1995-02-05 - BROKEN REMAILERS

Header Data

From: nobody@tower.techwood.org (Anonymous)
To: cypherpunks@toad.com
Message Hash: 8c402d480de7b45e944df8054397c13016accdc7e7bb9e29cf166bb01ba110a7
Message ID: <199502051758.MAA02142@bb.hks.net>
Reply To: N/A
UTC Datetime: 1995-02-05 18:02:38 UTC
Raw Date: Sun, 5 Feb 95 10:02:38 PST

Raw message

From: nobody@tower.techwood.org (Anonymous)
Date: Sun, 5 Feb 95 10:02:38 PST
To: cypherpunks@toad.com
Subject: BROKEN REMAILERS
Message-ID: <199502051758.MAA02142@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have tested remailers and their PGP keys over some time now and this is
what I have found:	

MIXMASTER is a great, fast and reliable remailer but you can't PGP with it.

REMAILER@NATELY.UCSD.EDU is just as fast and reliable (same guy) and you 
can use PGP, but a few weeks ago it started acting really funny: It will
forward any ATTACHED files, but it will only read the first commandline
of a PGP block that has been pgp'ed with Nately's public key.  In other
words, if you wrap layers of chained remailers inside each other, you 
will now have to have NATELY as the *last* link in your chain as it will
otherwise discard the rest of the block. Alternatively you can have the
chain as a series of attached files.

USURA is really quick too and has lately been reliable. But it has always
suffered from the same problem as Nately, namely that it will truncate all
of the remaining lines in a PGP message encrypted with its own public key,
this making it impossible to chain effectively.  It will read the first 
command only.  It DOES forward all attached files, however (by which I 
mean text that have been tagged on OUTSIDE of the pgp block encrypted
to Usura).

EXTROPIA and VOX suffer from the exact *opposite* problem.  They forward
the entire inner remains of a pgp block untouched after having only read
the first commands to them.  But they both ignore and discard all text
outside that first initial pgp block encrypted with their public keys.
This means that you cannot send a message with multiple pgp's through
either of them: because any attached parts get thrown away.  
As a practical application, it means that you can't use either of these
two as part of your nym@alpha.c2.org setup, sadly...
BTW, with VOX you will have to add the ::Encrypted: PGP bit whereas you
don't have to do that with Extropia (or with alias@alpha.c2.org for that
matter).

REBMA is ideal in that it does not touch your message: You can use *both*
attached files and "wheels within wheels" where you have layers of pgp'ed
remailer instructions hidden inside one another. The main problem with 
REBMA is that she has been down a bit lately and even when she is not down,
you have to wait ages: 1 or 2 days, sometimes even more.

The best remailer, IMO, is HAL@ALUMNI.CALTECH.EDU which operates in tandem 
with HFINNEY@SHELL.PORTAL.COM: Both are fast and very reliable.  Moreover,
neither will throw away attached messages (like Vox and Extropia do) nor
throw away the other loops of an inner-encrypted pgp reply block (like
Usura and now, lately, unfortunately, also Nately do). Very versatile!

I used to like JPUNIX too.  Now it seems HOMER@RAHUL.NET is a winner,
I don't know if he will stay reliable, but he sure is fast.  In terms
of PGP, he is just as good as HAL/HFINNEY.  Likewise, TOWER: Both work!

The DESERT remailer is sometimes fast, sometimes slow. I have a feel it waits
until it can send out stuff in batches. So sometimes you have to wait a day
or so.  It works with Anon-To: last I checked, if I recall correctly.

That's the extent of my playing around. I would appreciate corrections
and help, especially information with some of the remailers I have not 
mentioned here.  I have not played with Q or with FLAME, for instance. 

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

.Signature field left blank
(or it wouldn't be anonymous, would it?)

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzUR0CoZzwIn1bdtAQGoHQF/ep/uxpNHaCX4JUoETqULLax8Q0vu6VrY
Jh1P/ey2QrWi1TKWky3/SJ967S+xoqg0
=gEZ3
-----END PGP SIGNATURE-----





Thread