1994-02-15 - Re: Detweiler abuse again

Header Data

From: “W. Kinney” <kinney@bogart.Colorado.EDU>
To: cypherpunks@toad.com
Message Hash: 35f4845c460c7e9fb249935bded2b1847996450fb149dcd3e5f80526213a4613
Message ID: <9402151602.AA03825@bogart.Colorado.EDU>
Reply To: N/A
UTC Datetime: 1994-02-15 16:29:09 UTC
Raw Date: Tue, 15 Feb 94 08:29:09 PST

Raw message

From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Tue, 15 Feb 94 08:29:09 PST
To: cypherpunks@toad.com
Subject: Re: Detweiler abuse again
Message-ID: <9402151602.AA03825@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


hughes@ah.com (Eric Hughes):

> The automatic broadcast property of Usenet is profoundly broken for
> the long run, since there is no upper bound on the amount of resources
> required.  More immediately, this property also requires a 100%

One can only reach the conclusion that Usenet is broken if one assumes
that the remailers _aren't_. The automatic broadcast property if Usenet
is not a problem if you can always determine the source of a message. This
isn't an argument against anonymity, but just saying it's a little
backwards to say that Usenet has to be redesigned because it doesn't work
with the remailers.

Why not use technology to solve a technological problem? The difficulty 
here is that it is impossible for any one remailer operator to prevent 
someone, say LD, from using the remailer system. The best he can do is stop 
LD from using his site as an entry point. So why not introduce a little 
cooperation among operators? This can be accomplished without collusion of 
the sort that would break anonymity.

Pretty much all the remailer operators are 'punks, right? If a critical 
mass of operators get together and agree to block a standardized set of 
sources and destinations, then that group of operators will have enough 
pull to force the other operators to toe the line. The trick is to block 
messages from remailer _operators_ who refuse to agree to behave as part of 
the community, effectively isolating the wildcats. An isolated remailer is 
useless.

Should be easy enough to work out -- a posted alert PGP signed by any two 
remailer operators is immediately implemented, no questions asked. Remailer 
scripts should include blocking by source, destination, or _content_, as in 
posts on a certain subject to a certain newsgroup. This would allow 
blocking of a nutcase using encrypted hops to post to Usenet without having 
to collude and blow his anonymity. Just say "Sorry, due to abuse of the 
remailers, we're not going to forward messages about the creatures from 
Uranus using microwave mind-control any more". This is a complicated idea 
in a general case, but scanning for subject lines, for instance, could be 
implemented as easily as scanning for destinations.

What we have now is a bunch of single remailers. It's a very small step to 
create a cooperative group of remailers, and it would provide avenues for 
solutions to a lot of the potential problems. This is not perfect, but it's 
better.


tytso@ATHENA.MIT.EDU (Theodore Ts'o):

> Lance is, unfortunately, pointing out some huge, gaping holes in the
> current architecture of the Cypherpunks remailers.  It would be good if

LD is smart enough to know that you _chain_ remailers for anonymity. I 
think he wanted us to know it was him, and wanted to see whether or not Hal 
would blow his anonymity when it came down to it.


                                -- Will



-----BEGIN PGP SIGNATURE-----
Version: 2.3

iQCVAgUBLWCOLPfv4TpIg2PxAQHOCgP9E2Q4R6ngHIeIv/IPePhcFqJgDaA8B4OO
CDS0akeyVXZXMB5b5nCGY2Q0b52LcSHnzUlJ0N/o1COjVNLADNOlcF2k9BcBYUuC
cqSWy1fJlx4lwd3P2kMgtk8v+pLHlVLJ4riopp2RXgLVfsesw8aJWOdSBf3bA7ft
cBxNJhcI9t8=
=BycG
-----END PGP SIGNATURE-----





Thread