From: mpd@netcom.com (Mike Duvos)
Date: Thu, 23 May 1996 10:34:04 +0800
To: cypherpunks@toad.com
Subject: Re: The Twilight of the Remailers?
In-Reply-To: <9605221917.AA00675@nwk2_ocalsl>
Message-ID: <199605222008.NAA02211@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com> writes:

 Mike Duvos writes:
 >>  Contrast this with a DC-Net of boxes which can covertly inject
 >>  packets into the Net, in some untracable manner.  Now we have
 >>  no identifiable "Hal" to be harrassed, and no one for the
 >>  Clams to aim their lawyers at.

 > While this is a nice thought, it is incorrect.  You can't
 > "covertly inject packets into the Net, in some untraceable
 > manner."

You can temporarily modify router tables, spoof IPs and idents,
and leave few traces behind once the data has been transferred,
particularly if the origin is some obscure foreign location.

 > The output of the DC net is simply a block of
 > random-looking bits for each member of the net.  Someone
 > must XOR each of the blocks together before the message is
 > readable.

Correct.  But I was mentioning DC-Nets only in the context of a
mechanism for permitting the dispersed parts of such a system to
communicate with each other, without identification of a
particular node as being responsible for a particular action.

 > If the addressee is not personally watching the DC-net and
 > assembling all the blocks looking for a message, someone
 > else must do that and put it out on the Internet (via
 > e-mail, usenet, IRC, etc...).  That someone is the person
 > who is going to take the heat for the massage.  It is
 > exactly the same situation as with current remailers:
 > someone gets mail they don't like, they trace it back as far
 > as possible (i.e., to the remailer operator).  The last
 > person holding the 'hot-potato' gets burned.

The idea here was to have a large number of nodes, each capable
of injecting data into the Net in a manner which cannot be easily
traced back to an individual.  These nodes would talk to each
other using a mechanism which obscured both eavesdropping and
traffic analysis of their communications, a DC-Net being one
possible way of doing this.

 > Since it looks like the "everyone's a remailer" dream is
 > not becoming a reality, the key to successful remailers is
 > to make the *operators* untraceable as well.  If you can't
 > trace the operator, you can't hold them liable.  We have
 > discussed techniques for doing this before: cash paid
 > accounts, using dialups (possibly from a public phone).
 > The remailer must be a 'sacrificial cow' that can be
 > snatched up by 'authorities' at any time.

You could get the same effect with an instant anonymous account
that could be purchased with Ecash.  You would buy it on the
spot, send your mail, and forget about it.  For all practical
purposes, it would serve the same function as a remailer, and
steps could be taken to obscure the identity of whoever had
telnetted to it.

Another possible approach is the "remailing packets" one.  You
could set up a packet remailer which could be used as a universal
proxy server in some untouchable foreign location.  If we had a
"packet remailer in a box", these things could pop up all over
the place, live a short time, and be nuked.  Since the
communication would be real-time, concerns over reliability and
delivery would not exist in the same way they do for the current
system of remailers.

 > Because it takes considerable time, effort, and money to
 > setup and run a remailer that is untraceable to the
 > operator, there must be compensation. The solution is a
 > typical cypherpunk one: Digital cash postage that is
 > collected by the remailer, encrypted with a public key, and
 > posted to alt.anonymous.messages.  Our untraceable remailer
 > operator sits back and collects the cash until the remailer
 > is forcibly shut-down.  Then he starts up a new one
 > (assuming this is profitable).

I don't think most people are going to pay to remail.  Or, to put
it another way, the types of traffic people will pay to remail
are those no remailer operator will want to touch with a barge
pole.

 > The age of remailers with publically known operators is
 > drawing to a close. Basically the only missing link is the
 > digital postage.  If we get that, then being an anonymous
 > remailer operator could be the first cryptoanarchist job
 > that basically anyone can get and where you can collect
 > money completely untraceably and tax-free.  To me that seems
 > like a big step towards the future that many of us have been
 > discussing for the past few years.  A very exciting
 > prospect.

Perhaps.  Time will tell.

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $