1996-12-27 - Re: IDEA: “Site Cloaking” Technology

Header Data

From: “Mark M.” <markm@voicenet.com>
To: Cypherpunks mailing list <alexc@firefly.net>
Message Hash: 480bfff18c20621e243efbf410f6d08f44faf0215b33219bc2d48bd73f2fb589
Message ID: <Pine.LNX.3.95.961226232419.3600A-100000@gak.voicenet.com>
Reply To: <3.0.32.19961226175522.00a01230@pop.firefly.net>
UTC Datetime: 1996-12-27 04:44:32 UTC
Raw Date: Thu, 26 Dec 1996 20:44:32 -0800 (PST)

Raw message

From: "Mark M." <markm@voicenet.com>
Date: Thu, 26 Dec 1996 20:44:32 -0800 (PST)
To: Cypherpunks mailing list <alexc@firefly.net>
Subject: Re: IDEA: "Site Cloaking" Technology
In-Reply-To: <3.0.32.19961226175522.00a01230@pop.firefly.net>
Message-ID: <Pine.LNX.3.95.961226232419.3600A-100000@gak.voicenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Dec 1996, Alexander Chislenko wrote:

> This seems complimentary to anonymous browsing (e.g., www.anonymizer.com).
> I doubt that ciphering the site list can assure that the site can't
> be found, as somebody could match incoming and outgoing requests.
> A chain of "Anonymous Rewebbers" / Recloakers could help here.
> An important thing here would be to make sure that the search engines can
> still find the sites.  Other difficulties would be caching and getting
> credits for ads.
> 
> Do you think it's worth doing?

This sounds a lot like Ray Cromwell's program, "decense".  It's more or less
the web equivalent of the penet remailer.  It is possible to attack even if
requests and responses are encrypted with traffic analysis.  The main objective
of such a system would be to make it very difficult to match a "real" URL with
the "anonymous" one, but not virtually impossible.  Encrypting the site list
won't help because the key would have to be stored somewhere on the system.
Many web servers have a security hole in them where the source code for a
CGI script can be requested instead of actually executing the script.  It's
not a good idea to assume that the executable will not be readable by anyone.

Decense is available at http://www.clark.net/pub/rjc/decense.html

Mark
-- 
finger -l for PGP key
PGP encrypted mail prefered.
0xf9b22ba5 now revoked







Thread