From: Ian Farquhar <ifarqhar@laurel.ocs.mq.edu.au>
Date: Mon, 11 Jul 94 13:52:14 PDT
To: ebrandt@jarthur.cs.hmc.edu (Eli Brandt)
Subject: Re: Supposed NSA turncoat reveals monitoring of anon remailers? >pshah!<
In-Reply-To: <9407111855.AA08055@toad.com>
Message-ID: <199407112051.AA28356@laurel.ocs.mq.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


>> > From: an109803@anon.penet.fi
>> > I am a pro-privacy political sabatour within the NSA.
>> > [ . . . ] We are able to trace 70% of all messages.

>A saboteur within the NSA is going to send a message that he just
>said has a 70% chance of being traced?  Yeah, righto.  I'm sure they
>do monitor overseas data comm (that's their job), but this looks
>more like a friend pulling a prank on the guy.

Of course, there is an amusing side to this.  As a matter of course,
they'd probably have the originator investigated (just to make sure
he had no contacts or association with the NSA outside of his imagination),
which might be rather unpleasant for him now or if he ever needs a
security clearance.

In reality, tracking the use of anonymous remailers should be fairly
trivial for the NSA if the traffic passes through an US/International
gateway (and can thus be legally observed under the NSA's charter).  
The majority of remailers do not encipher the output in
any way, and even those which do would leave enough traces (eg.
comparable sized messages being seen shortly afterwards, simple
patterns emerging using traffic analysis) that would reveal the
mapping fairly quickly.

On the subject of network monitoring, Bruce posted a copy of an NSA
technology transfer which described a database searching algorithm
that looked fairly sophisticated (I don't have the actual posting
handy.)  Did anyone (Bruce?) obtain a copy of the algorithm, and if
so, were there any distribution limitations on it?  It looked like
just the thing that the NSA would use as their "watchword" scanner,
and even if not, it looked like a very useful design all the same.

							Ian.