tcmay@got.net (Timothy C. May) writes:
Between Hacktic going down, Hal's comments that he may shut down his two sites, and this, plus others who are more quietly making plans to shut down, I think the thread title "The Remailer Crisis" is more apt than ever.
As to potential liability, it is very likely to be vastly more than the examples Alex cites, of $1K or "even a $5k personal loss." Lawyers don't get out of bed in the morning for such insignificant sums.
Yet fully anonymous mailing has always been supported by the Post Office. You may put anything, or nothing, as the return address on an item to be mailed, and drop it in the dead of night into one of millions of conveniently provided bins located almost everywhere. All for the quite reasonable price of thirty-two cents. It is interesting that the above model doesn't seem to survive parallel translation across the manifold to the TCP/IP arena. One reason for this is that there is no Postal Equivalent of Usenet. If anonymously mailed items magically appeared as articles in tomorrow's paper, for instance, one might expect significant heat to be generated, as well as calls for the elimination of anonymous mailboxes, and the association of a valid ID with each item mailed. The other reason is that the network of anonymous Postal mailboxes is so vast, and specific individuals are not associated with particular mailboxes. There is no way for someone like Hal to have rhetorical responsibility, for instance, if the Unabomber plops his latest exploding package into a particular box.
It's one reason I won't run a remailer that can ever be traced back to me. (I also don't have a box on the Net and don't really trust running remailers on machines someone else has root to. And I'm not a Unix person. And....)
Of course, Unix people can send anonymous mail without the use of remailers. Spoof an Ident or an IP, stuff it in some kind person's sendmail port, and "Voila!", the mail is on its way. Perhaps we need a remailer that automates this process. Current remailers all identify the sender quite clearly with a message such as the following... "This message was mailed by an automatic posting service. The sender takes no responsibility for its contents, but if you want to sue someone for an unspeakable amount of money, my name is Hal." It is clear that this model for remailers fails miserably if any significant amount of legal heat is applied. Contrast this with a DC-Net of boxes which can covertly inject packets into the Net, in some untracable manner. Now we have no identifiable "Hal" to be harrassed, and no one for the Clams to aim their lawyers at. Perhaps we could also do something with Mobile Agents, which could carry an encrypted message and stuff it into the Net from some random location. We are certainly at the point where the notion of a "remailer" as an identifiable source of traffic run by a specific individual is about to bite the dust.
Ironically, "copyright violation" and "clam secrets" were not even on the list of "the Four Horsemen of the Infocalypse" that we thought would really put remailers under some extreme pressure. If the Scienotologists can shut down many of the remailers, imagine what the Horsemen will do!
I think it's time for a slight leap forward in the technology that is employed to provide the functionality formerly known as "remailing." A little increase in reliablity might not hurt either. My current success rate for getting something through a remailer chain is about 50%, and that's using Ralph's reliable remailer list as a guide. Time for a brainstorming session. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $