1994-07-28 - Re: (fwd) Possible compromise of anon.penet.fi

Header Data

From: roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
To: cypherpunks@toad.com
Message Hash: e93c3e3d890c2a09bf3168e5340ee436bfa2c52f46f8520b5406b697ce534802
Message ID: <940728.175233.2k3.rusnews.w165w@sendai.cybrspc.mn.org>
Reply To: <9407281453.AA23808@pelican.ma.utexas.edu>
UTC Datetime: 1994-07-28 23:56:46 UTC
Raw Date: Thu, 28 Jul 94 16:56:46 PDT

Raw message

From: roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
Date: Thu, 28 Jul 94 16:56:46 PDT
To: cypherpunks@toad.com
Subject: Re: (fwd) Possible compromise of anon.penet.fi
In-Reply-To: <9407281453.AA23808@pelican.ma.utexas.edu>
Message-ID: <940728.175233.2k3.rusnews.w165w@sendai.cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


In list.cypherpunks, nzook@math.utexas.edu forwards:

> From: barnett@convex.com (Paul Barnett)
> Newsgroups: alt.privacy
> Subject: Possible compromise of anon.penet.fi
> Date: 27 Jul 94 22:09:28 GMT
> Organization: CONVEX News Network, Engineering (cnn.eng), Richardson, Tx USA
> Lines: 29
> Message-ID: <barnett.775346968@cnn.eng.convex.com>
> NNTP-Posting-Host: zeppelin.convex.com
> Someone has been collecting email addresses, apparently from postings
> to Usenet, and forging them to anonymous postings through
> anon.penet.fi to alt.test.
> The text of the posting states the REAL email address of the poster,
> under a posting attributed to the anonymous ID assigned to that
> poster.

I actually saw this article in alt.privacy, and sort of mentally filed
it.  Then, this morning, I received a note from anon.penet.fi informing
me of my anonymous ID.  I don't use penet, and never sent anything
through there anonymously.

I first thought it might have been a mail-bombing run, but then I
re-read this:

> However, there are some lower numbered anonymous IDs, presumably in
> previous use by the addressee named in the text of the message.  These
> anonymous addresses are now compromised.

I think this might be a forked attack... trying to flood penet with
traffic, and also outing people who have used penet for anonymous
traffic previously.  This is a good argument against maintaining a
double-blind database (and in favor of systems like soda.berkeley.edu's
remailer with its 'response block' strategy).

Does anyone else smell Detweiler?
- -- 
             Roy M. Silvernail --  roy@sendai.cybrspc.mn.org
    "Usenet: It's all fun and games until somebody loses an eye."
                        --Jason Kastner<jason@wagner.com>

Version: 2.6