From: Rich Graves <llurch@networking.stanford.edu>
Date: Tue, 2 Jul 1996 19:12:45 +0800
To: cypherpunks@toad.com
Subject: Re: Message pools _are_ in use today!
In-Reply-To: <4ra50l$is@joseph.cs.berkeley.edu>
Message-ID: <Pine.GUL.3.94.960702012429.17484A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On 1 Jul 1996, David Wagner wrote:

> Someone sniffing the Berkeley 'net can tell when I receive an
> alt.anonymous.messages message by when I download an article from
> the NNTP server

So, download every message, all the time, and junk posts that don't interest
you offline.

You betray yourself as an Evil Anonymous Communicator, but somehow I think
they might already know. You give no information about which messages you're
actually interested in unless your local workstation is compromised.

> Furthermore, even if you run a trusted NNTP server on your local
> machine, there are still vulnerabilities.  Someone sniffing on your
> subnet can tell when you inject a new message onto alt.anonymous.messages,
> as can your neighboring NNTP servers.

This is true. You'd have to generate white noise, again betraying yourself,
but only in general. "They" would need to track every message. To make it
more interesting, encrypt a bunch of messages for bogus PGP keys created for
the purpose. 

-rich