From: Daniel Ray <root@tnl.com>
To: cypherpunks@toad.com
Message Hash: b7687a164f94b34f71f04f40bcf14e43c2dc85eeb00bf8f4cd1c02d30b55ed66
Message ID: <9301150402.AA07973@tnl.com>
Reply To: N/A
UTC Datetime: 1993-01-15 11:36:22 UTC
Raw Date: Fri, 15 Jan 93 03:36:22 PST
From: Daniel Ray <root@tnl.com>
Date: Fri, 15 Jan 93 03:36:22 PST
To: cypherpunks@toad.com
Subject: need for more anon remailer sites
Message-ID: <9301150402.AA07973@tnl.com>
MIME-Version: 1.0
Content-Type: text/plain
With the shutdown of PAX, if we are not going to roll over and let this type
of site go away, what we need is a large new group of such sites.
20-50 or more anonymous remailer sites that each gets used randomly and
occaisionally, with usernames that are not obvious such as "anon432", both
in the U.S. and elsewhere in the world, are whats needed. the list of sites
must remain fluid and unpredictable, and formats and conventions must also
variate so that no one can get "a fix" on it.
A person that wants to anonymously mail something can choose different sites
each time, or perhaps there may be a subsystem that chooses this for them,
WITHOUT the mail actually going there first, if a site is in charge of "ran-
domizing" the traffic.
I suggest using a truly covert approach of using non-account first names
and other interesting words that are indistinguishable from regular usernames
as anonymous temporary mailing names. This obviously is very tricky and would
have to be worked out carefully, since it may, even in the future, conflict
with an actual choice of a valid username for an anonymous site. But it can
be done. and we need to spare the .sig at the bottom that advertises the anon
service. that should be left to separate ads, not mixed in covert email itself.
One of the things that has gotten to me is to do secret acts in overt ways,
almost asking the Government to defy them! Secret things should be done
secretly. Once, if in the future, cryptographic email is so common as to make
this unnecessary, then we can relax it. But not completely. Secret should still
always be DONE IN A SECRET WAY.
I.e. using steganography and other covert procedures, fluid, nonfixed proce-
dures, to ensure no disturbance with rerouted and/or encrypted email traffic.
Yes this is security-by-obscurity, but it can work if it is just an adjunct
to other strong methods such as good ciphers and procedures that use proper
contingency planning.
PAX, most likely, did no contingency planning for what happened to it.
All things of this type need "what ifs" for every possible interference that
can happen, not that all possibilities would be addressed. But they should
all be looked at, if they can be thought of.
Suppose the ante goes up and all this stuff becomes actively illegal. What
then? If a large network is *already* in place, the risk is much lower than
trying to do something after the fact. And it would be a more mature network
of rerouting and encrypting sites, that have already learned from their mis-
takes.
we need --all--this-- to survive. otherwise it is all just a toy application
of covert technology.
norstar
The Northern Lights, Troy NY |
tnl dialins: +1 518 237-2163 @ 1200-2400 bps 8N1 $free ` | /
------------------------------------------------------- --- * ---
Internet: norstar@tnl.com / | .
Sysop of TNL Public Access UNIX |
Return to January 1993
Return to “gnu (John Gilmore)”