1993-12-04 - Anonymity Offense

Header Data

From: nobody@shell.portal.com
To: cypherpunks@toad.com
Message Hash: c4f16627faaf2c00d736afde90ac59830fc51265fed4a01dfb732a9f6299a611
Message ID: <9312042144.AA16084@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1993-12-04 21:44:31 UTC
Raw Date: Sat, 4 Dec 93 13:44:31 PST

Raw message

From: nobody@shell.portal.com
Date: Sat, 4 Dec 93 13:44:31 PST
To: cypherpunks@toad.com
Subject: Anonymity Offense
Message-ID: <9312042144.AA16084@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Cypherdudes,

Hal noted:
>As Tim says, it is no secret on this list that the remailers are not
>presently secure.  I posted a long message a few months ago outlining
>possible attacks on the remailers.  It's worth noting that Karl Barrus'
>remailer does batch up messages and send them out once a day. If enough
>people use it that will help mix them up.  There is still the message size
>to match them up, though (and, believe it or not, the Subject:line!).

>The traffic volume problem should be solved by having a source of random
>messages which traverse the network, mixing in with user messages. This
>will help, but you still have the problem that only user messages will leave
>the network.

The most bogus problem of the remailer system is lack of traffic. I mean how 
many messages go thru a given remailer a day? 1? 10? 100? This makes it
pitifully easy to track messages. Padding them to the same size helps but if 
you have to track ten messages around (even though the problem becomes more 
egregious at each site) so what. Queing is a drag if you have to wait a day
to get enough mail to send out. If I wanted it to take that long I'd send it 
snail mail. More traffic = shorter que time needed to make things a bummer 
for trackers. Random traversing messages are a reasonable temporary solution 
but Remailer publicity (thus, more traffic) is an important part of getting 
better anonymity going. Tell your friends, send all your punk postings thru 
at least one remailer (that will put some traffic through them!).

This method is a passive one, how can we subvert the system now in place to 
make traffic more invisible? 

>The biggest problem is that many remailers are on unsecure systems. The PGP
>keys and passwords for these remailers are on the disk IN THE CLEAR. Anyone
>who can get privileges on these systems (many hackers, these days, not to
>mention the NSA) can get the remailer's keys and decrypt any messages sent
>to those remailers.  Karl's monthly posting shows which remailers are on
>private machines; those are the only ones which have any hope of being secure
>against the NSA.

If you believe this you've already seceded the battle to the NSA. Formidable 
opponents != Defeat. Great respect for NSA ability is neccesary but
independent minds (especially working together) can exhibit Davidian 
qualities. 

Exactly, how is tracking done? I've heard the general issues of file size 
and physical compromise but what programs and access codes are needed to 
obtain such info? How does one access SMTP mail channels, sendmail ques and 
mail logs? How can we subvert their attempts? Can we use the known router 
algorithms and network bookkeeping methods at hop sites to disguise where 
messages are traveling?

I guess what I'm saying is can we use the complexities of the system itself,
rather than our own system alone to make traffic analysis a drag. We know the 
weakness of our system, what are the weaknesses of the analyzers systems. 
What are the possibilities for an analyzers systems, how do we attack
them? I'll start by looking at various RFC's but a little offense rather
than defense can only make us more aware. Even if it doesn't seem possible
for goliath to lose.

I think today I'll be:

Stranger





Thread