Well, I think I have deduced the identity of "Deadbeat" from his posting style. I don't think Julf should say who he is. This was an important demonstration of a weakness in the security of the remailers. The Penet remailer seems now to require a password for all messages; at least, I wasn't able to send to an5877@anon.penet.fi ("Deadbeat") without using my password. So chaining through Cypherpunks remailers to Penet would seem not to be possible now. Unless Eli's suggestion works - having our remailers put out a random "From:" line (perhaps just on mail to Penet?) might cause Penet to issue a new pseudonym for that apparent new user. This would be kind of wasteful from Penet's perspective - all those pseudonyms are never going to be re-used. But it might allow this form of chaining, without compromising the pseudonym of the remailer operator. (I had put my patch into the maildelivery file before Johan instituted his password system, when I realized this weakness existed. I forgot to mention it here at the time. My motivation was to protect my own Penet pseudonym.) Another possibility would be for there to be a command to Penet to allow users to send truly anonymous mail, mail which does not have a meaningful "From" line (and in particular which does not have the user's Penet pseudonym displayed as the "From" address). We could set our remailers to use that command for any mail sent to Penet. Mail sent with that command would not need a password. This would be an alternative way for users to deal with some of the other attacks, such as the one Deadbeat demonstrated. Hal P.S. - My, the list has sure been lively today. Looks like we beat Extropians again on volume!
Well, I think I have deduced the identity of "Deadbeat" from his posting style. I don't think Julf should say who he is. This was an important demonstration of a weakness in the security of the remailers.
Definitely!
The Penet remailer seems now to require a password for all messages; at least, I wasn't able to send to an5877@anon.penet.fi ("Deadbeat") without using my password. So chaining through Cypherpunks remailers to Penet would seem not to be possible now.
Unless you include your password in the message! Remember that anon.penet.fi can pick up the X-Anon-To: and X-Anon-Password: lines from the start of the message text - they don't have to be header fields.
Unless Eli's suggestion works - having our remailers put out a random "From:" line (perhaps just on mail to Penet?) might cause Penet to issue a new pseudonym for that apparent new user. This would be kind of wasteful from Penet's perspective - all those pseudonyms are never going to be re-used. But it might allow this form of chaining, without compromising the pseudonym of the remailer operator.
The social implications are more important.
Another possibility would be for there to be a command to Penet to allow users to send truly anonymous mail, mail which does not have a meaningful "From" line (and in particular which does not have the user's Penet pseudonym displayed as the "From" address). We could set our remailers to use that command for any mail sent to Penet. Mail sent with that command would not need a password. This would be an alternative way for users to deal with some of the other attacks, such as the one Deadbeat demonstrated.
I repeat: for general postings, we have to come up with a way to provide anonymity while retaining a return path. Otherwise chaos ensues, just look at the most blatant misuses of anon postings witnessed recently!
P.S. - My, the list has sure been lively today. Looks like we beat Extropians again on volume!
Yeah... Haven't ben able to get away from my machine to have my morning shower yet (it's 10:30am in Finland). Julf
participants (2)
-
Hal
-
Johan Helsingius