lcs Remailer Administrator <mix-admin@nym.alias.net> wrote:

The unfortunate reality is that almost all news servers log, and there is no way to tell if you don't actually have an account on the server. There may be privacy conscious ISPs that actually promote the fact that they don't log, but I don't know of any to recommend.

The point of putting that in the help file was also to make people realize there is a trade-off. Posting to news groups might not actually be the safest solution. Basically, if you are more worried about the remailer operators, alt.anonymous messages is probably the best place to send messages. However, if you are more worried about your employer/ISP than about the remailer operators, then it probably makes more sense just to have an ordinary e-mail reply block.

One solution to this problem is to run your own personal news server like "souper" that gathers ALL new news article in a certain NG and stores them locally for off-line reading. If you're consistently pulling news messages for the alt.anonymous.messages NG off of a certain server, it could be reasonably inferred that you are the intended recipient of at least SOME of those messages. But if you use a client that invariably grabs all the new messages each time, it would be rather difficult to determine which messages you are interested in. To avoid traffic analysis, use a software program to pull the messages for you. If you do it manually, even if you try to pull them all, you will undoubtedly read and save them in a certain order, or spend more time reading certain ones that will betray your interest in certain messages. As for employers, any of them that are sophistocated enough to be monitoring NNTP connections and creating a profile of your reading habits probably also have their own firewall and news server. IOW, if they run their own news server and carry a certain NG, then they'd have a hard time objecting to your reading it. It would probably be wise to assume a worst-case scenario and only deviate from it when you're sure it's safe to do so. For example, suppose you used a pseudonym to publish an article that was critical of the current Ayatollah in Iran, or perhaps deemed offensive to Islam in general, and you were sentenced to death in absentia ... if they can find and identify you. (Sort of an anonymous Salmon Rushdie.) Start out assuming you need that level of security and go from there. But if someone has gone to the trouble of setting up a 'nym, then he probably perceives a need for more than just a casual level of security. --