1997-06-06 - Re: Who “invented” remailers?

Header Data

From: “William H. Geiger III” <whgiii@amaranth.com>
To: cypherpunks@Algebra.COM
Message Hash: c0ce98e3ddba67fe5dc66a5dd2781845c38d93c167c703bd3442a76a0613f975
Message ID: <199706060305.WAA00673@mailhub.amaranth.com>
Reply To: N/A
UTC Datetime: 1997-06-06 04:07:46 UTC
Raw Date: Fri, 6 Jun 1997 12:07:46 +0800

Raw message

From: "William H. Geiger III" <whgiii@amaranth.com>
Date: Fri, 6 Jun 1997 12:07:46 +0800
To: cypherpunks@Algebra.COM
Subject: Re: Who "invented" remailers?
Message-ID: <199706060305.WAA00673@mailhub.amaranth.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

In <3.0.1.32.19970605181309.00767c08@popd.ix.netcom.com>, on 06/05/97
   at 06:13 PM, Bill Stewart <stewarts@ix.netcom.com> said:

>Suppose, for instance, that the Feds (whatever COINTELPRO calls
>themselves these days) are watching Alice the Activist, and find that
>she's using Bob's Remailer.  So they watch Bob's Remailer, and find it's
>sending  traffic to Carol@foobar.com.  Maybe they haven't known about her
>before. Or maybe they check with foobar.com and find she's probably Carol
>the Commie, who they hadn't previously known used email.  No, they can't
>prove that Alice sent mail to Carol - but she's still a lead, and since
>they're both politically incorrect people, it's not a bad guess.
>Even with multiple remailers, say 10, this still works.

Well I guess I should let the cat out of the bag, :)

I have been working on addressing this very problem.

I haven't had time to write a formal paper on this but I can give you some
of the basics.

It makes use of a stego of sorts. Alice would post a message to a non
threating mailing list. In that list certain key words would be
misspelled. Carol would use these key words to tell her to look for a
certain message posted anonymously & encrypted in a newsgroup (stego in a
gif file to a binary group works quite well).

Now it would be possiable to track that Alice was sending messages to a
remailer there would be no way to track that Carol was receiving these
messages. At best it would be know that Carol was a reader of
alt.binaries.japan.cartoons or some other non-threating newsgroup.

Now this requires both Carol & Alice to be running the same software for
generating the spelling stegos and interperting them. It helps if Alice
has the reputation of being a very bad speller (ha and you all laughed at
my spelling mistakes). The use of a special dictionary that contains
common mispellings of common words is a great aid but I have yet to find
one in electronic form. An OTP should be generated and used as a seed to
the software to keep the two systems in synch. This can be encrypted &
stegoed and posted to a pre-selected newsgroup. Once the inital synching
of the two systems have been acomplished new pads can be generated and
distributed by the same mechanisims.

This does not protect Alice from comming under the guns for using a
remailer nor does it provide a way for Carol to reply. The anonymous
remailers could be completly bypassed and both Carrol and Alice could do
all communication through stegoed newsgroup postings. Alos mailing list
need not be used but the plaintext messages could be posted via
newsgroups. There is a reliabilty issue going this route (from my personal
experaince mailing list are more reliable than newsgroups YMMV).

The details of applying such a system is more complex but the above gives
you the basics of it.

- --
- ---------------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html
- ---------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBM5d+s49Co1n+aLhhAQEwUAP9EzMOcL0c10ZiF6BrbJ6unXTIbXaJ8zIp
7c2wVdcF81HBMbYXkloyCJGfekRpH+hFN6Ga85XHQ3iS/SD4PUykWx/rrGT6y3Ws
fzvbQ3ST3IR7VBYqtHb49aNNhcr3yg6S5ecp3IXi49WNxi4A+mLQ80omB/mGSEC2
0PA1fDH3bMA=
=wa//
-----END PGP SIGNATURE-----






Thread