At 01:43 PM 10/2/96 GMT, John Young wrote:
10-8-96. VV:
"The Remailer Is Dead, Long Live the Remailer. Life After Penet." By Dave Mandl (Excellent, Dave, yes!)
By the strict standards of the cypherpunks, a loosely knit affinity group of the Net's most radical and technoliterate privacy advocates, Penet's security was actually on the flimsy side. Its Achilles' heel was the file -- just begging to be subpoenaed -- that linked users' real names to their Penet pseudonyms. Cypherpunk-run remailers, on the other hand, generally leave no trace of the sender's true identity. In addition, cypherpunk remailers can be "chained" -- messages can be routed through several far-flung remailers before reaching their final destination, making message tracing all but impossible, even for the remailer operators. http://jya.com/remail.txt ftp://jya.com/pub/incoming/remail.txt REM_ail
Now that Helsingius has shut down Penet, what's to stop him from simply LYING about the source of the messages in question, maybe claiming that they came from the output of a cypherpunks remailer and are thus permanently untraceable? (one feature it might have been useful for him to have included in Penet is the ability of the user to re-address a return address, which would presumably erase the original address in the records. Just sending email and some particular password would do it...) Jim Bell jimbell@pacifier.com