I have tried out the anonymous reply service at hal@alumni.caltech.com and I am very satisfied with the service, however I have a suggestion that will improve the security. The way it works now it is possible to link different messages that have the same originator, simply by comparing the return adress. Example I have a deal going with Bob and a different deal going with Alice, and it would be of my interest that Alice and Bob didnt know they where dealing with the same person. If a had given the the same Anonymous reply adress they could compare them and see that in fact they were dealing with the same person, thereby making it easier to trace me: Solutions: Use different remailers that have different public keys, or allow for a field of "random" i.e. different bytes so that if the return adress is identical the encoded block would be totally different. I have been aware of the need to make anonymous postings on the newsnet. I have made most of the neseccery softwar to allow for such a gateway, but it seems that the local system administartor is strongly opposed to the idea of the protection given by beeing anonymous. Such a gateway has an enourmous potential, and it is easy to see why some wouldn't like the idea. I have also been thinking about up such a gateway in my own name (i.e the anonymous postings would appear to come from me, with some sort of disclaimer) but I have so far been reluctant to take the risk of beeing identified with things that are none of my business. Any comments and suggestions would be appreciated.
participants (1)
-
VANGUARD@gribb.hsr.no