1992-12-23 - Re: Pax and .fi remailer

Header Data

From: Hal <74076.1041@CompuServe.COM>
To: CYPHERPUNKS <CYPHERPUNKS@TOAD.COM>
Message Hash: 85009e5fabc12cb859a24cdd81c125875302019d9fc9f2c3d2953343bd8947e2
Message ID: <92122316344674076.1041_DHJ35-1@CompuServe.COM>
Reply To: _N/A

UTC Datetime: 1992-12-23 16:42:59 UTC
Raw Date: Wed, 23 Dec 92 08:42:59 PST

Raw message

From: Hal <74076.1041@CompuServe.COM>
Date: Wed, 23 Dec 92 08:42:59 PST
To: CYPHERPUNKS <CYPHERPUNKS@TOAD.COM>
Subject: Re: Pax and .fi remailer
Message-ID: <921223163446_74076.1041_DHJ35-1@CompuServe.COM>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Yanek points out a purpose for a PAX-hidden remailer:

> You don't have to tell anyone that your remailer is behind the anon.100
> address.  You could just (anonymously, of course) announce that a
> remailer is running, and can be reached by sending message to the
> anon.100 address.  This way, no-one but the admins at pax can know
> where the remailer itself lives.  This could be useful in case 
> remailers are banned.

The problem with this, it seems to me, is that the address of this
"secret" remailer is compromised whenever it sends something out.
I could just send a "Request-Remailing-To: <me>" message to this PAX
anon.100 address, and then look at the return address when the message
comes to me from this remailer.  So again the anonymity provided by
PAX seems to be lost.

Now, one way to avoid this would be for the secret remailer not to send
its outgoing mail directly to the requested destination, but rather
always to insert one or other remailers into the chain.  I think it was
Yanek himself (or Dr. Z?) who suggested this earlier.  This might work,
but as was pointed out, if everyone does this we'll just get into infinite
mail loops.

Still, it might be OK if a well-known public remailer were chosen,
especially one that was likely to be relativelly immune to pressure.
I noted in the discussion of the anon.penet.fi remailer the author made
the point that it was running on a machine in his house, one that he
owned and used in his independent business.  So presumably his machine
is not going to be easy to shut down.

(My remailer, OTOH, is running as part of what is basically a guest account
on a machine which is to be used just for email and a little telnet/ftp
activity.  I figure that the remailer performs an email function, speaking
broadly, so it's OK under the agreement I signed.  But I'm sure that if
the admin received some complaints I'd be kicked off.  So I can't make
any guarantees about how long it will be around.)

(This would be another piece of information that would be useful in the
remailer database being constructed by Eric Hollander - some comments
on how immune the remailer operator would be to political pressure due to
unpopular or illegal messages.)

If this well-known machine guaranteed NOT to do this remail-via-a-remailer
outgoing step, then it could be used by less politically secure remailers
to protect themselves from pressure.  In such a system, Yanek is right
that a remailer could run completely anonymously.

Perhaps someone would like to start up a remailer which runs under such
a system.

Hal Finney
74076.1041@compuserve.com

-----BEGIN PGP SIGNATURE-----
Version: 2.1

iQCVAgUBKzhqjKgTA69YIUw3AQFNmAQAgioJMosbMCoit2XflfzK/wgIOkG8qBfG
JO3iTWRskVP5Gp43N1bs7W6YhgEXKWdJ/dqNoWrYV2/181zFhXh0xe7lsGifut1b
UQGW6DipYIMlW0TbNjhpiIWwAQChn/3NvTJtcBGL0GY3l4ZjMZFs2qBonc/Y1Boe
jWfWgQbHSXw=
=6y5/
-----END PGP SIGNATURE-----


Distribution:
  CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM






Thread