Message integrity is an often-overlooked problem for much the same reason that it is not generally recognized that the expression doctrine is dead. The technical ease of having an intelligent medium modify the message en route is not like anything in the past. Previous attention to message integrity has mostly been focused on the physical threats, because to modify a message required a physical change. This can be seen in the "locked briefcase handcuffed to a guard" model, which guards solely against physical attack. This is no longer the case, as messages can be both intercepted and changed without physical access. As tempting as it is to try to resort to physical metaphors, such an approach is as doomed to failure as it was in the expression case.
Throughout this chapter, the assumption is that the sender or the receiver does not consent to the changes made to the message, and thus that there is a third party involved in making the change. If both sides agree to a change, such as in the example of a newspaper digesting a press release instead of re-printing it directly, or informed consent to one of these technologies by both sender and receiver, then there is no issue.
Because of the difficulty of even conceptualizing non-physical integrity attacks under the past frameworks, it has been very difficult to explain the extreme danger such things pose. I know from personal experience that the metaphors alluded to previously are doomed, because they have never worked for me, despite a lot of time spent(/wasted) polishing them. The issue of message integrity is much more easily handled in the Concrete Part/Human Perception model.
 |
First, there are two aspects to message integrity, one pertaining to each side of the dividing line in the figure. The left side is very easy to deal with.