[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cryptography] Paid SMTP (PSMTP)

2018-02-28 20:53 GMT+03:00 John Levine <johnl AT iecc.com>:
In article <CACMCW-MX+E4t1feHg9xipKn6V1S4ASZS4wA4ifKoK5cL3wY_7A AT mail.gmail.com> you write:
>Anyone who is not capable of installing, filling, using a crypto wallet
>cannot be a part of PSMTP. They can continue with SMTP. Granma can keep
>mailing her granchildren in SMTP.

Oh, sorry, I misunderstood.  If you want a tiny walled garden for
crypto nerds, sure, go ahead.

But you might want to look at Bitbounce, an extremely annoying venture
funded version of this WKBI.

Cryptographic wallets will make it to the mainstream soon. It is not visionary to imagine all smartphones equipped with a wallet in the near future. If you consider P-SMTP as a solution for the past, or even today, it fails. If you consider it as a solution for the future, the whole thing changes.

Think of a very near future where private key based apps running in TEE on mobile devices and PC's is ubiqutous. This month, I will start development using a SDK that gives me access to TEE on mobile devices. Did you know that it existed today? Well this is a totally different story than that in the past. We should use this opportunity to fight spam. It is obvious that forcing the spammer to crack private keys in end-point TEE is raising the bar so much that spam will be out. Such a skilled attacker will no longer be called a spammer. Therefore, I request you, someone remarkable in the anti-spam camp, to think about a cryptocurrency-wallet based solution to spam. 

Thank you for Bitbounce recommendation. I read their whitepaper. Here are the issues I found at first glance.
(i) They offer a complicated scheme of paying various amounts to various people, important people asking for more money to accept your mail, even more to respond, not providing a solution to guaranteing that it is the famous person that is really taking time to write the reply, rather than a secretary and/or bot. 
(ii) The main problem is adoption. The spam problem is the problem of the entire Internet. I expect a wide consortium of the ecosystem led by IETF (or the like) to achieve a successful attack on spam. If we can get Google, Microsoft, Apple, Yahoo, etc. on board, I think adoption is possible. Integration with current mail clients and services is key. We are lucky that a handful of companies provide the vast majority of mail clients/services. Adding companies like Facebook, Linked-in, Twitter, etc. can be interesting. The adoption problem cannot be solved by a desperate, small ICO trying to make money competing/fighting against animals of same size.
(iii) Their token is ERC20 based and this obliges them to rely on Ethereum. This causes a scaling problem. They acknowledge it. They say they hope blockchain sharding will be implemented by core Ethereum team some day. This would not be enough of course. The basic problem is decentralization. POW is horrible and POS is not enough. They are aware of that as well and claim that they can think of off-chain solutions. They think of moving to another blockchain like Tezos if Ethereum fails. My proposal stays away from decentralized blockchains. I cannot understand why the experienced developers on board decided to rely on Ethereum. What an obvious design mistake! Probably they were after token sale and ERC20 was the most popular way to get funded. This design choice proves that they did not believe in wide adoption in the mid term.
(iv) they have a hopeless adoption scheme. Spamers can expoit it to get incentives to distribute bitbounce to sybil accounts. They do not provide a solution to this problem other than using buzzwords like KYC. Well, even I wouldn't be that naive to call for KYC to fight spam:)
(v) proprietary, closed source, patent applying approach is not the way to fight spam.

They have a good team though. Having Tim Draper as an investor is interesting. The technical team is cool and experienced. They are on right track on sharding bitbounce DB to scale. They have completed their ICO stage successfully. I believe they will fail to fight spam, however, I'll try not to underestimate them.


The cryptography mailing list
cryptography AT metzdowd.com