1996-11-11 - Re: a retort + a comment + a question = [RANT]

Header Data

From: Adam Back <aba@dcs.ex.ac.uk>
To: SUCRUM22_at_INDY-ADP@smtp-gw.cv62.navy.mil
Message Hash: ae4bcba97f767666e8c3378554fd709870257ababba2d1c0282ec5d11e761fad
Message ID: <199611112054.UAA00130@server.test.net>
Reply To: <9610108476.AA847661103@smtp-gw.cv62.navy.mil>
UTC Datetime: 1996-11-11 22:58:10 UTC
Raw Date: Mon, 11 Nov 1996 14:58:10 -0800 (PST)

Raw message

From: Adam Back <aba@dcs.ex.ac.uk>
Date: Mon, 11 Nov 1996 14:58:10 -0800 (PST)
To: SUCRUM22_at_INDY-ADP@smtp-gw.cv62.navy.mil
Subject: Re: a retort + a comment + a question = [RANT]
In-Reply-To: <9610108476.AA847661103@smtp-gw.cv62.navy.mil>
Message-ID: <199611112054.UAA00130@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain



SUCRUM22_at_INDY-ADP@smtp-gw.cv62.navy.mil writes:
>  mark m wrote:
>  >In order for anonymous remailers to be completely anonymous, only one 
>  >remailer in the chain has to be trustworthy.  If a message is chained 
>  >through N remailers and N-1 of those remailers are run by spooks, the 
>  >anonymity of the message depends on the remaining remailer.
>      
>  well, actually, the first remailer has to be the trustworthy one.  you 
>  send a msg to the first with your "real" address, and if the spook is 
>  there, voila! so...  i understand your point, but still, it has to be 
>  the first one.

The first remailer doesn't necessarily have to be trustworthy; it
depends what it is you are trying to hide.

If you are trying to hide the fact that you are sending mail via
remailers, then to some extent the first remailer matters.  But
presumably, if you are sending to remailers, watching all the email
you send would be the obvious way to see if you are using remailers.

Your options to hide the fact that you are sending to remailers would
be to forward your mail (encrypted) to someone else who does use
remailers.  Or perhaps a hypothetical system in which you
steganographically encode your to be remailed message to a newsgroup
which is scanned by the your entry remailer.

If on the other hand you are trying to conceal who you are sending to,
and you don't send to many messages, using mixmaster you would retain
some anonymity even if all bar one remailer were run by the spooks.
As mixmaster remailers have uniform packet sizes, and reordering of
messages, it's not going to be obvious which message coming from the
trustworthy remailer is yours.

Flooding attacks on remailers are when the spook run remailers try to
keep the trustworthy remailer fairly loaded with email, so that the
non-spook traffic shows up.  In the worst case, only your message
would be non-spook traffic in a given reorder batch, and you would
lose all anonymity.

Adam
--
RSA in perl:
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`





Thread