1997-06-04 - Re: Who “invented” remailers?

Header Data

From: Hallam-Baker <hallam@ai.mit.edu>
To: tcmay@got.net (Tim May)
Message Hash: ba2a50cc373bce9b84b5d32ac487bd6bdcbb03bf1bb9f48f2ceaf487c0659660
Message ID: <199706040027.UAA11558@muesli.ai.mit.edu>
Reply To: <v03102807afba566172be@[]>
UTC Datetime: 1997-06-04 00:35:12 UTC
Raw Date: Wed, 4 Jun 1997 08:35:12 +0800

Raw message

From: Hallam-Baker <hallam@ai.mit.edu>
Date: Wed, 4 Jun 1997 08:35:12 +0800
To: tcmay@got.net (Tim May)
Subject: Re: Who "invented" remailers?
In-Reply-To: <v03102807afba566172be@[]>
Message-ID: <199706040027.UAA11558@muesli.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain

OK I'll partially retract the anti-government ranters comment
since Tim wants to be included in it :-) I think it was clear where
the comment was aimed however...

> The Kleinpaste/Julf "remailer" lacks basic security provisions, and is more
> properly called an "anonymizing service," in my opinion. (I'm not familiar
> with the "Stephi" story, but I know Kleinpaste wrote up a simple
> anonymizing service, which he claims he did in one evening, and decided not
> to support it; he transferred the code to Julf, who supported and (I
> presume) enhanced it, and the rest is history).

All you need to do to have a complete history of the remailer history
is to add in the event that caused Kleinpaste to write the code.. I remember
now, Wizvax may well have been a VMS machine and hence not congenial
to having its code ported off.

It seems that Tim did not explore the less salubrious areas of the net
but the closing down of Wizvax and the first anonymizing mailer was closely
followed by another service whose name I forget but the name Kleinpaste 
certainly rings a bell. 1992 would be about the right time period as
well. Elf Sternberg at Compuserve might well remember the rest of the story.

I agree that the Julf mailer had big problems operations wise but I fear 
that the current mixmaster setup is a bit too unweildy for naive use.
Like PGP I tend to see it as an advert to the authorities that you are 
likely to be up to no good. The CIA can probably find the information they
really want by simply tracking PGP messages on the net and doing trafic 
analysis, same goes for the mixmaster class servers and the problem 
remains that there is no response facility.

I had an idea for an anonymous contact server in the Julf mould that was
resistant to the legal attack. No logs of email addresses would ever
be kept, to retreive responses from the server one would have to send
a retrieval request to it, possibly including a password.

For one time uses this would be enough. But if you wanted to get more
comprehensive deniability you could require use of encryption and 
send back all the messages recieved within a particular partition of
the database. Its pretty difficult to get a good system that allows
a two way communication to be sustained.

The idea was inspired by the crypto-SPAM refusal list that I'm currently
doing a beta test on, try:-


Just don't tell the censorware folks...