March 1993 - cypherpunks-legacy

more ideas on anonymity
by L. Detweiler 01 Mar '93

01 Mar '93

The question as to what specifically to prohibit being posted anonymously has come up, and is by far one of our most serious and sensitive considerations. Of course, the decision is largely in the hands of the anonymous server operator, but no generally accepted guidelines currently exist, and we might help some people and advance the cause by codifying `legitimate use'. First, let me assure you my intent and preference is that it should be as liberal as possible. Let's look at some of the options (I'm tiptoeing on eggshells here, please don't flame me too much): 1) operator makes decision for every posting brought to his attention. Things that would test this system: what about revisionists (not ugly-enough term) who claim that the Holocaust never happened? Or someone who is posting extremely provocative but fabricated data? (The first case happened on Prodigy--the censors let it through at one point, and was documented in a column by Alan Dershowitz, famous American lawyer defending e.g. Mike Tyson, and other major celebrities. The second case happened with the now infamous challenger transcript posting, where anonymous user of penet posts without any comment a `transcript' of shuttle crew dialog during the crash.) Here, I think one policy might be that if the poster seems to be repeatedly and blatantly fabricating the data himself, maybe some restriction or warning is in order. But if ever the poster includes `real source' (no matter how trashy) from the outside world, and makes it clear that they are not the originator, only the purveyor (`messenger'), perhaps this is less serious. (I think Mr. Helsingius' current standards in this area should be held up as an outstanding model of commitment to privacy and free speech.) 2) some kind of global system for keeping track of `abusive' posters. Here are some interesting ideas--how about lists circulated among anonymous server operators only (not public) that record barred users by their email address or even real identity? The lists could be categorized and tagged so that the administrator can prohibit use based on the seriousness of the offense. Here are some things that operators `might' look at: 1) ad hominem attacks 2) flame baiting 3) lying outright 4) defying Usenet conventions: posting copyrighted material, binaries to regular groups, massive amounts of data, etc. 5) number or existence of *any* complaints 6) `racist' remarks 7) terrorism 8) `harassment' 9) anything illegal in the poster's country (yes, tricky I know) ad infinitum ad nauseam. Maybe we could try to organize the severity of this kind of stuff, and classify servers as `type 1' or `type 2' and we can get a feel for how liberal or conservative the operator is. The operator would say which lists he subscribes to, and which lists your email address will go on if you abuse the site. Really extreme operators (like Mr. Kleinpaste) might actually be interested in `public' lists -- abusers get their email addresses, along with the offense, posted on the public list, i.e. `outed'. Now, I think a lot of this is pretty unpalatable, but we have things to gain by formalizing these mechanisms, and as long as the anonymous user is *warned* in the server intro-use message, and possibly even has ways of redress, and has choice of different servers, then the system could be fairly agreeable by most. Remember, no one is preventing operators from being conservative or liberal as they like, the only thing wanted is adherence to their stated policies. Look what we have to gain. Currently, there is a lot of censorship (attempts? conquests?) going on behind the scenes, as a recent episode here attests. No one really knows how effective in general it is currently to hunt down and bar `abusive' users (hence a lot of misinformation and paranoia about the effects of anonymous servers). If we could have some *statistics* that show x% of nonanonymous users get complaints and y% of anonymous ones do, this would be very useful for gauging the social impact of our technologies. (There could be some very surprising results---I get the impression that many very responsible people *prefer* anonymity, and conceivably the overall complaints on anonymity could even be *less*). 3) Possibility of net.trials Ok, so don't flame me too much on this one. But if `abusers' (this could be for anonymity on a local server, but eventually involve to other realms) were subject to a `trial by peers', imagine what this could do to enhance the legitimate reputation of networks. Suddenly, a judicial system. I certainly don't want to be known as an advocate of bringing in lawyers and bureaucrats. Actually, that's precisely why I'm proposing this, to prevent that scenario. Imagine that the net establishes these formal self-regulating mechanisms. People in the real-world law enforcement would be much less likely to become enraged by perceived abuses when they realize that there are intrinsic mechanisms for quelling the psychopaths (uhm, maybe, anyway). Also, if people weren't added to blacklists just by the caprice of one operator but after a perceived fair `trial', people at other sites would be much more willing to enforce the sentences of suspension, expulsion or whatever. An electronic trial by peers? (with voting at the end?) A very interesting idea. Each server may develop a kind of peer or family structure, keeping kin in line. Maybe everyone that replies to an anonymous message could vote in their header whether to get rid of the user, with the default `one vote of approval' (limit voting regularity). Approves add, complaints subtract. The user starts with some initial balance. If he gets down to zero, *poof*. Lots of `approval'? No problemo. Post something really outrageous? You might get enough zaps to lose it all. Imagine, this could improve the accountability of users in *general* (the mechanisms could be applied to new Usenet groups, for example, or if very trustworthy and fair even logins themselves). I've been a bit vague and ambiguous in some of these statements. This is because, as I hope has become clear, the kind of things that start out on anonymous servers could eventually have a much greater scope, so that it `behooves' us to develop effective and dynamic mechanisms for self-regulation. Keep in mind a lot of these things are happening already albeit in much less formal ways. For example, the convention is to send complaints to the system adminstrator at a site regarding their users, and they act as judge and jury (or use whatever other local procedures are in place). The user may or may not be able to justify their actions (redress). There is already a loose confederation of cooperation between administrators, esp. over extremely abusive posters. We already get somewhat public `trials' of extremists, where people put forward all the evidence on Usenet and argue both sides. `Enforcement' and `punishment' sometimes consists of revoking logins, feeds, or whatever. I think we ultimately stand to gain by `formalizing' a lot of the currently informal mechanisms in place. My feeling is that if we don't head off these issues at the pass, so to speak, Real World (tm) courts will start deciding them for us. Let's develop something we can be proud of and will be a model of excellence for the future, and not something frail and unstable. Perhaps our anonymous motto: ``I disagree with what you say but will defend to my death your right to say it.'' --Voltaire (written pseudonymously)

4 4

Re: more annoying philosophizing on anonymity
by hkhenson＠cup.portal.com 01 Mar '93

01 Mar '93

Re this thread, and picking up a current theme, what do you think would happen if a message claiming to be responsible for the WTC blast came through an anon remailer? Keith Henson

1 0

anonymity + untraceable digital money = potential problems
by ALAN DORN HETZEL JR 01 Mar '93

01 Mar '93

Dear Group, I believe that I see a potential serious problem with they onset of truly unbreakable anonymous communication combined with untraceable digital cash. The problem is that crimes such as blackmail and extortion would become absolutely impossible to defend against. Kidnapping for ransome would get a LOT easier. One of the serious deterrents to crimes such as kidnapping is the probability that one will get caught attempting to communicate ones demands or collect the payment. If one can make TRULY anonymous demands and receive payment which is TRULY untraceable, one can strike without warning and then proceed virtually without risk. I could send you an anonymous note threating to poison your dog, kill your wife, burn down your house, whatever..., ... unless you pay me $$$ in untraceable digital cash. What can you do? You pay and I go my merry way with your money, or you assume I am bluffing and don't pay. MANY PEOPLE WILL NOT CALL THIS BLUFF, and there is the serious problem... I foresee a great way for jerks to "earn extra income in their spare time" threatening hundreds of people in mass anonymous mailings. Some of these folks will be scared enough to pay off. Where is the risk to the person who commits these acts? He's COMPLETELY anonymous! Food for thought. Dorn

1 0

more annoying philosophizing on anonymity
by ld231782＠longs.lance.colostate.edu 01 Mar '93

01 Mar '93

OK, I'll keep this brief. Yes, the postal service delivers anonymous mail. Yes, you can make anonymous telephone calls using pay phones. But like all hastily construed analogies, they fail in the magnified specifics. The problem here is that the fragile remailers being built right now are operated by *individual users*, while these other services are parts of vast public infrastructures. Now, until anonymous servers become part of the vast public infrastructure (I'll give us all the benefit of the doubt on this one), operators will be *extremely* vulnerable to what goes through their remailers. All this idealistic ranting about free speech is really inspiring (uhm, occasionally) but it doesn't help people whatsoever (in fact, it clearly is a very strong turn-off!) who want to establish remailers and anonymous posting services *right now*. For their sake, please switch off the impassioned speeches for unattainable lofty heights. (My previous message is my own feeble gesture of penance.) These people will go somewhere else if they find that our ideas are hopelessly naive, impractical, unrealistic, etc. Somehow, I just get the feeling that people won't be quite so uninhibited and be a bit more subdued when the first cypherpunk operator is jailed on contempt-of-court charges for refusing to decrypt his log/alias files, or prosecuted for destruction of evidence, or whatever. (Or maybe this would be a call-to-arms on the level of the Alamo or Pearl Harbor.) Mr. Ringuette is discerning in his view that some talking-past-each-other is going on based on issues of time frames and assumed/hidden agendas; and that the issue is the most serious one facing us *right now* is right on target. Please accept some minor sacrifices in the short term for some vast gains in the future. I think if we take the position that some ugly and gross mechanisms for anonymity limitations are put into place right now, they can be training wheels that will eventually mostly be taken off in the future, but in the meantime help to convince the world of our `good faith' intent, and serve as practical models for future systems. (What, you say we don't have good faith or practical systems? Maybe I'm seriously deluding *myself*.)

2 1

CFP Costs Too Much!
by tcmay＠netcom.com 01 Mar '93

01 Mar '93

(I'm copying Bruce Koball, General Chair of the CFP Conference, on this message, as I don't know if he gets the Cypherpunks list.) Dave Deltorto is one of several people I know, including myself, who don't like the prices of the upcoming Computers, Freedom, and Privacy Conference: >.... I would also dearly like to attend CFP, but >I haven't yet found a way to do it without money (anyone who knows a way I >can volunteer my way in and help out please say so - I'll sweep up after, >anything...). In my opinion, $405 is way too much to pay for this conference. Science Fiction conventions routinely get the use of major hotels at a far lower per head price (from $40-$125 is typical). The BayCon convention takes over most of the public facilities in San Jose's Red Lion Inn (several ballrooms, many smaller rooms, and most of the public lobby areas), has about 500 attendees (same as CFP), and charges less than $100 for 4 days (and one-day memberships are typically around $30). And the "Hackers Conference" has kept its cost down to around $300, which includes two nights lodging and all meals (very sumptuous meals, too). Granted, CFP puts out a nice transcript of the talks--credit them $20 for that. Granted, a couple of meals are thrown in--credit them another $30 or so. What's left is still too much. Yes, a "register early" discount exists/existed, but inasmuch as there's a nonzero risk someone can't attend (and hence loses what they paid, or some fraction of it), counting such discounts is not really kosher. There are several possible reasons for the high fees: 1. Price insensitivity. $405 is what the traffic will bear. Most attendees are subsidized by their law firms (which often charge $200 or more per hour, so $400 for a conference is practically invisible to them), their corporations, or the government (taxpayers). I suspect most targeted attendees are price-insensitive. I'm price-sensitive, because I have to _earn_ about $700-800 before taxes to pay for the $405 being charged, and I have better uses for $405 (like a new DAT machine). 2. "Everyone else is doing it." Conference prices have been skyrocketing the last few years, although some conferences (like the SF conventions I mentioned) are still price-conscious and hold down prices. If CFP meets their attendance goal of 550, I guess they'll have been justified to price it as they did (though the mix of attendees could still be an issue to consider). And if they fail to meet the goal of 550, even with the comped or subsidized attendees, perhaps they can reconsider their pricing. 3. Subsidies of journalists. In talking to several journalists and journalistic wannabees, I've found they're getting "comped" passes. Thus, the paying attendees are subsidizing the shmoozings and barhoppings of our journalist friends! (This is not meant as an insult to the journalists out there...I just can't see why they get subsidized attendance.) How important a factor this is depends on the number of journalists, of course. (With hundreds of new magazines every year, 50 channels of shit on the t.v. (to borrow a phrase), and thousands of newsletters on every conceivable subject, I am waiting for the day when there are more journalists at these kinds of conferences than nonjournalists! They can all talk to themselves, I guess.) 4. Other costs. And profits. Maybe it costs CFP much more to put on this conference than it does some of the other conferences I've mentioned. Maybe they have fewer volunteers. In any case, I wish them luck. They are free to set their rates as they wish. I don't plan to attend, in case I haven't already made that clear. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay(a)netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available.

2 1

Re: A Modest Proposal
by Eric Hughes 01 Mar '93

01 Mar '93

I wrote: >Acknowledgement that a procedure is an exigency does not make that >procedure desirable of itself. All differential carriage based on >content is censorship. I acknowledge the exigency of certain forms of >censorship in currently deployed anonymous systems. A member of the list wrote back to me to say that this went over his head because he wasn't a lawyer. I am not a lawyer either. Since a compact statement has been too compact, allow me to be more verbose. An exigency is something you do because you have to in order to accomplish something else. It's not something you do because someone told you to or because you promised to do it. Exigencies, if you don't like them, are often called 'necessary evils,' with all the connotations of that phrase. In this case, restrictions on remailers are an exigency, something you might have to do to stay on the net. Now just because you have to do something doesn't mean that's a good thing. In California, you have to give out your thumbprint in order to get a driver's license. Giving the thumbprint is an exigency. I did not want to do that; I don't think it's a good thing; I did it anyway because I wanted a driver's license more than I wanted my thumbprint not to be digitized. Differential means that two things are not the same and has the connotation that one is preferable to the other. Carriage is the noun form of the verb 'to carry' and in this context refers to the act of carrying an electronic message. Thus differential carriage is carrying some messages preferentially, such as refusing to mail to or from a particular site, or to delay or alter some messages but not others. I claim that all differential carriage where the differences in how the messages are carried arise from the content (or expected content) of those messages is, in fact, censorship and should be called such. If am operate an anonymous service and I refuse to pass a message because someone has complained about it, I have exercised a preference and created a difference in the way I treat the message. I have exercised censorship over that message. I have presented my service as a public utility, and yet I have created a difference in how I treat messages. My domain of potential censorship is not large, but it is there. It is an unfortunate fact of the internet that there will be pressure brought to bear against the operators of anonymous remailers, and that in the interim such pressure might be strong enough to force such operators off the net. Some restrictions against content might be necessary to keep these services online. If so, then I believe that these restriction should be implemented. I'd rather have the services running. Nonetheless, I deplore any such restrictions. And if it not perfectly clear by now, let me finally state that I am in agreement with Lance Detweiler on this point, that some restriction may be necessary in order to keep anonymous services online. But that said, I still don't like it. I will continue to dislike it, and I will work to make the necessity for restrictions disappear. Eric

1 0

Cypherpunk remailers 03/01/93
by Karl Barrus 01 Mar '93

01 Mar '93

The list of cypherpunk remailers known to me: 1: hh(a)pmantis.berkeley.edu 2: hh(a)cicada.berkeley.edu 3: hh(a)soda.berkeley.edu 4: nowhere(a)bsu-cs.bsu.edu 5: ebrandt(a)jarthur.claremont.edu 6: hal(a)alumni.caltech.edu 7: remailer(a)rebma.mn.org 8: elee7h5(a)rosebud.ee.uh.edu 9: phantom(a)mead.u.washington.edu 10: hfinney(a)shell.portal.com 11: babani(a)cs.buffalo.edu 12: remail(a)extropia.wimsey.com NOTES: #1-5 no encryption of remailing headers #6-12 support encryption of remailing headers #2 requires remailing request to appear in header #12 requires text to be encrypted along with remailing request #7,#12 introduce larger than average delay /-----------------------------------\ | Karl L. Barrus | | elee9sf(a)menudo.uh.edu | <- preferred address | barrus(a)tree.egr.uh.edu (NeXTMail) | \-----------------------------------/

1 0

some PRACTICAL ideas on ...
by ld231782＠longs.lance.colostate.edu 01 Mar '93

01 Mar '93

Ahem, well, there have been some complaints of too much impractical philosophizing and ranting of late, so here's my penance. Notes on how to protect alias files, ideas on digital money, and an excerpt on computer raid techniques from The Hacker Crackdown by Bruce Sterling. (Disclaimer: In no way should any of this be contrued as encouraging or advocating destruction of evidence.) self-Encryption time bombs -------------------------- Some lost soul asked an excellent question about a week ago regarding how to protect things like the alias file of an anonymous server from attack, possibly using encryption. This is actually a very interesting and difficult problem, and I've been rolling it around in my brain a bit, and some things are now rattling out onto the keyboard. The question applies really in general: how do you simultaneously use and protect data from prying eyes? I don't think there are really any simple and ingenious approaches, or they might have been suggested by now. Actually, the silence on the topic assures me that its indeed rather difficult. One idea is to keep the only the encrypted version in permanent storage. Keep the usable copy in something volatile like memory (e.g. a Ramdisk). This makes it much less solid. Another idea is to have a `time-bomb' encryption device. Here's the idea applied to a remailer. Every few hours the remailer asks for the owner to type a password. If the meow isn't answered, it panics and locks up everything, electronically `burning' anything important and encrypting stuff that needs to be kept around. This of course is problematic because if someone grabbed the server they could utilize it in the time window. Ok, so imagine that the server can somehow `sense' whether its real owner is present and typing. This could mean that the owner types in a certain way or runs a dummy command at least once an hour or whatever, or has his foot on a footpedal or whatever. Again, the server panics if it sees something awry. Also, note that usually computers are switched off and cables unplugged when confiscated. If the interesting stuff is in only in RAM, no problemo. This gives other ideas though. When a certain cable is unplugged, *poof* goes certain data or whatever. Ideally there would be a daemon that is always alive (even with switched off power) that could deal with the signal that something bad has happened. Another idea is to check for operator signals at boot time. When the confiscator boots the computer (assuming they do, and not unplug the hard drive for analysis) the computer could look for the cue and say something like ``one monent, loading system'' while it is in a mad dash to encrypt everything important (but it must delete the password used for this at the end, of course!). Then it could give a regular login prompt and even let in the infiltrator. Finally, note that in raids usually the operator is taken away from the computer immediately (see attached notes) while the confiscators (I'm trying to stay neutral here) grab all the hardware. Hence, a `direct' signal to the computer that requires the operator to do something and the computer to respond is difficult in these situations. But the possibility of rigging panic-encrypt buttons in surreptitious places all over your house (flush!!!) is not completely outlandish. digital $$$ ----------- There seems to be a lot of interest in this topic. Now, unfortunately I think anyone who wants to set up a *real* bank on the internet right now and handle transactions via email would really swiftly arouse the fearsome ire and wrath of vast segments of the net. Whatever, I'd like to point out that it is entirely feasible *right now* using *credit cards*. There are obviously automated credit card machines that can make transactions solely electronically based only on that lovely *data* cypherpunks love so much (card # and exp. date). Maybe some even have RS232 interfaces! (for the brain dead, that means they'd be as trivial and familiar to interface to a computer as MODEMs!). Imagine this scenario: a banking server! user registers with the server by giving card data. He can then let other businesses make debits through the server to his account, with all the cryptographic/authentication assurances that this can only happen when he permits, of course. Anybody who ever started doing this, I think there should be at first *huge* amounts of verification, like email sent to the user asking for confirmation of every transaction, monthly statements, ceilings, etc. But *wow* think--its all entirely doable right now! If the banker wanted to he could even deal with requests to open real accounts with regular money. But this is probably much farther off--the idea of the server as nothing but a link to credit cards is very convenient and more accessable, it seems to me. (The case could be made, if initially the service was free, that no commercial service was being performed.) Imagine being able to write programs that send mail to a server to bill users for services. Neat! But OOH the phreakers would have a field day with this kind of thing if it wasn't AIRTIGHT SECURE. * * * Now a little transcription gift to the net. I found the following account of the typical `hacker raid' interesting. It comes from the book `The Hacker Crackdown' by Bruce Sterling (1992 Bantam books). p160 The account is mostly based on U.S. police tactics during the Operation Sun Devil raid in the early 1990s. A typical hacker raid goes something like this. First, police storm in rapidly, through every entrance, with overwhelming force, in the assumption that this tactic will keep casualties to a minimum. Second, possible suspects are removed immediately from the vicinity of any and all computer systems, so that they will have no chance to purge or destroy evidence. Suspects are herded into a room without computers, commonly the living room, and kept under guard--not *armed* guard, for the guns are swiftly holstered, but under guard nevertheless. They are presented with the search warrant and warned that anything they say may be held against them. Commonly they have a great deal to say, especially if they are unsuspecting parents. Somewhere in the house is the `hot spot'--a computer tied to a phone line (possibly several computers and several phones). Commonly it's a teenager's bedroom, but it can be anywhere in the house; there may be several such rooms. This `hot spot' is put in the carge of a two-agent team, the `finder' and the `recorder.' The finder is computer-trained, commonly the case agent who actually obtained the search warrant from a judge. He or she understands what is being sought and actually carries out the seizures: unplugs machines, open drawers, desks, files, floppy-disk containers, and so on. The recorder photographs all the equipment, just as it stands--especially the tangle of wired connections in the back, which can otherwise be a real nightmare to restore. The recorder also commonly photographs every room in the house, lest some wily criminal claim that the plice had robbed him during the search. Some recorders also carry videocams or tape recorders; however, it's more common for the recorder simply to take written notes. Objects are described an numbered as the finder seizes them, general on standard preprinted police inventory forms. Even Secret Service agents were not, and are not, expert computer users. They have not made, and do not make, judgments on the fly about potential threats posed by various forms of equipment. They may exercise discretion, they may leave Dad his computer, for intance, but they don't *have* to. Standard computer crime search warrants, which date back to the early 1980s, use a sweeping language that targets computers, most anything attached to a computer, most anything used to operate a computer---most anything that remotely resembles a computer--plus most any and all written documents surrouding it. Computer-crime investigators have strongly urged agents to seize the works.

1 0

Re: more ideas on anonymity
by ssandfort＠attmail.com 01 Mar '93

01 Mar '93

_________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Today, Theodore Ts'o raised the specter of libel and slander to justify some forms of censorship for anonymous remailers. He assumed, rhetorically, that if you believe in total freedom of speech, than you must not believe in libel or slander. He is correct, of course. Nevertheless, his implied conclusion is in error. He would have us give up free speech to uphold libel and slander. I say, let's give up the artificial concepts of libel and slander and uphold our freedom of speech. Can people be harmed by speech? Maybe yes, maybe no. But if so, that is the price that must be paid to avoid a far greater harm. Damnum absque injuria--there are some loses for which there is no remedy at law. If your girlfriend impugns your manhood, there may be harm. But should her speech be ILLEGAL? I think not. I'm sure that what NBC did was NOT libel or slander. It may have been fraud, though. In any event, if a free society chose not to make what NBC did illegal, that in no way implies that NBC was "perfectly justified" in faking an explosion. It just says society takes any remedy out of the hands of the state. Of course, NBC's acts have already damaged its own reputation karma. Serves 'em right, too. One last note about practicality. We live in a world with pay telephones, which anyone may use to threaten anyone else, anonymously. Shall we eliminate pay phones? Today in the United States, a uniformed agent of the government will deliver your anonymous threat to your victims door for only US$0.29. Shall we eliminate the Postal Service? (The answer is "yes," but for other reasons.) So what's the point? Why should we be any harsher on the networks than we are on all the other anonymous channels? There is only one realistic and moral solution to threats of violence. Punish the perpetrators, not the messenger. Even in today's world, crimes are rarely solved by wiretaps, forensic science or any of that. Perps gets fingered by someone they know; perps confess; perps screw up and accidentally give themselves away; or the intended victim blows the perp's head off during an attempt to carry out the threat. Again, punish the perpetrators, not the messengers. S a n d y ssandfort(a)attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3 2

Censorship...
by Hal 01 Mar '93

01 Mar '93

Ted Ts'o writes: > I noticed that in several postings, people have made the jump that > revealing the real person (or the previous hop in a remailer chain) from > an anonymous remailer is tantamount to censorship. I'd like to call > into question that assumption. "Censorship" is an emotional term. My New World Dictionary defines it as the act of censoring, and a censor as "an official with the power to examine publications, movies, television programs, etc. and to remove or prohibit anything considered obscene, libelous, politically objectionable, etc." I think this corresponds pretty closely with how we use the word. It suggests that a good test for whether an action is censorship is whether the prohibition is based on the content of the message along the lines above, where a message is controversial, obscene, etc. (Many Libertarians would argue that no private action can be censorship, that only government actions backed up by the threat of force can be. They might point to the word "official" in the definition above. I think that the more common use of the word would include the concept of private censorship; as, for example, in the case of a newspaper editor who kills a story because it attacks a powerful political friend of the editor. He can be considered an official of the newspaper.) Ted then gives the example of someone yelling at 4AM in the morning. Stopping this action would not be censorship by this test. You don't care about the content of his speech, just the volume. Ted also mentions libel and slander. Stopping these would apparently be censorship by the definition above (which explicitly mentions "libelous"). For the remailer cases, stopping usage due to excessive volume would not be censorship. It would be analogous to stopping someone from yelling at 4AM. Your restriction is not based on content. On the other hand, stopping usage due to the content of a message would be censorship, especially if it was due to the message content being "obscene, libelous, politically objectionable, etc." I think many of the attacks on anonymous messages based on content would in fact fall into these categories. I am not arguing here that censorship is wrong, although certainly the word has acquired negative connotations. It's interesting to see that stopping libel can be considered censorship, and this fact might cause those who believe in laws against libel to consider whether censorship may sometimes be good. If they do feel comfortable with that, then they can openly call for censorship by remailer operators without mincing words. Hal Finney

1 0