1997-02-07 - Re: mail-to-news fun
Header Data
From: Bill Stewart <stewarts@ix.netcom.com>
To: “Scott V. McGuire” <svmcguir@syr.edu>
Message Hash: 1b5657d6b60edd77d24cf4d5d05cf29277228061c81fa956df47088bfb1afa82
Message ID: <3.0.1.32.19970206160606.00642a10@popd.ix.netcom.com>
Reply To: <199702061921.LAA28330@toad.com>
UTC Datetime: 1997-02-07 00:07:34 UTC
Raw Date: Thu, 6 Feb 1997 16:07:34 -0800 (PST)
Raw message
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 6 Feb 1997 16:07:34 -0800 (PST)
To: "Scott V. McGuire" <svmcguir@syr.edu>
Subject: Re: mail-to-news fun
In-Reply-To: <199702061921.LAA28330@toad.com>
Message-ID: <3.0.1.32.19970206160606.00642a10@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 01:01 PM 2/6/97 -0500, Scott V. McGuire wrote:
>On Wed, 5 Feb 1997 stewarts@ix.netcom.com wrote:
>> People don't read mail headers or disclaimers at the bottom,
>> and putting disclaimers like that into message text for
>> email exposes the message to traffic analysis.)
>How does putting it in the message expose it to traffic analysis but not
>putting it in a header?
Suppose you're sending a message on a remailer chain of
you -> Alice->Bob->Charlie->Dave->Eve->Fred--> target
and Bob puts lots of disclaimers in his remailer's outgoing messages.
Anything Bob puts in a header will get stripped out by Charlie,
so it's no problem. However, if Bob tacks a disclaimer
as the bottom text in the outgoing message, when Eve sends
mail to Fred she'll also see the disclaimer that
The message was sent by an anonymous user
through the remailer at Bob's Remailer Shack.
Bob doesn't know who sent it, and doesn't keep records,
so he can't squash the user, but he can block mail to you
if you don't want any more anonymous email.
Don't believe everything you read!
so she'll know to check the FBI Illegal Wiretap files for Bob.
Some comments and backtracking
0) Of course, if you want to avoid traffic analysis,
sending unencrypted email is pretty stupid, and only the
next hop is going to see a disclaimer that you append
after the encrypted part of the message.
1) Prepending the disclaimer to the message body is
pretty unfriendly to the :: syntax, and not all that
great for PGP encrypted messages either. Pretend I
really just suggested appending it at the end,
since that's what I would have said if I'd been thinking :-)
On the other hand, I suppose that you can see whether the
next hop is a Type I remailer by looking for the :: or ##.
2) Cutmarks would be a nice fix, but they require too much
attention to detail to get right, in case the next hop
is a remailer.
So maybe you _should_ always put in the disclaimer,
at the end, with a reminder to always encrypt your
remailer-chain mail if you want to avoid traffic analysis :-)
# Thanks; Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
# (If this is a mailing list, please Cc: me on replies. Thanks.)
Thread
Return to February 1997
- Return to “Bill Stewart <stewarts@ix.netcom.com>”
- Return to “Lance Cottrell <loki@infonex.com>”
Return to ““Scott V. McGuire” <svmcguir@syr.edu>”
- 1997-02-06 (Thu, 6 Feb 1997 11:21:19 -0800 (PST)) - Re: mail-to-news fun - “Scott V. McGuire” <svmcguir@syr.edu>
- 1997-02-07 (Thu, 6 Feb 1997 16:07:34 -0800 (PST)) - Re: mail-to-news fun - Bill Stewart <stewarts@ix.netcom.com>
- 1997-02-07 (Thu, 6 Feb 1997 20:01:51 -0800 (PST)) - Re: mail-to-news fun - Lance Cottrell <loki@infonex.com>