While writing some appropriate paranoia for a canned response to remailer info requests, I realized that running a remailer is a perfect prelude to blackmail. An unscrupulous person running a remailer can obviously keep records of truenames, along with messages that their senders do not want associated with them. Making use of this information could involve a scenario to the crypto-extortion previously discussed, but blackmail would be far more believable than anonymous threats. Alternatively, the blackmailer could be low-tech and resort to present techniques. Always encrypting helps with mail, but not with news. PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu
Eli Brandt writes:
An unscrupulous person running a remailer can obviously keep records of truenames, along with messages that their senders do not want associated with them.
Always encrypting helps with mail, but not with news.
If you don't trust your remailer operator, use more than one. This is the whole point of multiple chainings. A single point failure can be any number of different threats: blackmail, coerced disclosure by threat of violence, compromised equipment. All of these can be defended against by making a system proof against single point failure. For posting to news, one should always use two hops. The first destroys any the identity of the poster and the second one decrypts it for transmission. Both hops are encrypted, but the second relay sees the plaintext and cannot link it to anyone because the first relay is anonymous. Eric
participants (2)
-
Eli Brandt -
Eric Hughes