From: Johan Helsingius <julf@penet.FI>
To: Anonymous <nowhere@bsu-cs.bsu.edu>
Message Hash: ce6687285f3ff51b04923f0102b330569267d9b69d2a3159c32694ad25d1d503
Message ID: <9302231817.aa23700@penet.penet.FI>
Reply To: <9302231537.AA28187@bsu-cs.bsu.edu>
UTC Datetime: 1993-02-23 20:35:15 UTC
Raw Date: Tue, 23 Feb 93 12:35:15 PST
From: Johan Helsingius <julf@penet.FI>
Date: Tue, 23 Feb 93 12:35:15 PST
To: Anonymous <nowhere@bsu-cs.bsu.edu>
Subject: Re:
In-Reply-To: <9302231537.AA28187@bsu-cs.bsu.edu>
Message-ID: <9302231817.aa23700@penet.penet.FI>
MIME-Version: 1.0
Content-Type: text/plain
> > Neither do I. But many of the users of anon.penet.fi are
> > not very computer-and-email-literate, and they have been using other
> > services, providing double-blind. Unfortunate, but too late to change now..
> .
>
> Can you elaborate on those other services? The Finnish remailer is the
> only one I'm aware of.
The operating principles (and the early code) was copied from the
general service Karl Kleinpaste was running at godiva. There has been
two long-running servers serving some alt.* groups (alt.sex.*,
alt.sexual.abuse.recovery) for years.
> Also, I'm confused about these "not very computer-and-email-literate"
> users -- aren't they forced to use an X-Anon-Password header?
No. Not until now. And you can still post withaout it, and answer
anonymous mail without it, and of course set the password to "none",
disabling passwords altogether.
> I'm surprised there hasn't been more ruckus about the default
> behavior. There must be many folks whose identities have been
> inadvertantly exposed.
I know, looking at the error messages and missent mail, that there would
have been hundreds of persons exposed without the default double-blind.
> > What we can do is to provide better ways for those who *are* computer
> > literate enough to use extra headers etc.
>
> I don't think this will help. With my mail environment, I have to go
> to lengths to send an anonymous message, concocting X-Anon-To and
> X-Anon-Password headers. It's worth the effort, since this helps to
> preserve the secrecy of my pseudonymous identity.
>
> But the first time I mess up, and send an unfettered message to an
> anon.penet.fi client, I am unmasked.
No, once you set a password, the server won't let your message through
unless it's OK!
> And I still don't understand how the unfettered message gets past the
> X-Anon-Password filter.
Can you elaborate? I don't understand your question. Sorry, my english
isn't what it ought to be...
> > But in this case I feel the principle of least astonishment is overruled
> > by the principle of least risk of accidental exposure.
>
> I think the risk of accidental exposure is heightened by the default
> behavior of the Finnish remailer. Maybe we're using the same words to
> describe different things.
I beg to disagree.
> > I think that hornet's nest needed to be kicked. But I am also
> > disappointed that not enough people defend the need for anonymity in
> > places like news.admin.policy.
>
> Some of us gave up on USENET policy long, long ago. Personally, I stick
> to the alt.* groups.
Right. Unfortunately. Because had you followed the discussion in
news.admin.policy you would have realized thet sticking your head in the
bush isn't going to help.
Julf
Return to February 1993
Return to “nowhere@bsu-cs.bsu.edu (Anonymous)”