more on security/obscurity/reality
I can understand Daniel Ray's proposing to keep a low profile in running remailers, using encryption and such. Pax was probably the highest profile service, at least in the Usenet groups I use, and look what happened to it. The problem is, how can a remailing service be secret? Its address has to be known in order for it to be used! The only way it could be secret that I can see would be for it to have only a small, select group of "clients" who use it, and who keep the address to themselves. But there is no such group; it's not like there's some kind of ring of privacy lovers out there who will want to use such services but who will be willing to keep the servers secret. If remailers are going to be useful, they _have_ to be public. People have to know how to reach them in order to use them. The real task, it seems to me, is to justify anonymous mail to the Internet public, so that people will not support these shutdowns, and, even better, so that people will routinely use encryption and even remailing when they communicate. Eric Hughes made the point here some time back that we should aim for a society where sending non-encrypted remail is considered rather eccentric: "What? You send your mail _exposed_? You don't mind if everyone reads it?" In the same way, sending mail in such a way that everyone can see who you are communicating with, and that everyone you send to can see your true address automatically, could become equally unusual. One other point I'd make regards the use of pseudonyms for replying. The Pax service created a pseudonym for each person who used the service which was put into the "From:" line of outgoing mail. Then people could reply to that pseudonym and it would go back to the original sender. The problem with this approach, as far as spreading remailers, is that you have to have privileges on your machine in order to create new user ID's. An individual user who doesn't own or run a machine is generally not able to create such pseudonyms. This means that the number of people who can run remailers which use such features is much smaller than the number who can run the simpler Cypherpunks remailers in their current versions. The Cypherpunks remailers do allow for anonymous return addresses, but they are quite cumbersome to use, not automatic like the Pax type. But they do have the advantage that anyone who has access to Unix, PGP and Perl can run them. This is probably a much larger population. Hal
On 15 Jan 1993, Hal wrote:
One other point I'd make regards the use of pseudonyms for replying. The Pax service created a pseudonym for each person who used the service which was put into the "From:" line of outgoing mail. Then people could reply to that pseudonym and it would go back to the original sender.
Does anyone have a copy of the software PAX used?
participants (2)
-
Al Billings
-
Hal