Adam Shostack writes:
Its worth noting that the source code to Julf's Penet remailer is not public (AFAIK). People use it becuase they trust Julf, or trust people who trust Julf.
I seem to remember that Julf took over Stephie's code from Wizvax which used to post into the alt.sex.bondage group. I suspect he has modified it since but I don't think that there is much to it. Even if Julf released some code there would be no way ofknowing that it was the code he runs except by compromising the anonymity of the service itself. In any case it is clear that the confidentiality of the service relies entirely on the trustworthyness of Julf and the security of the lines into Julfs server. I accept the former but can't believe for a moment that every spook and his aunt doesn't have a tap on the latter. How does the cypherpunks remailer work? Does PGP encrypt the signature of a message so that the identity of the sender is unknown? Or is it simply PEM style encryption so that the DN of the sender is in the clear :-( I Phill