1995-01-27 - Re: Starting a remailer

Header Data

From: “L. McCarthy” <lmccarth@ducie.cs.umass.edu>
To: cypherpunks@toad.com
Message Hash: 61ddc1a9bebb6573f0ca7c80595b665c4c8771980e22e9ad8214f79428a6333f
Message ID: <199501271035.FAA03167@ducie.cs.umass.edu>
Reply To: <Zc8AlKJXYPcE078yn@ssnet.com>
UTC Datetime: 1995-01-27 10:34:05 UTC
Raw Date: Fri, 27 Jan 95 02:34:05 PST

Raw message

From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Fri, 27 Jan 95 02:34:05 PST
To: cypherpunks@toad.com
Subject: Re: Starting a remailer
In-Reply-To: <Zc8AlKJXYPcE078yn@ssnet.com>
Message-ID: <199501271035.FAA03167@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Don Melvin writes:
> Given the goal of limiting remailer liability, what about having
> them be anonymous?  Instead of send you a check, send an unidentified
> money order.  This would even allow ownership to change on a frequent
> basis without the system owner knowing who the current operator is.

Absolutely -- anonymity of the remailer _account holder_ is a central part of 
the "guerrilla remailer" concept AFA I'm concerned. Tim keeps reminding us 
that the distinction between the machine owner/ISP admin and the remailer
operator can be crucial, for legal reasons (i.e. the ECPA). I think it may
also be useful to push this distinction down a level, separating the _account
owner_ from the _remailer operator_. I get the feeling that in many cases the
folks willing/able to fund remailers aren't the same folks who are willing/
able to operate remailers. Hence it seems natural to have a collaboration 
between a remailer sponsor (person or group providing money to pay for an 
account or dedicated hardware) and a remailer operator (person or group 
providing time & technical skill to install, maintain, and upgrade the 
remailer). Of course the sponsor and operator could be anonymous from each
other, and I suppose even the members of each group need not know each 
others' identities.

c2.org allows anonymous account creation over the net, which is handy.
If you're feeling lucky, you could send cash in the mail instead of a money
order....

IMHO the tricky part is maintaining anonymity of the _operator_ over time. In
a reasonably general model, an operator will need to access a remailer
account across the net repeatedly, to recover from system crashes, install
new versions of remailer software, etc. The nature of a telnet session 
doesn't lend itself to reordering, latency, or cover traffic AFAI can see.
Perhaps the technique of sending encrypted shell scripts to an account for
execution (inquired about here recently) could do the work. Anon-HTTP
combined with WWW forms and some not-so-safe-TCL might offer more palatable
real-time responsiveness. I've experimented a little with a protocol for 
handling complaint mail, in which a cron job (or equivalent) running on the
remailer account greps the received non-remailing mail for complaint keywords,
then encrypts the result and chain-remails it to the operator (or posts it to
some well-propagated newsgroup). 

> Thoughts?  Comments?  Offers to send cute girls?

Please cc: me on the latter.  Thanks. ;}

 -L. Futplex McCarthy, seeking a summer job/internship -- private mail for info




Thread