From: Tim May <tcmay@got.net>
Date: Fri, 16 Jan 1998 10:43:57 +0800
To: Adam Back <rdl@mit.edu
Subject: Re: remailer resistancs to attack
In-Reply-To: <199801151705.MAA03621@the-great-machine.mit.edu>
Message-ID: <v03102800b0e473032403@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain



At 5:25 PM -0800 1/15/98, Adam Back wrote:
>Ryan Lackey <rdl@mit.edu> writes:
>> (Eternity-USENET is vulnerable to technical Denial of Service attacks
>> with the current small number of indexing servers, even if it is protected
>> from legal issues.  I think illegal or extralegal attacks are as dangerous
>> as the legal ones)
>
>Public access servers aren't a good idea.  Really people should be
>running local access servers only.  The index is local, cache is
>local, and USENET is a distributed broadcast medium.
>
>Seems close to ideal to me, the problem being as Tim points out:
>bandwidth limitations.  The bandwidth limitation is debilitating; to
>overcome this we have to relax security, for example by using
>remailers rather than USENET for all but indexes of documents.

This was my point, and has been for years (though not in the context of
"Eternity"). To wit, save the bandwidth for _pointers_, not raw data.

To make this concrete, suppose Alice is in possession of a set of
photographs of Bill Clinton engaged in sex with his mistresses (Paula
Jones, Gennifer Flowers, Tammy Faye Baker, Margaret Thatcher, etc.). The
file size is 5 MB.

The pointer to this file is _much_ shorter, namely, a text description,
and/or possibly a set of blurred thumbnails.

And if the file is only occasionally requested (or purchased), it makes no
sense to blast it to the Usenet frequently (*).

(* And how frequent is frequent, even in Eternity Usenet? I argue there is
little point in blasting such files on a weekly basis, say, as even that is
*much too slow* for someone who really wants the file NOW. A "call and
response" response system, to borrow a phrase from the blues, makes a lot
more sense.)

Additional dimensions or axes are: how many requestors? and how many suppliers?

>One criticism I noticed several people raise was that USENET would be
>shut down as a way to kill eternity USENET when something
>controversial gets posted.

I have not argued this. Usenet is notoriously hard to "shut down."

However, it is quite likely that newsgroups carrying vast amounts of
"Eternity Usenet" stuff will overload the system and effectively force the
newsgroup to not be carried by many sites (just as alt.binaries.pictures.*
groups are already excluded from many newsfeeds, for both bandwith/storage
and naughtiness reasons).

>However it seems to me that the weakest point is the remailer network.
>It seems likely that it would be much easier for governments to shut
>down the remailer network than it would be to shut down USENET.  There
>are only around 20 or so remailers, and they all have known IP
>addresses, operators, localities, etc.  I expect the spooks could shut
>them down with less than 1 days notice if they wanted to.

Well, I have long argued for the need for thousands of remailers, esp. the
"everyone a remailer" model.

But, although I agree we need many  more remailers, I think Adam overstates
the ease with which remailers can be shut down, at least in the U.S.

Although there are many "extralegal" atrocities committed in the U.S., as
in all countries, consider some "protections" which exist in the U.S. (I am
no expert on English common law, so will confine myself to the U.S., where
at least I have some knowledge):

1. The First Amendment is incredibly powerful ammunition against a blanket
shut down of "speakers" or "publishers."  Vast amounts could be written on
just this one point. Basically, if the U.S. Government was constitutionally
unable to stop even the publication of the Pentagon Papers, how could Joe's
Remailer be enjoined from passing along received messages?

2. Even a hypothetical law requiring senders to identify themselves, seen
by some as an end to remailers, would be easily surmounted by interpreting
remailers as "commenters." By this I mean the following:

"Hey, Fred's Commenter Remailer, look at the weird message I just received:


lke[i=39023pok=94pk[e=f
3r93ir=-039r=30r9p0ir-3r9i3=r0923=
1-903u-q938-398-9
etc.

Any comments on what this means?"

In other words, unless the right to _comment_ on a received letter or
message is quashed, I can simply comment on such messages. (Of course,
Fred's Commenter Remailer would do the same with the next in line....

I mention this not because I think it is likely, but to show the can of
worms the government would open if it tried to "ban remailers."

3. Encrypted speech is speech. So long as speech is legal, encrypted speech
is legal. Any law limiting encrypted speech is limiting speech (in an
overbroad way, not the narrowly defined "shouting fire" cliches).

So long as encrypted speech is legal, remailers will be legal.

--Tim May




>
>So, where would blacknet, and eternity USENET be after that?
>
>How do we improve the resistance of the remailer network to well
>resourced attackers intent on dismantling it?
>
>Adam


The Feds have shown their hand: they want a ban on domestic cryptography
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^2,976,221   | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."