Hiya, One of the newsgroups I was reading have this persistant "tester" who uses the anon service in Finland. Anyway, there were several different postings, all with different ids, but same kinds of "this is a test, nyah nyah" contents. As I was one of those "stop it" people, and seeing more of the same bullshit by that guy, I got slightly pissed off, and started thinking. Already that person is using about 3 different anonymous ids. If he is introduced to the remailers here, conceivably he could generate more anonymous ids for himself (ie, kill files won't work then, unless you want to kill a whole site) by routing his mail thru the remailers. Each remailer would give him another userid at that anon service. And if he uses it to loop back to the remailers... And then loop to that Australian anon service... and so on. He could "legitimately" have a hundred or so different anon_ids, from one original userid. What if someone who realises this was to use that capability to post some really "colorful" material to news? Suddenly you have a hundred or so weirdos posting "I want nude pictures of a gerbil, please" to alt.binaries. pictures.erotica... you get the idea. Is there anyway to stop this from happening? And this is on top of the real weirdos (ie, those who know how to post anonymously, like most of the readers of this list... :)) So far, the net has functioned as it's own sieve with regards to the "weirdos" but if the remailers is generally available (as it should be!), the potential for abuse is much much greater. Any way to slow it down? "Hey, look, a flame war, let's join in..." Of course, if someone was to forge a mail to the anon service... don't even need to know about the remailers... but with forged mail, the anon service can at least "check" to see the validity of your address. I realise that this is probably not important in the overall scheme of things... but I am curious about what can be done to reduce such potential abuse. Ciao. -Tai ps: Any tips on tracing anonymous mail and newspostings? I mean beyond the "from" and "path" things... ie, trace to the userid... Someone tried to forge a posting in my name... (yes, that's what got me thinking :))
ps: Any tips on tracing anonymous mail and newspostings? I mean beyond the "from" and "path" things... ie, trace to the userid... Someone tried to forge a posting in my name... (yes, that's what got me thinking :)) Remember to look at the "Message-Id" -- on typical unix mailers, that has the IP address encoded into it to help make it more "unique". A social point to keep in mind, though: one reason we really *need* signed messages is because there is no real identity attached to email. It is easy to "believe in" some identity you see on the net, and for the most part enough of them are real that it is ok... but I expect this to become even more of a problem than it is now without signatures. A "historical" example -- at MIT, as part of Project Athena, we have a real-time messaging system called Zephyr (for more details, look in Usenix proceedings from some time in 87 or 88, or just look at athena-dist.mit.edu:pub/usenix/zephyr.PS.) It optionally uses kerberos authentication, and the recipient application will display whether a message is authenticated or unauthenticated. People tended to ignore
this, until one of the other developers wrote a program that looked at the database of current users, picked a pair at random, picked a message at random, and sent it to one, from the other. (It backfired amusingly once -- it sent a message from him, to me, saying "I'm stopping at the coffeehouse, want me to get you anything?" to which I responded sure... and then harassed him about it for years, until he finally *did* bring me the M&M's I wanted. :-) The point was that this program didn't fake the authentication (it did use privileged access to look at the user database, which is not available remotely, but the messages themselves were unauthenticated) but rather noone paid attention to it. The "unauthenticated" flag was made more visible in a later release, I believe... but I don't think anyone ever went as far as refusing unauthenticated personal messages altogether. I could see that happenning with email... _Mark_ <eichin@athena.mit.edu> MIT Student Information Processing Board Cygnus Support <eichin@cygnus.com>
Tai (UFLTAI@MEMSTVX1.bitnet) asks about how best to stop people from generating many, many digital pseuodonyms, thus evading filtering by "Kill" files. Lots of issues here. The longterm solution is to use "positive reputations" and not just "negative reputations" (as in Kill files). This is something Dean Tribble just talked about at our last physical meeting of the Cypherpunks ("Bay Area Branch" :-} ). Think of like a credit rating. People _earn_ trust, they don't just get assigned a credit rating until they do something bad. Positive reputation filtering will still allow digital pseudonyms, but a reputation will be attached and will be important. Read Vinge's "True Names" for some insights on this. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement.
Date: Thu, 17 Dec 92 17:33 CDT From: uunet!CUNYVM.CUNY.EDU!UFLTAI%MEMSTVX1.bitnet X-Vms-To: IN%"cypherpunks@toad.com" I realise that this is probably not important in the overall scheme of things... but I am curious about what can be done to reduce such potential abuse. You will be happy to know that solving that problem will be extremely important (probably even in the short term). We need a positive reputation system (kill files filter against negative reputations) so that you only see mail messages by people who have a reputation for valuable postings. I rambled about this topic at the last cypherpunks meeting. I will be posting my notes in an effort to get feedback and organizational help from the people on the list (it will be a few days, however). The content will eventually be organized into something that I hope will spread. dean
participants (4)
-
Mark W. Eichin -
tcmay@netcom.com -
tribble@xanadu.com -
UFLTAI%MEMSTVX1.bitnet@CUNYVM.CUNY.EDU