-----BEGIN PGP SIGNED MESSAGE----- In the wake of the forced demise of penet.fi, Dave del Torto said: >>> The anonymous service at anon.penet.fi has been closed down. This is a dark day indeed. The forces of Repression are upon us yet again. OK, where do we set up the next one? I guess the solution here is to have a floating set of difficult-to-detect anon remailers and switch between them regularly. I have an idea for making remailers more difficult to find. This applies only to systems where the remailer operator owns the system, such as at wimsey.com. (But a "system" can be just a PC/XT with hard disk and modem - maybe under $1000). Where the remailer operator controls the system, it's easy to "forge" net headers. The problem is that once you send mail, other systems are going to add "Received:" lines to the net headers that point back to you. I don't know how to stop this once the mail leaves your control. But it should be possible to add -extra- "Received:" headers, indicating you received the message from some system "behind" you. Should the "net police" trace an "offensive" message back to you, you can point to the added net headers and say, "Oh, but this came from -him-, not -me-; -I'm- just an innocent forwarder (not remailer) of this message. That SOB down at the end there must be running one of those infernal remailers; Go get him!!" By the way, these phony added headers should all have -real- system names. It's fairly easy to trace messages along the "mainline" internet, because those are all "hard-wired" leased lines. But there's another class of system called UUCP which sends and receives messages over the - -switched- network (ordinary dialup telephone lines). Many of the mainline systems accept UUCP accounts, so UUCP systems usually have the same internet connectivity as the mainline systems for E-mail. (They can't do FTP and Telnet). Furthermore, UUCP systems can allow other systems UUCP accounts, creating long chains over the dial-up net. Furthermore, a UUCP system can be set up with a minimal investment in hardware. A single hardware system can be -many- different UUCP "systems" by just dialing into different UUCP "accounts". A good strategy is to accept mail for remailing at one well-publicized UUCP address, but -never- use that same account for -sending- remailed mail. Just use one of several -other- UUCP accounts for that, adding phony "From:" and "Received:" net headers as explained above. Be generous in accepting UUCP accounts from other systems; don't take too much trouble verifying the registration info they give you. Once they've been on a while, start using their names in the phony "Received:" headers you generate. Well, I'm not an expert on either the net or the "Waffle" software used to run small UUCP systems (like this one). But perhaps the above ideas will prove useful to those of you who are. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7RidN4nNf3ah8DHAQG1/AP/dphEH+j0pou/jZ86PhQEffyVyzcHBm0A lwEnJFhX7RXx3l4RNlhv9dTRwQwaQPiaZ7qfWhdtqIsWwBSD39krfv7RwZDVI6Rs nuzE67BvLljl4N1rEqUdW/ln3gFvUBo/ud+b3DBFJFZEOMRPJFFkE5hux5RBxG+N wk3X28rUUM8= =BVPy -----END PGP SIGNATURE----- -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca
Edgar writes:
I have an idea for making remailers more difficult to find. [added extra Received: fields to obscure the actual origin]
I do not think that any solution which requires deception in order to work is a good solution for creating a social agreement. We should implement systems that are upfront about their activity. We wish to say "I am protecting the privacy of others, and in doing so I am protecting my own." We do not wish to say "Who, me?" and be roundly disbelieved. Eric
-----BEGIN PGP SIGNED MESSAGE----- edgar@spectrx.Saigon.COM (Edgar W. Swank) writes:
I have an idea for making remailers more difficult to find. This applies only to systems where the remailer operator owns the system, such as at wimsey.com. (But a "system" can be just
Make that "extropia.wimsey.com". "wimsey.com" is my feed. - -- Miron Cuperman <miron@extropia.wimsey.com> | NeXTmail/Mime ok <miron@cs.sfu.ca> | Public key avail AMIX: MCuperman | PSM 18Mar93 0/0 Laissez faire, laissez passer. Le monde va de lui meme. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7YpDpNxvvA36ONDAQH6TQP+MvdAXTKDqzDgKJVHgsw5qBab+SEYsYRh ohCmrAkY5Y+N7RFRuwIv1COiE8Z9o67SYLWZ+yxCrBjF9SM2gAPlxIRCy/sK7BjZ /x5t7Znhhip1ihkh8lAqV6VHPz4L692x7j0yT2L8yAD89Yw6fA+ypSE7SAMHikL/ 9D8RdipXrXA= =CBh9 -----END PGP SIGNATURE-----
participants (3)
-
edgar@spectrx.Saigon.COM
-
Eric Hughes
-
miron@extropia.wimsey.com