From: edgar@spectrx.sbay.org (Edgar W. Swank)
Date: Mon, 25 Apr 94 06:47:46 PDT
To: Cypherpunks          <cypherpunks@toad.com>
Subject: Remailer Musings
Message-ID: <cD9BLc3w165w@spectrx.sbay.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Philippe Nave posted:

    The recent posting by Scott Collins about his remailer and the
    copyright incident illustrates several problems with the remailer
    system as I see it.

    In my mind, then, the solution to these problems requires
    remailers that leave *no trace* of message origins, including the
    address of the remailer itself.  If this is not possible, then I
    for one will employ other means for anonymous communication.

No matter what the remailer operator does, the node he sends remailed
msgs -to- is going to add a net header revealing where the msg came
- -from-, so absolute untraceability seems impossible. But there are
some things we could do to make tracing more difficult.

Although we can't effect the net headers added -after- we forward a
msg, we could certainly add a chain of fictitious net headers to
the msg -before- we forward it (after removing the real net headers
which is done already) which would indicate a false location for the
remailer, leaving the real remailer node appearing as only an
intermediate net node.

The last fictitious node could be a UUCP account which always calls
you to exchange mail, so all the info in your UUCP map could be phony.
The person offended by E-mail can come to you and you can pretend to
cooperate by giving him the phony info.  If he comes back after his
wild goose chase, you can say, "you mean that SOB gave me a phony
address, etc.?  Thanks for letting me know; I'll cancel his UUCP
account immediately!" Then just change the phony net chain to
something else.

Another technique is to receive mail to be forwarded at one address
(the public remailer address) but forward it from another. This is
easy to do with two (or more) UUCP accounts.

The remailer operator himself can have a policy of accepting UUCP
accounts and not checking the phone number or location.

Finally, it's a good thing to have remailers in different national
jurisdictions. Currently the only Cypherpunks remailer not in the USA
is

   remail@extropia.wimsey.com

in Canada.  We need more remailers in more countries.  Places like
Hong Kong or Russia, which don't give a shit about copyrights. Denmark
or Holland, which don't give a shit about kiddy porn.

-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLbrpPN4nNf3ah8DHAQEIxAP/bqWudrEHbmOZ+o/4VPHxjsDFw/Nih7TA
SKffoFH035kXvFR6gDRVX3KErb77XhH9GJ2qcKXKZNt62Cfzpofdc4WOqXMK/syZ
NuaKx0PIbO0Hqq34XpZ9xX6pgSOO+L1flREjt2kIaSO78OVBFgryqrgOFSg7Hm29
3BF6bqkKIDQ=
=f4bg
-----END PGP SIGNATURE-----

--
edgar@spectrx.sbay.org (Edgar W. Swank)
SPECTROX SYSTEMS +1.408.252.1005  Cupertino, Ca