1993-10-07 - Re: Standard Headers for Anonymous Remailers

Header Data

From: pierre@shell.portal.com (Pierre Uszynski)
To: cypherpunks@toad.com
Message Hash: 3fc34192636286cb8aaa6a24f69757497f7d3546b4f8af2449cd8aa9d39f4d02
Message ID: <9310072018.AA14402@jobe.shell.portal.com.shell.portal.com>
Reply To: N/A
UTC Datetime: 1993-10-07 20:39:20 UTC
Raw Date: Thu, 7 Oct 93 13:39:20 PDT

Raw message

From: pierre@shell.portal.com (Pierre Uszynski)
Date: Thu, 7 Oct 93 13:39:20 PDT
To: cypherpunks@toad.com
Subject: Re: Standard Headers for Anonymous Remailers
Message-ID: <9310072018.AA14402@jobe.shell.portal.com.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain

> From: owen@autodesk.com (D. Owen Rowley)
> There is another level of *menace* which I suppose many of you are unaware.
> I mean people who exploit insecure sites and networking skill to forge
> mail and articles as part of a concerted and ongoing campaign of
> harrasement.
> Stuff that has resulted in very serious consequences.
> Theres no need to go into detail here about the array of tactics and
> the widening scope of the phenomenon, but I think it needs to be looked
> at as an example of how and why systems are abused.

On the contrary, let's hear the details.

If what we are considering here is how to fight abuse while encouraging
(what we think is) positive use of anonymous systems, then we need to
know the details. If you are not comfortable posting that here, I'd
welcome a private email (as well as the people at io.com would, I
expect). Still, I don't think cypherpunks is anywhere close to the stage
where we should withold that kind of detail (except for OS bugs that go
to CERT first)...

> soc.motss and other newsgroups have seen a long list of pseudo-persons
> posting from non existent sites, and yes.. penet has been used to this
> effect.

ok, and anonymous remailers don't change that possibility one way or the
other. I'll go hang out there for a while anyway...

> I think that the design of privacy systems needs to take these
> dark-side issues seriously and do their best to minimise the potential
> for abuse. 

Sure, but consider that extremist systems will exist nonetheless.

> Perhaps a *zoning* concept is needed, in such that transactions would
> have qualifying conditions - or in such that *zones* exist as data-space
> with authentication qualifications for *entry* or transaction.

Who qualifies whom, based on what info, and to eliminate whom?