisal. It also means that I cannot discriminate against people I talk with, I dont know their race, religion, gender, age, sexual orientation, nationality, etc. All I get is what they say, which in a conversation, is all that matters.
And if you dont want to be anonymous? Well, feel free to use your real name. Which I note that nobody on this forum uses, including ol ege there.
I get net from Verizon. I get email from MSN. My email is free. Verizon has no idea what I do with my email, and adding a tax-only bill from MSN seems stupid.
Yes, but you have a free email service. I can probably guess that you dont try to send out more than a couple hundred emails at a time, and probably dont send out more than 1000 per day. Thats why you would pay for Business class email..... you get an actual mail server, either your own box or a hosted one, that is capable of sending and recieving large ammounts of email....and you pay for it. Free email would still probably be free, because you dont use free email to spam....the free email services prohibit it with their own mail servers. But once you take that server over for a fee, you have the ability to spam large quantities of data to a mailing list.
So, your MSN would still be free. But as part of your deal with Verizon, if you exceed your "joesmith@verizon.net" message cap of say 500 emails a day, Verizon will put a cap on it or limit the mail server resources alloted to you(hypothetically) and youll probably get an advert in your inbox for their business class mail. Thats why it is free. They limit the ammount you send/recieve so you cant use it for that, and it justifies the limited revenue they get from ads for the free service.
Again, like so much related to taxes, the devil would be in the details. But your aol/verizon/msn/gmail would still be free. And unless your sending an ungodly ammount of mail, you wouldnt be any worse for wear if your running a business either. I mean, we plop down almost 300$ a month for hard copy shipping, and Im sure double that for our mail server.....paying another 100 month for basically an email version of certified mail would hardly break the bank, and like I said we send out more than an average business our size.
From a social perspective, which I think is ege's central problem, I think it's pretty much fine as-is. In actual communities, such as this one, moderation is going to be present to actively weed out flat-out trolls and really disruptive posters. Additionally, people really establish their own identities on forums, generally in fairly short order. Ege02 is, for instance, a Turkish narcissist who lives in Seattle. The Cat is an outspoken and aggressively opinionated Aussie feminist. El Jeffe is a fading conservative family-man from Sacramento. Whether these things are actually true of the people who post under their respective screen names is basically immaterial in my view.
So ege has expressed some frustration with the "big talkers" and "internet tough guys" who wouldn't say the things they do in public to relative strangers. I don't really regard this as a problem. The level of semi-anonymity given under the forum system is enabling in a lot of ways. The Cat has intimated that in real life, she's rather a shy person - but this forum gives her the opportunity to express her opinions in a forthright manner. _J_ is, in real life, generally confined to his hugbox, but on D&D he's able to mix with other people and talk about the definitions of words and so forth.
/Thread over.
Yeah, that works too.
Stuff like usernames don't work, because once one gets a bad reputation -- and kicked, banned, etc. -- you can go and get a new one.
Even IP banning doesn't work because public computers and IP addresses (through wireless access points) are widely and freely available.
You use one email to spam people with your business deals, and another one for professional contacts. You can get away with it at no cost to yourself because email is free, and there is no way people can charge you for filling up their inbox with nonsense.
Basically I dislike the fact that the Internet allows people to have multiple personalities that can be scrapped and renewed at no cost and very little inconvenience.
Give everyone one username for connecting, and they use it for everything. If John says some racist shit on the PA forums that also happen to be read by his boss, he's screwed because it's the same username he has on his email address. If I spam your email with junk, you can talk about it in your blog and everyone -- people on forums I visit, people I do business with on eBay, people whose blogs I comment on -- will know. You will be accountable for your actions.
Yeah, on second thought, this online username can be completely separate from the person's real identity. You're still safe from reprisal in the real world, but not online.
Strikes me as swatting a gnat with a bazooka.
It's a large part of the reason a lot of people don't like facebook, and a large part of the reason lots of people get in trouble, or get job applications rejected, for stupid things on their facebook page. There are a lot of things people should be allowed to do which they may not want everyone to know about, and there's really nothing wrong with that.
I could possibly see a system where everyone has a one key, shared between many sites, which can be accessed by administrators only, and banned accordingly. Perhaps you'd only allow emails from people using a key, and send an automated message back instructing the person of that fact.
The only trouble is making it difficult enough to get a false/secondary key without making it too much of a hassle or security risk for most people to obtain one in the first place. I wouldn't assume passwords are secure enough for something like this (considering how the masses tend to treat their passwords) but it's hard to come up with something more secure that people would really use.
I'm certainly no expert on the subject, so feel free to come up with better ideas, or improve this one.
It seems you're obsessed with "putting people in their place". So what if a guy acts like a jackass, has a change of heart/intelligence/epiphany and decides to start over with a new alt/username? If they show up and don't act like a jackass, there's no way for you to know it was them anyway. If they do show up and act like a jackass, they'd be banned like anybody else. And then the mods would discovered they were an alt after looking at IPs and just keep an eye out for a re-register from that block.