Re: anonymous remailers
-----BEGIN PGP SIGNED MESSAGE----- Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com> writes:
Charley Musselman writes:
Does anyone know the answer? Specifically, how can we choose a trusted remailer?
The answer is to run your own remailer. Make sure your chain includes your remailer at least once. If you can't trust yourself, who can you trust?
Ummm, if you run your own remailer, and don't get lots of people to use it, then traffic analysis will reveal that you are the sender quite quickly. It will pretty much make everything in the chain before your remiler useless. If you send your message through remailers a, b, c, and d like this: you -> a -> b -> c -> d -> alt.drugs.and-other-various-horsemen and only you use c, then your effective chain is: someone who could only be you -> d -> alt.drugs.and-other-various-horsemen This chain is weak indeed. Jer "standing on top of the world/ never knew how you never could/ never knew why you never could live/ innocent life that everyone did" -Wormhole -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBMvwyI8kz/YzIV3P5AQE6JgL/RJ9Y3GmZl2mQ0dK9tVtaZG7OW33xKHqV Ur9fQt3Yms19bCbq+bAWoeNC5ZPjXESCtGigPW3VmXVjCd4igPepk25dtzR1OcL+ In/0n9QcRqDvmupZFFdldY62orGQyVEm =JIWK -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- On Sat, 8 Feb 1997, Jeremiah A Blatz wrote:
Ummm, if you run your own remailer, and don't get lots of people to use it, then traffic analysis will reveal that you are the sender quite quickly. It will pretty much make everything in the chain before your remiler useless. If you send your message through remailers a, b, c, and d like this:
you -> a -> b -> c -> d -> alt.drugs.and-other-various-horsemen
and only you use c, then your effective chain is:
someone who could only be you -> d -> alt.drugs.and-other-various-horsemen
This is assuming that it is a reasonable assumption that all traffic going through remailer c originated from the owner. If there is one non-corrupt remailer in the chain before c, then this would not be a valid assumption because traffic from the owner would be indistinguishable from traffic sent by anyone else. If the remailer has low traffic, the solution is, of course, to make it higher traffic. Chain a bunch of messages that get sent to /dev/null through the remailers, being sure to include c somewhere in the middle of the chain. If Mixmaster is used, then it would be virtually impossible to differentiate between "real" messages and messages destined for /dev/null. It would be a little easier with Type I since the size of the ciphertext decreases after each hop. This all assumes that encryption is being used, of course. Mark -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQEVAwUBMvyzcCzIPc7jvyFpAQHRpQf+LusfAS8dhDczpYTHGjgIRo38gPHeDdVn +qmmikRNravoEiPD9GIrZ4OeYKOs6zykvhWuMoTtsVi/a7p1HZyWzl5A5KkxofUv nLOUoPriQ9Ps8fzc3B31G5nwj5d6Es7nnfZbGk1dV5KS5bN7fyu9umBeFiW7jNcj eTf8GmFH7Rxi5aoUc0uMMR/YffMNl0fHo+wooPNnTBMppLouTIr9iQdCxDOJ7eJc QAFyEXYWtRP8AqrnB0/pVAXUtrnui+Ev1waOkMYKbWuiQ8tkHbLAvcmpAVnD67jX 4f3ZQkhXG6C4VbYF3fTlL0ujZgRal0csG0X4u6x/5ID4Blle9hwtIQ== =BqMW -----END PGP SIGNATURE-----
participants (2)
-
Jeremiah A Blatz -
Mark M.