1993-02-24 - Newbie comments. (fwd)

Header Data

From: kelly@netcom.com (Kelly Goen)
To: cypherpunks@toad.com
Message Hash: b784e2675a98fcd3158ff7b0d5b7ae3f12828d630b2e5652469e6df6ab445334
Message ID: <9302240537.AA06252@netcom.netcom.com>
Reply To: N/A
UTC Datetime: 1993-02-24 05:39:13 UTC
Raw Date: Tue, 23 Feb 93 21:39:13 PST

Raw message

From: kelly@netcom.com (Kelly Goen)
Date: Tue, 23 Feb 93 21:39:13 PST
To: cypherpunks@toad.com
Subject: Newbie comments. (fwd)
Message-ID: <9302240537.AA06252@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
> From cypherpunks-request@toad.com  Tue Feb 23 15:40:37 1993
> From: J. Michael Diehl <mdiehl@triton.unm.edu>
> Message-Id: <9302232326.AA26860@triton.unm.edu>
> Subject: Newbie comments.
> To: cypherpunks@toad.com
> Date: Tue, 23 Feb 93 16:26:08 MST
> X-Also-Known-As: Thunder
> X-Goal-In-Life:  To make a lot of money -- Wanna make a donation?
> X-Mailer: ELM [version 2.3 PL8]
> 
> I've been listening to this list quietly for about 2 weeks. Althought the
> signal to noize ration as been a bit low lately, ;^) it's been very interesting.
> 
> I like the idea of alt.whistle.blowers, and support anything that promotes
> privacy, and Constitutional rights.
> 
> But I have a (newbie?) question.  Isn't it true that, at the network level, it
> is still possible to tell where a message came from and where it's going.  That
> is, given the proper motivation, couldn't "and entity" sniff out all of this 
> information and find out which machine a particular message came from.  And 
> from logs at that machine, which The Entity  naturally has access to, It could
> find out who send the message.  Just wondering.....


 Hi there, 
        well acutally at the network interface level all sorts of tricks are
available... for example at the smtp daemon level all
a snooper has to do is the following

telnet toad.com smtp

when the sendmail banner is seen then
type
VRFY cypherpunks
That will yeild yet another line referring to cypherpunks-real
which verifying will obtain ALL the mail addresses on this cypherpunks mailing
list... I have a small fragment of perl which does the same
trick recursively for every address on the cypherpunks mail list...
why did I write such a thing... well I am writing a mail list to PGP
key server extractor so I can automatically extract keys for members of
cypherpunks-real... I didnt think of the privacy issue until
some moments after I debugged the perl script and got it working...
Similiar open holes exist at EVERY level of the Network and associated
daemons and software, Johh and I have discussed this earlier via email
and he as well as I dont feel its a REAL exposure as the means to
protect yourself is well at hand...
AND yes ALL network traffic can theoretically be traced thats
when crackers and security admins start playing games with
connection laundries and firewall as well as early warning systems...
there are constraints to real world tracing... the Firewalls mailing
list at Firewalls@GreatCircle.COM discusses these and other
issues having to do with security at the network interface level

> 
> Major suggestion:  We need a FAQ!
> 
> Well, that's about it.  I'm still trying to get up to speed with pgp.
> 
> +----------------------+----------------------------------------------------+
> | J. Michael Diehl ;-) |  I thought I was wrong once.  But, I was mistaken. |
> |                      +----------------------------------------------------+
> | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be        |
> | Thunder@forum        |            Politically Incorrect!                  |
> | (505) 299-2282       |                        <me>                        |
> +----------------------+----------------------------------------------------+
> 

    cheers
   kelly
-- 





Thread