By our friends up North at The Globe and Mail. Magnatune and Creative Commons are featured.
5:26:14 PM    

[Via Ole Eichhorn, via Dave Winer] Microsoft is noising around an anti-spam technique that would essentially create a cycle tax on each piece of e-mail. This is done by forcing a client computer that wants to submit e-mail to a server to solve a cryptographic problem of known difficulty set by the server, presumably by adding a challenge/response step in the mail protocol. To the normal sender of mail, the few second delay is no problem. For a spammer, it bogs down even networks of hijacked machines and reduces the flow of garbage into the network. There remains an interesting problem of the inter-server protocols, since replicating the same technique per message would become an egregious burden, but something must be done since hijacked relays are part of the problem. But there are a variety of options there: batching messages, trust networks among servers, throttled tiers of forwarding service based on the size of cycle tax provably paid by the originator.

This is one of the anti-spam options explored by a Microsoft Research project called Penny Black, named after the original postage stamp. It has the merit of creating a real cost, without requiring all the apparatus and problematic economics of a microtransaction infrastructure. Like Dave, I'll wait and see if it's a ploy by Microsoft to sink its proprietary hooks into the mail networks before I cheer too loud, but this does have potential.

Enough so to lead me to elaborate and speculate a little bit. One can easily see using the difficulty of the crypto puzzle to bias for or against users with various reputation levels, identity verification, or purchases of service tiers. Which leads me to recall an interesting protocol invented by Martin Hellman as a by-product of a project during my CompuServe days:

We had this little problem with users signing on with plaintext IDs and passwords. Less of an issue during the days when the network was proprietary and end-to-end, but more and more users were showing up over the open Internet. This we needed to fix, but without forcing the users to change their behavior, or deploying some expensvie infrastructure like PKI. Using a cryptographic challenge-response protocol would get around sending secrets in the clear. There remained the problem that most user-chosen IDs and passwords are vulnerable to dictionary attack, and almost all are cryptgraphically weak. So Martin, our consultant on the project, had the following good idea (it's patented):

Have the client, as part of the protocol, just make up a random number of set length and concatenate it onto the existing secret. To validate the exchange, the server machine has to cycle through all possible random values, but already knows password/ID values. This isn't an issue for a big host computer to do once per session. An outside attacker, on the other hand, is faced with the full complexity of the problem: The password/ID entropy plus added random bits

Sound familiar? Seems to me something of the same sort could be used to tune the Microsoft idea to allow a lot of other service and trust possiblities. The Hellman patent is assigned to AOL, so they can do what they want here, but I believe Martin also retained independent licensing rights. Others will have to invent around or talk to either of them. If there's any novelty in my observation here, I consign it to the public domain.

Update: Chuq von Rospach likes Penny Black as well, but is skeptical of its acceptance. He's certainly right that any retrospective fix of this sort suffers from the down-side of network effects: the tyranny of the installed base. He prefers a combination of DNS flags, whitelists, and data flow throttling as opposed to protocol hacks like Penny Black. These have the advantage of being implementable in increments.
5:16:31 PM    

Fred Smith pays $2.4b to to add copy shop store fronts to the Fedex fleet of trucks and air freighters. That may seem a bit retro in this day of virtual everything, but I think it makes sense. It gives Fedex a drop-off/pick-up business point of presence competing with UPS. Most US readers won't know that Kinko's has an extensive overseas business, especially in East Asia. And Kinko's has been one of the leaders in adding electronic facilities and services to its stores, giving Fedex a bit of a hedge against the encroachment of e-mail on the document express business.
10:14:05 AM