From: Bill Stewart <stewarts@ix.netcom.com>
To: Rich Graves <llurch@networking.stanford.edu>
Message Hash: 73db46c342d216cb6e1a5b2ece15048532da67379671ae124491210a1667adfa
Message ID: <3.0.2.32.19970616102113.00751b44@popd.ix.netcom.com>
Reply To: <Pine.GUL.3.95.970613205522.3433K-100000@Networking.Stanford.EDU>
UTC Datetime: 1997-06-16 19:06:37 UTC
Raw Date: Tue, 17 Jun 1997 03:06:37 +0800
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 17 Jun 1997 03:06:37 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: Anonymous proxies & ITAR question
In-Reply-To: <Pine.GUL.3.95.970613205522.3433K-100000@Networking.Stanford.EDU>
Message-ID: <3.0.2.32.19970616102113.00751b44@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 08:59 PM 6/13/97 -0700, you wrote:
>This is why we need more remailers, and why it's good that you posted
>anonymously. The proper thing to do is to be "shocked, shocked!" that
>anything illegal is happening on your server,
... your ecash, sir ....
>immediately shut it down (counting on the network to be self-healing
>with the help of an enhanced remailer list), and offer to cooperate fully.
>Unfortunately, you don't keep logs, so you wouldn't really be able to help
> (damn!).
Shutting it down would be bad - that gives them an easy denial of service
attack (though better to have them use that attack than child porn....)
Put a warning on the front page that it's NOT to be used for
illegal purposes etc., phrased seriously, complaining that you'll
have to shut it down if people keep abusing it...
And make sure your proxy server only accepts encrypted requests,
so that eavesdropping doesn't gain much.
The hard problem is getting enough people to run the things.
While the _right_ solution is probably to put anonymous web proxies
in the distribution versions of Apache or Stronghold, so that there
are thousands of them, the alternative is convincing people to run them.
Unlike email remailers, where the big annoyance is dealing with spam,
the main problem with running web proxies is just volume.
Adding a semaphore or rate limiter to the proxy might help,
and I've heard some people have blocked large GIFs - but you
still want to handle downloads of contraband software,
which means accepting and caching multi-megabyte code.
I suppose it would be interesting for anonymous web proxies
to generate cover traffic as well - periodically browse sites like
Radikal mirrors and other contraband.
# Thanks; Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
# (If this is a mailing list or news, please Cc: me on replies. Thanks.)
Return to June 1997
Return to “Tim May <tcmay@got.net>”