-----BEGIN PGP SIGNED MESSAGE----- [ To: cypherpunks ## Date: 07/19/96 08:13 pm ## Subject: Message pools ]
Date: Wed, 17 Jul 1996 23:19:59 -0700 From: Bill Stewart <stewarts@ix.netcom.com> Subject: Re: Message pools _are_ in use today!
2. The authorities already have identified a suspect, call him "Bob," and wish to know if he reading (and perhaps decrypting) messages to "Alice."
As several of us have noted, #1 is tough--real tough. The authorities would have to contact 10,000 or more ISPs who have local newsfeeds and subpoena their logs of who read which newsgroups...assuming such logs are even kept
Getting everybody is tough. Getting a lot of the potential suspects, however, isn't as tough as it looks - the vast majority of home Internet users are on AOL, Compuserve, Prodigy, UUNet, Netcom, or (RSN) AT&T. Anonymous Message Pool users are a bit more likely to use niche-market ISPs, especially under pseudonyms, but if the number of users increases significantly there'll still be a reasonable proportion on the big carriers, which are probably more cooperative and probably keep more complete logs.
There are two other factors. 1. If you're trying to figure out who anonymously posted the ``All faggots must die'' message on alt.sex.motss, you have a very large number of potential suspects. However, if you're trying to figure out who anonymously posted the ``how to manufacture nerve gas'' post, your suspect list is quite a bit smaller. The condition for technical information about cryptography or computer security is similar. 2. It may be that the way you test your suspects is parallelizable enough that you can do a ``dictionary attack,'' in which you go down a list of people who you might suspect of posting something for one reason or another, and test the hypothesis that each of them actually did post it. Suppose I have such a test which can rule out 75% of my suspect list. This becomes a useful tool--especially if I can track multiple posts by the same user and rule out more and more of my suspect list as more and more messages are posted. I wouldn't count on even heavily-chained anonymous remailer messages to protect my identity from moderately wealthy and determined attackers, if I did many anonymous posts. Writing style and topic alone may narrow the suspect list down to a manageable number.
# Bill Stewart +1-415-442-2215 stewarts@ix.netcom.com # http://www.idiom.com/~wcs
--John Kelsey, jmkelsey@delphi.com / kelsey@counterpane.com PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMfZezUHx57Ag8goBAQGe+AP/fYWAfHmFwVdYvoQjAtcIAH5csUb2pWQi GYfsluIY1Wn2sPTxf+2GoVvfmwRlhAgwGtOTav83tsP8KN6uB6MJTe3NO67gL7Cx W1U7yNgC0Ebuyoxr4Hi4p3d0s57wroscy15O7/XgZ3Fcu+yi0lSoJOML86hipCUc plb/XsYBLLE= =sEbh -----END PGP SIGNATURE-----