1997-10-06 - Risks of using usually-reliable information sources in your programs
Header Data
From: Bill Stewart <stewarts@ix.netcom.com>
To: raph@cs.berkeley.edu
Message Hash: e818ec1aaef265f0888994ed15dfe914ade3b20da47c86ff9c068a9125430b84
Message ID: <3.0.3.32.19971005191732.00688c2c@popd.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1997-10-06 02:34:00 UTC
Raw Date: Mon, 6 Oct 1997 10:34:00 +0800
Raw message
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 6 Oct 1997 10:34:00 +0800
To: raph@cs.berkeley.edu
Subject: Risks of using usually-reliable information sources in your programs
Message-ID: <3.0.3.32.19971005191732.00688c2c@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
I've been thinking about building remailers and cover-traffic generators,
and there's a need for a convenient up-to-date list of remailers.
Raph Levien's remailer pinging service is definitely convenient,
and even produces some of its output in perl for use by perl programs.
However, it's important to be really careful when depending on information
like this, e.g. when building it into programs, because otherwise it's
easy to trick them into using bogus data, such as the crudely forged
article sent to Cypherpunks earlier today. The natural implementation is
to pick the more reliable remailers based on "Raph"'s statistics,
so adding records for very reliable bogus remailers is a win.
The security would be improved if Raph signed the weekly file,
but that also requires people using the file to check it with PGP
and not just grep out the relevant lines for their programs' use.
>X-Sender: stewarts@popd.ix.netcom.com
>X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.3 (32)
>Date: Sun, 05 Oct 1997 18:06:56 -0700
>To: cypherpunks@toad.com
>From: Raph Levien <raph@CS.Berkeley.EDU>
>Subject: List of reliable remailers
>Sender: owner-cypherpunks@cyberpass.net
>Reply-To: Raph Levien <raph@CS.Berkeley.EDU>
>X-Loop: cypherpunks@cyberpass.net
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>ADVERTISEMENT: Proudly Sponsored by the Electronic Forgery Foundation,
>http://www.eff.com
>ADVERTISEMENT: Digicash Software - Download Today! http://www.digicrime.com
>
> I operate a remailer pinging service which collects detailed
>information about remailer features and reliability.
....
>recovery remailer@biglouie.fbi.gov ############ 0:01 99.99%
>payswell remailer@digicrime.com ############ 0:01 99.99%
>trustme trustme@trustme.nsa.mil ************ 0:59 99.99%
>mulder mulder@juno.com #*#*##*#*#*# 0:57 99.98%
Thanks!
Bill
Bill Stewart, stewarts@ix.netcom.com
Regular Key PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Thread
Return to October 1997
- Return to “Andy Dustman <andy@CCMSD.chem.uga.edu>”
Return to “Bill Stewart <stewarts@ix.netcom.com>”
- 1997-10-06 (Mon, 6 Oct 1997 10:34:00 +0800) - Risks of using usually-reliable information sources in your programs - Bill Stewart <stewarts@ix.netcom.com>
- 1997-10-06 (Mon, 6 Oct 1997 21:33:51 +0800) - Re: Risks of using usually-reliable information sources in your programs - Andy Dustman <andy@CCMSD.chem.uga.edu>