1996-02-06 - re Telecoms Bill

Header Data

From: “Michael Peponis” <mianigand@unique.outlook.net>
To: cypherpunks@toad.com
Message Hash: a53dfb65b887157e1d7f76ff7846cf2e963c5e85124620d3422a47ce8ec46a63
Message ID: <199602060924.DAA08571@unique.outlook.net>
Reply To: N/A
UTC Datetime: 1996-02-06 16:22:39 UTC
Raw Date: Wed, 7 Feb 1996 00:22:39 +0800

Raw message

From: "Michael Peponis" <mianigand@unique.outlook.net>
Date: Wed, 7 Feb 1996 00:22:39 +0800
To: cypherpunks@toad.com
Subject: re Telecoms Bill
Message-ID: <199602060924.DAA08571@unique.outlook.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Well, if "cypherpunks write code", is there any code we should be
>writing in response to this?

:I'm not familiar with SSL protocols, but something that would anonymize 
:web page access and keep it entirely encrypted (not just credit card or
:forms transactions) would be good.

I think the first problem would be how to hide a sites true location.  For 
example, if I have a domain called xxx.offensivestuff.org, how would I hide the 
sight so that while it is freely accessable to those who are looking for it, 
yet not allow a goverment agency to home in on the geographical locations via 
trace route.

I remember reading a number of articles about floating sites, the only problem 
is with the way Internet routing tables are structured, given that the site 
would constantly spoof different ip's to make it harder to track, or maybe even 
hacking some of the routing tables on the larger gateways, it could cause all 
sorts of problems with traffic.  ie domain xxx.offensivesutt.org has the 
routing information for www.fluffybunnies.com, but if xxx.offensivestuff.com 
moves, then that routining information is invalid. resulting in numerous 
broadbad broadcasts trying to determine the correct route to 
www.fluffybunnies.com.

Additonally, a number of bogus proxie servers could be set up to confuse 
traffic analysis in attempting to determine what the true endpoint of a 
transfer is.

At some point, the data could be encrypted by a proxie server, and sent to the 
final destination.  Thus just like e-mail is reordered by remailers, 
HTTP/FTP/Telnet connections can be shuffled around to foil analysis.

Of course, this approch would result in a slower connection and more packet 
hops.

:Encrypted/truly anonymous ftp would be nice (though some folx would 
:understandably have problems with truly anonymous uploads, and crypto 
:export restrictions in the US could be problematic legally).

Under the forementioned technique, it would not be problematic technically.

:I think there is already work on encrypted telnet (stel) by the CERT/IT 
:people.

I have seen an SSL telnet client source code on hactic I think.

:On the non-net side of things, implementing encrypted BBS/communications 
:and file-transfers is useful.  I'm told PGP-Phone is supposed to support 
:encrypted communications/file-transfers... so a host-script language that 
:enables a simple BBS would be nice.

I like this idea, but I am not sure how the laws work.  For example if a BBS 
had subscribers sign a voucher stating that they were not agent of a goverment 
agency, would it hold up? would lying constitue entapment?

If not, then yes, encrypting the data would provide protection becasue no one 
would be able to detect what was being passed.  under this approch 
 information gained by wiretapping would not be usefull.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMRau2EUffSIjnthhAQHnhgP/SgH4SA6yKRlkgnJ198jw2SBaZ5SqsNRF
YYtyHWeWcGqf30ghoe20Bvfug7oaJrB5jO+fqJ6DiL5Wp2onmWL6MTrReEpt7q1t
8ESRgyO/ndVDBhiQHWxLY1tynVBJxUbCrxvMHyPtpTIRXQtZsFlM6Iw8lndbnUbK
RofiuhFzDlU=
=n9n+
-----END PGP SIGNATURE-----
Regards,
Michael Peponis
PGP Key Avalible form MIT Key Server,or via finger





Thread