1997-09-26 - Re: Remailer Attack

Header Data

From: Anonymous <anon@anon.efga.org>
To: cypherpunks@cyberpass.net
Message Hash: 84d6f3412ee420e56778cba41b4b2b73ff9f9995aba4c5979d333a2e97ef37bc
Message ID: <518a11cd897fab49c5c65badb848d348@anon.efga.org>
Reply To: N/A
UTC Datetime: 1997-09-26 17:49:24 UTC
Raw Date: Sat, 27 Sep 1997 01:49:24 +0800

Raw message

From: Anonymous <anon@anon.efga.org>
Date: Sat, 27 Sep 1997 01:49:24 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Remailer Attack
Message-ID: <518a11cd897fab49c5c65badb848d348@anon.efga.org>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Robert A. Costner wrote:
>At 03:03 AM 9/26/97 -0400, Monty Cantsin wrote:
>>Right now it's [the remailer network] sort of usable, but only for the
>>dedicated, and there aren't many of us.  I seem to be the only
>>persistent authenticated nym who posts with any frequency.
>...
>>One problem with operating a nym is that people almost always respond
>>to it with suspicion and hostility, even on this list.  It would be
>>nice to have an ordinary looking e-mail address that took in messages,
>>encrypted them for your public key, and then sent them out to
>>alt.anonymous.messages for pickup.  Going the other way it would be
>>nice if the account would accept signed messages and send them out as
>>normal e-mail or news articles.  This would allow nyms to participate
>>in NetWorld like everyone else.
>
>Your desired functionality seems to be describing the operation of a nym
>server, which you are not using.

No, the nym servers differ in two important ways.

1. They use a reply block so your true identity lies encrypted beneath
the public keys of several remailers.  I would rather the message went
to alt.anonymous.messages.  (I guess this could be jury-rigged by
supplying a reply block which sends the messages to a Usenet gateway.)

Didn't the weasel remailer operator recently move his accounts over to
redneck because of police interest?  Weren't we reassured that no
identities were revealed and that they wouldn't be revealed?  That
should be a good illustration of the weakness of a reply block to an
ordinary e-mail address.

Also, by my reading of the "uptime" statistic in Raph's remailer
chart, a reply block is not going to be very reliable for receiving
mail.  Are there any nyms out there using the nym servers who will
endorse the reliability of reply blocks?  Would you run a business
using them?

2. The nym servers advertise that the accounts are nyms through the
choice of domain names.  So, presumably, people will respond with the
same hostility that they respond to any other anonymous message. 

I presume the remailer operators want to minimize the number of times
somebody is defrauded through an anonymous account.  But, by the same
logic, ISPs should carefully identify their customers the same way a
bank does.  E-mail addresses should not be used as an authentication
method.

Monty Cantsin
Editor in Chief
Smile Magazine
http://www.neoism.org/squares/smile_index.html
http://www.neoism.org/squares/cantsin_10.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBNCvO2paWtjSmRH/5AQEuFQf5AUPisKJypoHrU7H2Oi8bbs2GSBP+IvS3
iQJd+JO7rQv6h8rZ/qPKrgZOViAz95xNCVHLabQsIZKPJxxhjV94obu5k2+QW06S
i7PrsQM9y4+G611Cej5ND2axo9yDxprOV3/IQ/VuXvmXxyK8Xeg4Wt7GD/Skatc9
dVvTwPCD523tZJeYvKSq9l4AE/Gum+7LTEmWewz36dOm9dNokrRLcM3IqDhzhigW
np9tFPxwdrVy2AEDl8RCg8oAVzJt1sjW7CytuCK3kOyeh9hF0NlcSgE+BtMoVoqW
IhMVVeD4pMjeHWohAfyTuEEzDRPkNdBf/9YUulik+aMkR4TWnXUG+A==
=xYd9
-----END PGP SIGNATURE-----








Thread