From: nobody@shell.portal.com
To: cypherpunks@toad.com
Message Hash: 76f1025646a58ae50ba08848d5ace9b6bbe8bd261e73a04b4db03dcc7ce2a4de
Message ID: <199402040459.UAA04387@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1994-02-04 04:59:44 UTC
Raw Date: Thu, 3 Feb 94 20:59:44 PST
From: nobody@shell.portal.com
Date: Thu, 3 Feb 94 20:59:44 PST
To: cypherpunks@toad.com
Subject: Re: New remailer up.
Message-ID: <199402040459.UAA04387@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
Jon Boone expressed what seems to be a consensus, " I won't hack into
mail.netcom.com to demonstrate that it is possible to figure out who used
your remailer. But, if one of the admins from netcom wants to send me their
syslogs, I'll do my best to put together a correlation."
Netcom logs mail. The mail queue is viewable by most anyone willing to set
up a mail queue logging routine. If someone wants to see the mail logs
after it is no longer in the mail queue they have to be root on Netcom or
illegally hack in. If the FDA wants your illegal smart drugs, they might
get Netcom to hand over mail logs. If a hacker or the NSA taps into root,
they don't need mail logs; they'll just "wiretap" the qwerty account,
including its secret key and pass phrase.
Is there any OTHER serious but unrelated problems with a Netcom remailer?
Now I know what warnings and hints to put in qwerty's .plan: "Since Netcom
keeps mail logs, people should only have contact with qwerty via other
remailers or send mail out from qwerty only to public sites like Usenet or
a mailing list, so the real addresses of the users never shows up on
Netcom's logs or in the mail queue. It is also best to use encryption in
case someone is reading the contents instead of just the logs."
Routing through qwerty will add another layer of difficulty to someone
trying to track down a message sender, since if forces them to get Netcom's
sendmail logs after the fact or to make their own logs every day of the
year from an account on Netcom. Is this legal for say the FDA to do? How
about my new idea for a company called "Netlog!" in which I log the mail
queue on Netcom and offer to sell CD ROMs containing a year's mail logs
from Netcom? These tricks could be made more difficult with traffic
analysis countermeasures.
However, the issue seems more touchy than this rationalization for the
existance of Netcom remailers. Not assuming qwerty remains in its current
state, will adding qwerty to a mailing chain, say between extropia to
hfinney@shell, using encryption, add to or decrease security? The question
needs to be answered, with the assumption that someone IS collecting mail
queue logs. How would you have me alter qwerty so that this link ADDED to
the security of a chain? More than an hour delay must be avoided by making
the scheme more sophisticated, in my view. If I add a 0-30 min. random
delay, with added dummy traffic going out from qwerty in a circle through
other remailers and back to qwerty's bit bucket, every few minutes, would
this make it useful also to SERIOUS remailer users?
Before I start throwing out ideas that I'm sure aren't new to readers here,
I have a simple question that perhaps I should post to comp.unix.questions
or comp.lang.perl, but.... Can I, and how would I, get a perl script to
kick in and send out mail every few minutes when I am NOT logged in. Is this
possible on Netcom?
The question is pretty general, and involves any public access or personal
account machine. So send me a remailer or tell me how to patch Hal's.
-Nik (Xenon)
-----BEGIN PGP SIGNATURE-----
Version: 2.3
iQCVAgUBLVGOgQSzG6zrQn1RAQFGLAP+N31dNMjnArEOklm4AeruT7pu6LgfNdUM
OawRDPY8CYgxYi5kJ4yByh7+uD+Asr7FCMaKacln8YwO6oOz3FlceNupC1czWFI5
NWuS9b4r5ZPKpLClv9K3oY1QvRePc1r0Ypl4SYCtZux/7U787BoyT/VUHmkfwple
I6X6+irFXns=
=6Klu
-----END PGP SIGNATURE-----
Return to February 1994
Return to “nobody@shell.portal.com”
1994-02-04 (Thu, 3 Feb 94 20:59:44 PST) - Re: New remailer up. - nobody@shell.portal.com