Re: remailer resistancs to attack (fwd)
Forwarded message:
Subject: Re: remailer resistancs to attack Date: Fri, 16 Jan 1998 04:56:12 EST From: Ryan Lackey <rdl@mit.edu>
Adam Back:
Public access servers aren't a good idea. Really people should be running local access servers only. The index is local, cache is local, and USENET is a distributed broadcast medium.
True.
Where do these private access servers get/send their traffic ultimately?
By having anonymous remailers which are themselves anonymous -- running on discarded accounts, only known by a few other remailers,
So we have lots of little groups of remailers that are hidden from public view by a 'ring' of public remailers (required if we want the general public to access them)? By what mechanism do I as a 'secret' remailer let others know about my existance and hence willingness to carry traffic? By what mechanism is my trustworthyness to be judged for this secret duty?
general public, perhaps by splitting up remailer addresses as a shared secret, so one remailer knows there is a "foo remailer" it can use, and has 1 of 3 where 2 pieces are necessary to have the address. and sends it to another remailer which may have the other part of the address.
Doesn't the remailer have to know who to ask to have a reasonable shot at getting the pieces? Isn't the list of sources going to have to be publicly accessible? Doesn't this also increase the bandwidth problem? Considering the scale required to impliment this, where is the monetary pay off for these secret remailers?
Providing a financial incentive for people to run remailers. This requires digital cash. I believe digital cash will soon exist, and thus this will soon be possible.
At least one current potential for income is the indipendant key server. Charge some amount to keep the keys for a year and charge per access by remailers since they would be commercial enterprises. If the cost were pennies per access you could even access the casual individual user who wants to pull a key (though I personaly would like to see this cost be born by the key server operator). ____________________________________________________________________ | | | The most powerful passion in life is not love or hate, | | but the desire to edit somebody elses words. | | | | Sign in Ed Barsis' office | | | | _____ The Armadillo Group | | ,::////;::-. Austin, Tx. USA | | /:'///// ``::>/|/ http://www.ssz.com/ | | .', |||| `/( e\ | | -====~~mm-'`-```-mm --'- Jim Choate | | ravage@ssz.com | | 512-451-7087 | |____________________________________________________________________|
Jim Choate <ravage@ssz.com> writes:
Adam Back:
Public access servers aren't a good idea. Really people should be running local access servers only. The index is local, cache is local, and USENET is a distributed broadcast medium.
True.
Where do these private access servers get/send their traffic ultimately?
Local eternity servers get their data from a news feed. Preferably a local news feed, or a satellite based feed, or second choice SSL encrypted NNTP server, third choice NNTP server. (Reason for local news feed being preferabl is that it protects the NNTP traffic which would otherwise allow eavesdroppers to observer which articles you were reading. SSL is only a partial solution because you are then trusting the SSL NNTP server operator.) Local servers don't generate any traffic, "local server" is really a misnomer, it is a local proxy for reading news... it presents a view of USENET articles which makes them appear as web pages. It keeps copies of those web pages more up to date versions are read in news, this allows fast access to the web space. There is a trade off between update period and size of web space as the amount of USENET traffic you can generate without annoying people is limited. Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
participants (2)
-
Adam Back -
Jim Choate