From: Brad Templeton (brad@templetons.com)
Date: Wed Jan 17 2001 - 12:49:41 CST
On Wed, Jan 17, 2001 at 12:12:00PM +0000, Charles Lindsey wrote:
> In <yl66jfuslb.fsf@windlord.stanford.edu> Russ Allbery <rra@stanford.edu> writes:
>
> >I can see some benefits to privacy to taking your approach. I think it
> >would degrade the usability of the medium for that to be the default, used
> >by administrators who have no clue what they're doing and who won't be
> >able to decode even lightly encoded tokens with the help of news server
> >documentation. You might say that such people shouldn't run news servers,
> >and I might even agree with you, but that won't make them magically
> >disappear.
>
> >I do want the capability to be there so that sites that do know what
> >they're doing can turn it on. But I think that the current semantics are
> >a very reasonable default. People who care a lot about privacy can use a
> >news site whose administrators know what they're doing and therefore can
> >handle having the fancy encoding stuff turned on.
>
> Exactly.
History has shown that this approach generally results in the undesired
result, that most people have no privacy. The above argument *seems*
logical in theory, but the difference between theory and practice is larger
in practice than it is in theory.
Again, read Lessig's book, it's pretty good at laying this complex issue
out.
If you say the default should be the raw IP address, 99% of sites will put
in the raw IP address because it's easy. Privacy is constantly shown
to be something that everybody says they strongly want, but which they
don't inconvenience themselves much to get because the negative consequences
of lost privacy usually come well after the choice.