From: hendersn@zeta.org.au (Zed)
Date: Mon, 27 May 1996 06:38:00 +0800
To: cypherpunks@toad.com
Subject: Re: An alternative to remailer shutdowns
Message-ID: <199605251914.FAA28059@godzilla.zeta.org.au>
MIME-Version: 1.0
Content-Type: text/plain


>From:	IN%"unicorn@schloss.li"  "Black Unicorn" 24-MAY-1996 22:52:03.64
>
>>Remailers on the attack points (first in chain, last in chain) simply MUST
>>be disposable as tissue.  They must be run as anonymously as possible,
>>with as little connection to the ISP's assets as possible and immediately
>>disposable.  They must be easy to set up, runable without root and there
>>must be a much more efficent tracking mechanism.  (Mr. Levin has done a
>>terrific job, but even more needs to be done).

This is what I was groping for before, I think. I would like to set up an
anonymous remailer, but I have little to no idea how to go about it. I need
something that I can set up cheaply and easily on a machine that I don't
have root on, and that I could close down in a flash if there was a problem.

 I'm proposing a stop-gap measure that could take some of the heat off
genuine remailers - simple, easy-to-create remailers that do nothing except
anonymize the fullscale remailer that's being used. If you make it so that
Type-I and Type-II remailers can _only_ remail to these simple remailers as
well as other remailers, you've insulated them from the overt threat of
being caught as the last remailer in the chain. Hopefully the number of
full-scale remailers would then start increasing instead of decreasing if
there is less reason to threaten them.

As for traffic analysis uncovering the previous remailer in the chain: how
would discovering that the previous remailer in the chain was
utopia.hacktic.nl be any different from the message actually appearing from
utopia.hacktic.nl? The Church of Scientology doesn't have the resources to
do full-scale traffic analysis, so hacktic's role would never have been
discovered.  And what would you do if it turned out that the previous
remailer was middle-man@alpha.c2.org? Who do you prosecute?

>>It only takes ONE operator to get a tiny ($2500-$10,000) fine or judgement
>>and that will be the end of most of the mailers.  Poof.
>
>	What, pray tell, is the result of a judgement in which the person
>manifestedly doesn't have the money to pay? I couldn't pay a 10,000 dollar
>judgement; I don't have that much money. I would guess it'd be some form
>of attachment of income; this wouldn't get them much...

You either pay up as your income allows you, or you file for bankruptcy.
Neither option is likely to make other remailer operators feel good about
themselves.

  Zed(hendersn@zeta.org.au)
"Don't hate the media, become the media" - Jello Biafra
  PGP key on request