From: Wei Dai <weidai@eskimo.com>
To: jRT <jrt@asiaonline.net>
Message Hash: cd2383bba678a645f8d417cfd1a0b570397f35969767d22615dd87a68566de84
Message ID: <Pine.SUN.3.91.950108182612.5411B-100000@eskimo.com>
Reply To: <Pine.SUN.3.91.950109054255.21650A-100000@asiaonline.net>
UTC Datetime: 1995-01-09 03:27:03 UTC
Raw Date: Sun, 8 Jan 95 19:27:03 PST
From: Wei Dai <weidai@eskimo.com>
Date: Sun, 8 Jan 95 19:27:03 PST
To: jRT <jrt@asiaonline.net>
Subject: Remailer security
In-Reply-To: <Pine.SUN.3.91.950109054255.21650A-100000@asiaonline.net>
Message-ID: <Pine.SUN.3.91.950108182612.5411B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain
On Mon, 9 Jan 1995, jRT wrote:
>
> The thing being, say you set up an anonymous-video-or-otherwise-remailer,
> you have to ensure that people don't manage to get into that as such
> would obviously give away the identities of all parties. Given that
> people can supposedly hack the DOD computer system, that doesn't seem so
> unlikely, so are anonymous-remailers really all that safe?
This is why you want to use a remailer chain instead of just one remailer.
Hopefully, not all of the remailers in your chain are subverted by your
enemy. (They may all be subverted, but as long as not by people who
cooperate with your enemy you're still ok :-) Also, make your chains as
heterogeneous as possible. That is, include remailers that use different
hardware, operating systems, remailer softwares, are in different
countries, are controlled by different organizations, etc., so that one
security hole will not compromise your entire chain.
I've kinda evaded the original question, which is about the (average?)
security of the individual remailers. Does anyone have a real answer?
Wei Dai
PGP encrypted mail welcome. (I realize a PGP signature says this
implicitely, but I left my key in another computer.)
Return to January 1995
Return to “Wei Dai <weidai@eskimo.com>”