On Tuesday, December 11, 2001, at 10:07 PM, Meyer Wolfsheim wrote:
"So far, U.S. and European authorities battling terrorism and cybercrime have apparently focused their surveillance elsewhere. The FBI and the National Security Agency, which monitors international telecommunications, declined to comment on what strategy, if any, they have for dealing with remailers."
That would have made the article much more interesting..
What *is* the FBI/etc.'s strategy on dealing with remailers, other than ignoring them (and hoping that anti-spam/anti-terror legislation will make them illegal?)
The article was not completely silent on speculations about FBI/LEA efforts: Magic Lantern was mentioned as a way to get the keys. I'd guess that remops are likely targets for future "sneak and peek" black bag jobs. Warrants are no longer needed, say the criminals in D.C. (though the Constitution differs). Packet sniffers are another approach. Remember that we have Shimomura's own words that he was working on such sniffers for various intelligence agencie back during the Mitnick affair. Correlation analysis remains promising. Messages go in, messages leave. Without sufficient traffic to get the N^M entropy, imagine what sophisticate statistical analysis does to establish probable mappings. As we (again) discussed at this past Saturday's physical meeting, in Santa Cruz, a sparse set of users and messages is almost a toy system. Remailer traffic needs to go up by a large factor, whether actual messages or dummy messages. Remailers need to be more robust (uptime, strong policies) and need to be incentivized (paid remailers, an old topic). A chicken or egg situation? Ideally, simultaneous development...plenty of precedents for market forces pushing stronger products that customers are willing to pay for. --Tim May "Dogs can't conceive of a group of cats without an alpha cat." --David Honig, on the Cypherpunks list, 2001-11