1996-04-11 - Re: Scientologists may subpoena anonymous remailer records

Header Data

From: me@muddcs.cs.hmc.edu (Michael Elkins)
To: cypherpunks@toad.com
Message Hash: f635c521d9eedfd06c52ff46201d3e67e738a5861fde46903dcb4179fd211fb0
Message ID: <199604110647.XAA05823@muddcs.cs.hmc.edu>
Reply To: N/A
UTC Datetime: 1996-04-11 16:37:24 UTC
Raw Date: Fri, 12 Apr 1996 00:37:24 +0800

Raw message

From: me@muddcs.cs.hmc.edu (Michael Elkins)
Date: Fri, 12 Apr 1996 00:37:24 +0800
To: cypherpunks@toad.com
Subject: Re: Scientologists may subpoena anonymous remailer records
Message-ID: <199604110647.XAA05823@muddcs.cs.hmc.edu>
MIME-Version: 1.0
Content-Type: text/plain


Steve Reid writes:
> When a person recieves a message from someone using an anonymous 
> remailer, the return address will usually work, depending on the 
> remailer. The return address is for an address on the remailer, and 
> sending to that address, the remailer will forward the message back to 
> the person who owns that anonymous address.
> 
> The problem with that, of course, is that the remailer has to keep a 
> record of who owns each anonymous account, so that it can direct the 
> replies to the anonymous person. These records could be siezed.

This is a very good reason to use one of the "alpha" pseudonym servers.
These remailers in turn use other remailers to return the reply to
the owner of the alias (crypted, of course).  In this way, the server
is operating in double-blind mode.

However, the scariest thing about this is that the CoS was able to coerce
the gov't in a foreign nation to get access to anon remailers.  US
remailers have always been suspect for just this reason, and I wait
with bated breath to see whether or not the subpoena is issued.  But if
chaning outside the US won't even work, then the remailers aren't going
to do a whole lot of good.

> BTW, has anyone out there created an anonymous web forwarder? I'm sure 
> there are a lot of people out there who don't like the idea of having 
> their email address in the log files of dozens of web servers... Creating 
> a simple web forwarder wouldn't be hard.

I've heard several people make this statement...  Can anyone confirm that
it is really possible to log the uid (username) of the person making the
http request?  I know they can get your ip address, but I'm skeptical
of getting the username.

me
--
Michael Elkins <me@cs.hmc.edu>			http://www.cs.hmc.edu/~me
PGP key fingerprint = EB B1 68 32 3F B5 54 F9  6C AF 4E 94 5A EB 90 EC





Thread