From: Steve Reid <root@edmweb.com>
Date: Tue, 21 May 1996 19:52:14 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: The Crisis with Remailers
In-Reply-To: <199605192015.NAA15002@netcom17.netcom.com>
Message-ID: <Pine.BSF.3.91.960520181221.350A-100000@bitbucket.edmweb.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> [remailer incentives]
> >As you said, ecash postage could turn that around. The negative publicity
> >part is probably the result of the general public's negative perceptions
> >about anonymity. 

> not!!! I should have made this clear, but imho no matter how favorably
> the public sees anonymity, I still believe there will be little
> incentive to run remailers until there is some kind of ecash
> scheme.

Re-read that first sentence I wrote: "As you said, ecash postage could
turn that around." You made yourself clear; I wasn't arguing against the
value of ecash postage, I was agreeing with it. 

The negative publicity associated with anonymity (and thus remailers) will
make remailers less valuable to their operators. That is, the operators
will want more ecash to make the venture worth the negative publicity. 

I think there are a lot more people who would be willing to run a remailer
as a hobby, if there weren't that negative publicity issue. I probably
would... But negative publicity is a liability in itself, in a way. 

I agree that ecash postage would probably provide the biggest boost to
remailers, but I don't think we should underestimate the negative effects
of the bad publicity and liability. 

> you are going to have "bad" uses of anonymity going on as
> long as you provide the capability. ask the remailer operators to
> estimate how much of their mail is simply taunts between college
> students or sexual harassment. I doubt you will ever be able to
> evade this.

Yes, there will be (and are) bad uses. And I do agree that most of the
anonymous posts right now are probably not what the cpunks intended to
allow. But I think people would be more willing to accept remailers, warts
and all, if they didn't have preconceptions about anonymity. 

> what cpunks might investigate is an idea of having a pseudonym
> server that somehow automatically registers complaints and stamps
> messages with known reputation levels.

If a message is actually anonymous, then there is no way to attach any
sort of reputation. Pseudonymity is a completely seperate matter. If
spammers don't want to have complaints tagged to them (which they probably
don't), they won't use a pseudonymous remailer, they'll use an anonymous
remailer. Anon.penet.fi may be an exception, but I believe that's only
because it's easy to use.

> >People seem to forget that anyone can drop a letter into the mailbox with
> >no return address. Did the Unabomber bring negative publicity to the 
> >postal service, causing people to demand that return addresses become a 
> >requirement? :-/

> agreed, but the subject at hand was not whether anonymity is good or bad, 
> but whether there is some incentive to run remailers.

Again, public perception about anonymity is an issue, because remailers
(and remailer operators) will have a certain stigma attached.

Liability might also be related to the public perception. If everyone
accepted anonymous remailers the same as they accept that people can mail
letters without a return address, then I think nobody would be able to
take legal action against remailer operators, just as nobody (AFAIK) has
taken legal action against the US Postal Service for their 'involvement'
in the unabomber case. 

> >Liability depends on the jurisdiction, doesn't it? It would be ideal if
> >all remailers were in countries where there are no laws that would affect
> >remailers. Reducing liability also has the added benefit of protecting
> >anonymity, since if the mailer can't be siezed, that does prevent log
> >files (if any) from being siezed.

> by liability I am also referring to a situation in which the 
> internet provider is pressured to quit the service by *anyone* not
> necessarily agents of the government. past examples are strong evidence
> that it does not at all require a government to shut down a remailer
> via pressure. anon.penet.fi at one point was pressured to shut down
> by "a well known net celebrity"

I think the non-governmental interference is a very interesting point, but
I still think jurisdiction is an issue. The Co$ (AFAIK) always had a legal
leg to stand on because of copyright law. If the remailers were in a
country where it would not be affected by copyright laws, the Co$ would
probably have been as ineffective as a person saying "Shut down your
remailer because someone has been using it to advocate nose-picking." 

> >Remailers can already be set up _not_ to send to certain addresses, so I 
> >think there's no reason that they couldn't be set to deliver _only_ to 
> >other remailers.

> hee, hee. I think you need to think that out a bit more.

You snipped the paragraph before that one, and I guess you didn't read
it... There was the sentence, "Obviously we'd still need _some_ remailers
that can deliver to the intended destination".

Remailers that deliver only to other remailers can be used for chaining
purposes and nothing else. Such remailers could be used for any link in
the chain, _except_ the last link, since the last link has to be able to
deliver to the destination email address.

This has the advantage that the operators of those remailers won't have
their names attached to spam (I think I mentioned that) and so they won't
recieve a gazillion complaints about the spam. It would also mean less
liability to those operators, since the first target of pressure groups
would surely be (and mostly is) the remailer who's name is attached to the
offending post. 

Of course, this won't help the remailers that are the last link in the chain,
but it would provide more remailers for chaining purposes.

> well, the issue we were addressing is why remailers haven't proliferated
> like other services. it is true that the usage of them has probably
> gone up exponentially, or at least very significantly. but they don't
> seem to have multiplied in number in the same way. growth in # of
> remailers has been linear at best.

I think remailers are only a niche thing.

When people start using the internet and some sort of untraceable packet
forwarding service in their everyday work, and discover that they can
evade taxes that way, then people will start moving towards it in droves,
simply because it would mean that they could work for less pay (pleasing
their employer) and yet have more take-home cash. I don't think
_remailers_ will ever have this sort of popularity, because they don't
allow TCP-like stream connections needed for web connections, PGPfone,
etc. 

BTW, I'm fairly certain that an anonymous/pseudonymous packet forwarding
service could be created to handle TCP connections... It should already be
possibe... It would require few additions to the TCP stack software to
allow encrypted connections, and some way to have TCP connections inside
TCP connections. And of course, servers would be required.


=====================================================================
| Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/)    |
| Email: steve@edmweb.com   Home Page: http://www.edmweb.com/steve/ |
| PGP (2048/9F317269) Fingerprint: 11C89D1CD67287E68C09EC52443F8830 |
|          -- Disclaimer: JMHO, YMMV, TANSTAAFL, IANAL. --          |
===================================================================:)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQEVAwUBMaEZpdtVWdufMXJpAQFRyQf/cq3xcuEJcAY/HOmbCMZ/JcxkSkUFuSHC
dsmQG463UtF7W2hC7DDk8Y+Q1BcNTL96OaHPuPUU1lgyKEDBHXRcGLVkhX7UmBN1
MBfpB9ljBz+XMGAx7yR5ARmO37K133dmVJyXRtbLR0UC64wFFfTN9khlZS6HoCmC
ODItgkdI1uJeP6u00vKm6eMZ6OCKvzC6ABkEhr02npdRjTCW2iqhMZdXGsElkiLC
SsK0sNbAb/tGj6alrNDa6m1eisuTXxaRNoncMRdhSjHfOoPma2Z93EB+Mky7zl1/
0OSpNJyI3UXU9rIXhvkAdquczq71IycWHtp5TscF5E0qNYoA7NhVhQ==
=zMEN
-----END PGP SIGNATURE-----