1997-06-07 - Re: Who subscribes to the list?

Header Data

From: ghio@temp0094.myriad.ml.org (Matthew Ghio)
To: “William H. Geiger III” <whgiii@amaranth.com>
Message Hash: 4fbdbdf1f0bfcbe1bfa1064c5ad59a63b32297f7eab43d7e6018f5653247e8b7
Message ID: <199706070111.SAA15372@myriad.alias.net>
Reply To: <199706070022.RAA04412@myriad.alias.net>
UTC Datetime: 1997-06-07 01:20:04 UTC
Raw Date: Sat, 7 Jun 1997 09:20:04 +0800

Raw message

From: ghio@temp0094.myriad.ml.org (Matthew Ghio)
Date: Sat, 7 Jun 1997 09:20:04 +0800
To: "William H. Geiger III" <whgiii@amaranth.com>
Subject: Re: Who subscribes to the list?
In-Reply-To: <199706070022.RAA04412@myriad.alias.net>
Message-ID: <199706070111.SAA15372@myriad.alias.net>
MIME-Version: 1.0
Content-Type: text/plain



William H. Geiger III wrote:
> >P.S. I'm sure none of you would be foolish enough to use penet-style
> >remailers which do not encrypt the message headers.
> 
> 
> Your point being??


While I am sure most readers of this list are well aware that remailed
messages which are not encrypted and chained are not secure, there is a
class of users who are not yet aware of this fact.  I was pointing out
the relative ease with which their identities could be compromised by
someone simply logging DNS traffic.  In addition, there was some recent
discussion over whether or not it was possible to obtain the subscriber
list from cyberpass.net and algebra.com.  Even if the subscriber list
is not published, there is an alternative method to determine who
subscribes to the list.

There are, of course, other methods, such as Return-Receipt headers and
embedded html tags, but tracking DNS traffic tends to be easy to do on
a wide scale without alerting the subjects that you are investigating.






Thread