From: Mike Markley <mmarkley@microsoft.com>
Date: Tue, 20 Sep 94 10:20:23 PDT
To: cypherpunks@toad.com
Subject: Re: On the crime bill and remailers
Message-ID: <9409201721.AA18820@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal  <hfinney@shell.portal.com> writes:
|
| Black Unicorn <unicorn@access.digex.net> writes:
| >I believe anonymous
| >remailers have some use.  But they are so targeted to prevent GOVERNMENT
| >observation and intercepts, that they just plain look bad.
|
| I strongly disagree with this.  Anonymous remailers as presently constructed
| will be almost completely ineffective against any significant government
| attempts to surveil email traffic.  The government does have the resources
| today to defeat most uses of remailers.  Since present-day remailers lack
| padding features, the correspondence between incoming and outgoing messages,
| even with encryption, is relatively easy to establish.  This is made worse
| by the lack of general support for reordering, which renders the task
| almost trivial.
|
| Instead, anonymous remailers are clearly targetted against non-government
| traffic analysis, generally local associates, system operators, employers,
| supervisors, and so on.  They allow people to communicate without
| repercussions and retribution at work or at school.  They let people exchange
| email in an insecure environment while hiding both the message address and
| its contents.  They allow whistle blowers to expose malfeasance without
| being punished.  These are the kinds of things the remailers are good for.
|
| Claims here that remailers are designed to support sedition or to
| prevent government surveillance are both wrong and harmful.  This kind
| of material could show up at some future prosecution of a remailer
| operator.  It is important that we understand clearly what the capabilities
| and limitations of current remailers are.
|
| Hal
|

Why not make distributed remailers then? You could set up a chain using 
either mail or ftp or ? that would take all messages and fragment them 
into nice 1K blocks and then either mail or otherwise transport the 
blocks to other physical machines, these machines would then follow the 
imbedded instructions on how to reassemble the blocks into a coherent 
message and mail it out. Admittedly there is no sure fire method to 
prevent someone from monitoring all of the traffic generated but it 
should be possible to generate so much traffic that just wading through 
the volume would take more time than is practical. Also by encrypting 
all packets going between remailers and making the packets uniform 
sizes should help make monitoring more difficult.

I'm not sure that I'm worried about the government monitoring my 
communications as much as I'm worried about individuals with bad 
intentions monitoring my communications.

Mike.

=====================================================

Mike Markley <mmarkley@microsoft.com>

I'm not a Microsoft spokesperson. All opinions expressed here are mine.

=====================================================