Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com> writes: Mike Duvos writes:
Contrast this with a DC-Net of boxes which can covertly inject packets into the Net, in some untracable manner. Now we have no identifiable "Hal" to be harrassed, and no one for the Clams to aim their lawyers at.
While this is a nice thought, it is incorrect. You can't "covertly inject packets into the Net, in some untraceable manner."
You can temporarily modify router tables, spoof IPs and idents, and leave few traces behind once the data has been transferred, particularly if the origin is some obscure foreign location.
The output of the DC net is simply a block of random-looking bits for each member of the net. Someone must XOR each of the blocks together before the message is readable.
Correct. But I was mentioning DC-Nets only in the context of a mechanism for permitting the dispersed parts of such a system to communicate with each other, without identification of a particular node as being responsible for a particular action.
If the addressee is not personally watching the DC-net and assembling all the blocks looking for a message, someone else must do that and put it out on the Internet (via e-mail, usenet, IRC, etc...). That someone is the person who is going to take the heat for the massage. It is exactly the same situation as with current remailers: someone gets mail they don't like, they trace it back as far as possible (i.e., to the remailer operator). The last person holding the 'hot-potato' gets burned.
The idea here was to have a large number of nodes, each capable of injecting data into the Net in a manner which cannot be easily traced back to an individual. These nodes would talk to each other using a mechanism which obscured both eavesdropping and traffic analysis of their communications, a DC-Net being one possible way of doing this.
Since it looks like the "everyone's a remailer" dream is not becoming a reality, the key to successful remailers is to make the *operators* untraceable as well. If you can't trace the operator, you can't hold them liable. We have discussed techniques for doing this before: cash paid accounts, using dialups (possibly from a public phone). The remailer must be a 'sacrificial cow' that can be snatched up by 'authorities' at any time.
You could get the same effect with an instant anonymous account that could be purchased with Ecash. You would buy it on the spot, send your mail, and forget about it. For all practical purposes, it would serve the same function as a remailer, and steps could be taken to obscure the identity of whoever had telnetted to it. Another possible approach is the "remailing packets" one. You could set up a packet remailer which could be used as a universal proxy server in some untouchable foreign location. If we had a "packet remailer in a box", these things could pop up all over the place, live a short time, and be nuked. Since the communication would be real-time, concerns over reliability and delivery would not exist in the same way they do for the current system of remailers.
Because it takes considerable time, effort, and money to setup and run a remailer that is untraceable to the operator, there must be compensation. The solution is a typical cypherpunk one: Digital cash postage that is collected by the remailer, encrypted with a public key, and posted to alt.anonymous.messages. Our untraceable remailer operator sits back and collects the cash until the remailer is forcibly shut-down. Then he starts up a new one (assuming this is profitable).
I don't think most people are going to pay to remail. Or, to put it another way, the types of traffic people will pay to remail are those no remailer operator will want to touch with a barge pole.
The age of remailers with publically known operators is drawing to a close. Basically the only missing link is the digital postage. If we get that, then being an anonymous remailer operator could be the first cryptoanarchist job that basically anyone can get and where you can collect money completely untraceably and tax-free. To me that seems like a big step towards the future that many of us have been discussing for the past few years. A very exciting prospect.
Perhaps. Time will tell. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $