Remailer Noise Traffic
-----BEGIN PGP SIGNED MESSAGE----- Is there some reason why lots of 'punks _aren't_ running a simple script that will, say, fire a message to one's self through a chain of remailers every time you log on or at random intervals or something? This may be an imerfect solution to the problem of traffic analysis, but it's so uncomplicated that there seems no reason not to do it. And if there were fifty or a hundred people or so making a practice of this, it seems to be agreed that the remailers would be a great deal more secure than they are now. This is a nice little opportunity for everybody to help out the remailer operators. God knows, this list seems to be capable of generating sufficient noise -- all we have to do is harness it :-). The question is, how much traffic is _too_ much? Recommendations from remailer people? -- Will -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLUZCnffv4TpIg2PxAQFYLgP8DihQb+OXI8kqYcjmt/KI/1XZ39CzSa/r 8Af74o33GUPjGLjtayWTqWFRZbjHMMhr9xH6bgtjUz2AxhrANoeZRHm9J7pkJchN oKwDryooOexlyO88quriQsMv8trlh7UEtWf1Ig4shSgVpJUMPDkad6LHVYk3fnFn 7Un2p6cYUKU= =e6+8 -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- W. Kinney writes :
Is there some reason why lots of 'punks _aren't_ running a simple script that will, say, fire a message to one's self through a chain of remailers every time you log on or at random intervals or something?
This approach hadn't occurred to me; I've been following the discussion on bogus remailer traffic from the perspective of 'How do we get the remailers to generate/manage their own 'noise' messages'. Give me some sort of script to run, and I'll run it on some oddball schedule if it will help. Things That Would Be Nice: 1) The script, incantation, or whatever should be easy for even Unix novices (*blush*) to implement without assistance. (Damned if I'm going to call System Administration and ask for help on something like this! :) ) 2) The script may need to incorporate some random element that changes the path through the remailers every now and then (If I *always* send a noise message from A to Q to X to Z, does this really help foil message analysis? Serious question- I have no idea.) 3) Some assurance that this will be a *quiet* process; that is, if one of the remailers barfs I don't care to have a bunch of wierd error messages routed to my postmaster. This may not be an issue; what I _don't_ know about e-mail would fill an encyclopedia. In short, if you can come up with a black box for me to run that helps your remailer traffic situation without (a) undue effort on my part and (b) undue risk to my account id, then I'll help you out. Strike a blow for blah, blah, and all that. - -- ........................................................................ Philippe D. Nave, Jr. | The person who does not use message encryption pdn@dwroll.dw.att.com | will soon be at the mercy of those who DO... Denver, Colorado USA | PGP public key: by arrangement. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLUbPRwvlW1K2YdE1AQFgcAQAh/Ac92usQSEpykV+UNrs6YKd4S0fO8Ba z3jEPXxuUSjeMJKoh7U013603kKhzd18EWdmNR+1icwsR8wc0rLQTcl6ky8wmOFw C4dh7pMn0Maq7Hnd+A0U0Fzk57peqD2QW86okc+FH7J6uTDe/DUyfn8dE9zSacD1 b0l1RMjDqqk= =/EvO -----END PGP SIGNATURE-----
Philippe Nave writes:
W. Kinney writes :
Is there some reason why lots of 'punks _aren't_ running a simple script that will, say, fire a message to one's self through a chain of remailers every time you log on or at random intervals or something?
Something to consider for this is Safe-Tcl and the proposed Enabled-Mail extension for MIME. Enabled-Mail will allow you to create a multi-part MIME message that contains a script to be executed in a safe interpreter at delivery-time (to the user's mailbox) or at read-time; one proposed use listed in the draft was to generate return-reciepts when mail had been delivered to the recipient. It would be quite trivial to adapt this system to send off an encapsulated message back through the remailers that would take a random path through the system and at the final remailer ask to be delivered to /dev/null. [...]
Things That Would Be Nice: 1) The script, incantation, or whatever should be easy for even Unix novices (*blush*) to implement without assistance. [...]
If/when enabled-mail is accepted as a part of the MIME standard it will become fairly transparent to the user and can be spread to more than just Unix hosts.
2) The script may need to incorporate some random element that changes the path through the remailers every now and then [...]
It would be trivial to have the remailer randomize the paths generated in the scripts it attaches to messages going out.
3) Some assurance that this will be a *quiet* process;
Again, this could be done by the script-generation process so that all error messages are pointed to the remailer. jim
In message <9401261719.AA27870@bogart.Colorado.EDU>, "W. Kinney" writes:
Is there some reason why lots of 'punks _aren't_ running a simple script that will, say, fire a message to one's self through a chain of remailers every time you log on or at random intervals or something?
This is a nice little opportunity for everybody to help out the remailer operators. God knows, this list seems to be capable of generating sufficient noise -- all we have to d is harness it :-). The question is, how much traffic is _too_ much? Recommendations from remailer people?
Greetings! We are the remailer people! We mean no harm to your net and its users. I have been toying with similar ideas for a while, and would like to start implementing this feature. My remailer can certainly afford to sendmail about 2000 times a day, which is at least 10 to 100 times the actual traffic. Actual traffic would be completely lost in a stream of noise. However, for this to be effective at all, it has to be all encrypted, so noise will be indistinguishible from signal. I am currently working on an alias remailer with lots of encryption. Because users are going to be required to run pgp, I might as well also require them to accept about 10 messages a day of noise, and run slocal or something like it to filter it out. They should also send me about 10 messages a day of noise, and I will certainly be implementing stuff to filter that out. I certanily wouldn't mind if people sent me a bunch of mail with Anon-Send-To: nobody@soda which will just go to /dev/null. If someone writes some scripts to send this mail automatically several times a day, go ahead and post it and run it, because that would be great. I might actually post such a script later on tonight. My soda remailer does not yet support encryption, so that will have to wait. Since this isn't going to be encrypted, I would recomend that you send mail that's slightly different each time, and includes lots of good keywords (cocaine, machine guns, environmentalism, bomb, allah, etc). e
participants (4)
-
Eric Hollander -
Jim McCoy -
Philippe Nave -
W. Kinney